private Optional<HttpServletRequest> tryToGetAuthenticatedRequest(final HttpServletRequest request, final Credentials credentials) { try (final LDAPConnection ldap = ldapConnectionFactory.buildLdapConnection()) { for (String baseDN : ldapProperties.getBaseDn()) { final String userDN = userDnFrom(credentials, baseDN); try { if (authenticate(ldap, userDN, credentials.getPassword())) { return ldapProperties.getRoleBaseDn() != null ? Optional.of(new LdapRoleCheckingRequest(request, ldap, userDN, ldapProperties)) : Optional.of(request); } } catch (LDAPBindException e) { LOG.debug("LDAPBindException for userDN: {}", userDN); } } LOG.warn("Could not bind to LDAP: {}", credentials.getUsername()); } catch (LDAPException | GeneralSecurityException e) { LOG.warn("Authentication error: ", e); } return Optional.empty(); }
@Test public void shouldCheckUserRoles() throws LDAPException { final HttpServletRequest mockRequest = mock(HttpServletRequest.class); final LDAPInterface ldap = someLdapInterfaceReturning("foo", "bar"); final LdapRoleCheckingRequest request = new LdapRoleCheckingRequest(mockRequest, ldap, "uid=test", someLdapProperties()); assertThat(request.isUserInRole("foo")).isEqualTo(true); assertThat(request.isUserInRole("foobar")).isEqualTo(false); }
@Test public void shouldReturnUserRoles() throws LDAPException { final HttpServletRequest mockRequest = mock(HttpServletRequest.class); final LDAPInterface ldap = someLdapInterfaceReturning("foo"); final LdapRoleCheckingRequest request = new LdapRoleCheckingRequest(mockRequest, ldap, "uid=test", someLdapProperties()); assertThat(request.getRoles()).contains("foo"); }