add tests and examples for accessing SecurityContext

Related to pac4j#32

src/main/java/org/pac4j/jax/rs/pac4j/JaxRsProfileManager.java

@@ -61,7 +61,7 @@ public void logout() {
         }
     }
 
-    private static class Pac4JSecurityContext implements SecurityContext {
+    public static class Pac4JSecurityContext implements SecurityContext {
 
         private final SecurityContext original;
 

src/test/java/org/pac4j/jax/rs/AbstractTest.java

@@ -131,6 +131,16 @@ public void proxiedClassLevelDirectFail() {
         assertThat(direct.getStatus()).isEqualTo(401);
     }
 
+    @Test
+    public void directContext() {
+        Form form = new Form();
+        form.param("username", "foo");
+        form.param("password", "foo");
+        final String ok = container.getTarget("/directContext").request()
+                .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE), String.class);
+        assertThat(ok).isEqualTo("ok");
+    }
+
     @Test
     public void directInject() {
         Form form = new Form();
@@ -198,4 +208,14 @@ public void directResponseHeadersSet() {
         assertThat(ok.readEntity(String.class)).isEqualTo("ok");
         assertThat(ok.getHeaderString("X-Content-Type-Options")).isEqualTo("nosniff");
     }
+
+    @Test
+    public void containerSpecificContext() {
+        Form form = new Form();
+        form.param("username", "foo");
+        form.param("password", "foo");
+        final String ok = container.getTarget("/containerSpecific/context").request()
+                .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE), String.class);
+        assertThat(ok).isEqualTo("ok");
+    }
 }

src/test/java/org/pac4j/jax/rs/resources/JerseyResource.java

@@ -0,0 +1,33 @@
+package org.pac4j.jax.rs.resources;
+
+import javax.inject.Inject;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.core.SecurityContext;
+
+import org.pac4j.core.context.DefaultAuthorizers;
+import org.pac4j.jax.rs.annotations.Pac4JSecurity;
+import org.pac4j.jax.rs.pac4j.JaxRsProfileManager.Pac4JSecurityContext;
+
+@Path("/containerSpecific")
+public class JerseyResource {
+
+    @Inject ContainerRequestContext requestContext;
+
+    @POST
+    @Path("/context")
+    @Pac4JSecurity(clients = "DirectFormClient", authorizers = DefaultAuthorizers.IS_AUTHENTICATED)
+    public String directContext() {
+        SecurityContext context = requestContext.getSecurityContext();
+        if (context != null) {
+            if (context instanceof Pac4JSecurityContext) {
+                return "ok";
+            } else {
+                return "fail";
+            }
+        } else {
+            return "error";
+        }
+    }
+}

src/test/java/org/pac4j/jax/rs/resources/RestEasyResource.java

@@ -0,0 +1,30 @@
+package org.pac4j.jax.rs.resources;
+
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.core.SecurityContext;
+
+import org.jboss.resteasy.spi.ResteasyProviderFactory;
+import org.pac4j.core.context.DefaultAuthorizers;
+import org.pac4j.jax.rs.annotations.Pac4JSecurity;
+import org.pac4j.jax.rs.pac4j.JaxRsProfileManager.Pac4JSecurityContext;
+
+@Path("/containerSpecific")
+public class RestEasyResource {
+
+    @POST
+    @Path("/context")
+    @Pac4JSecurity(clients = "DirectFormClient", authorizers = DefaultAuthorizers.IS_AUTHENTICATED)
+    public String directContext() {
+        SecurityContext context = ResteasyProviderFactory.getContextData(SecurityContext.class);
+        if (context != null) {
+            if (context instanceof Pac4JSecurityContext) {
+                return "ok";
+            } else {
+                return "fail";
+            }
+        } else {
+            return "error";
+        }
+    }
+}

src/test/java/org/pac4j/jax/rs/resources/TestResource.java

@@ -5,6 +5,8 @@
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
 import javax.ws.rs.Path;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.SecurityContext;
 
 import org.pac4j.core.authorization.authorizer.Authorizer;
 import org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer;
@@ -15,6 +17,7 @@
 import org.pac4j.jax.rs.annotations.Pac4JProfile;
 import org.pac4j.jax.rs.annotations.Pac4JProfileManager;
 import org.pac4j.jax.rs.annotations.Pac4JSecurity;
+import org.pac4j.jax.rs.pac4j.JaxRsProfileManager.PrincipalImpl;
 
 /**
  * This contains only session-less interactions
@@ -59,6 +62,21 @@ public String directInject(@Pac4JProfile(readFromSession = false) CommonProfile
         }
     }
 
+    @POST
+    @Path("directContext")
+    @Pac4JSecurity(clients = "DirectFormClient", authorizers = DefaultAuthorizers.IS_AUTHENTICATED)
+    public String directContext(@Context SecurityContext context) {
+        if (context != null) {
+            if (context.getUserPrincipal() instanceof PrincipalImpl) {
+                return "ok";
+            } else {
+                return "fail";
+            }
+        } else {
+            return "error";
+        }
+    }
+
     @GET
     @Path("directInjectNoAuth")
     public String directInjectNoAuth(@Pac4JProfile(readFromSession = false) CommonProfile profile) {

src/test/java/org/pac4j/jax/rs/rules/JerseyGrizzlyRule.java

@@ -1,13 +1,23 @@
 package org.pac4j.jax.rs.rules;
 
+import java.util.Set;
+
 import org.glassfish.jersey.server.ResourceConfig;
 import org.glassfish.jersey.test.DeploymentContext;
 import org.glassfish.jersey.test.grizzly.GrizzlyTestContainerFactory;
 import org.glassfish.jersey.test.spi.TestContainerFactory;
 import org.pac4j.jax.rs.grizzly.features.GrizzlyJaxRsContextFactoryProvider;
+import org.pac4j.jax.rs.resources.JerseyResource;
 
 public class JerseyGrizzlyRule extends JerseyRule implements SessionContainerRule {
 
+    @Override
+    public Set<Class<?>> getResources() {
+        Set<Class<?>> resources = SessionContainerRule.super.getResources();
+        resources.add(JerseyResource.class);
+        return resources;
+    }
+
     @Override
     protected TestContainerFactory getTestContainerFactory() {
         return new GrizzlyTestContainerFactory();

src/test/java/org/pac4j/jax/rs/rules/JerseyGrizzlyServletRule.java

@@ -1,20 +1,30 @@
 package org.pac4j.jax.rs.rules;
 
+import java.util.Set;
+
 import org.glassfish.jersey.server.ResourceConfig;
 import org.glassfish.jersey.servlet.ServletContainer;
 import org.glassfish.jersey.test.DeploymentContext;
 import org.glassfish.jersey.test.ServletDeploymentContext;
 import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory;
 import org.glassfish.jersey.test.spi.TestContainerFactory;
+import org.pac4j.jax.rs.resources.JerseyResource;
 import org.pac4j.jax.rs.servlet.features.ServletJaxRsContextFactoryProvider;
 
 public class JerseyGrizzlyServletRule extends JerseyRule implements SessionContainerRule {
 
+    @Override
+    public Set<Class<?>> getResources() {
+        Set<Class<?>> resources = SessionContainerRule.super.getResources();
+        resources.add(JerseyResource.class);
+        return resources;
+    }
+
     @Override
     protected TestContainerFactory getTestContainerFactory() {
         return new GrizzlyWebTestContainerFactory();
     }
-    
+
     @Override
     protected DeploymentContext configureDeployment(ResourceConfig config) {
         return ServletDeploymentContext.forServlet(new ServletContainer(config)).build();

src/test/java/org/pac4j/jax/rs/rules/JerseyInMemoryRule.java

@@ -1,13 +1,23 @@
 package org.pac4j.jax.rs.rules;
 
+import java.util.Set;
+
 import org.glassfish.jersey.server.ResourceConfig;
 import org.glassfish.jersey.test.DeploymentContext;
 import org.glassfish.jersey.test.inmemory.InMemoryTestContainerFactory;
 import org.glassfish.jersey.test.spi.TestContainerFactory;
 import org.pac4j.jax.rs.features.JaxRsContextFactoryProvider;
+import org.pac4j.jax.rs.resources.JerseyResource;
 
 public class JerseyInMemoryRule extends JerseyRule {
 
+    @Override
+    public Set<Class<?>> getResources() {
+        Set<Class<?>> resources = super.getResources();
+        resources.add(JerseyResource.class);
+        return resources;
+    }
+
     @Override
     protected TestContainerFactory getTestContainerFactory() {
         return new InMemoryTestContainerFactory();

src/test/java/org/pac4j/jax/rs/rules/RestEasyUndertowServletRule.java

@@ -18,6 +18,7 @@
 import org.junit.rules.ExternalResource;
 import org.pac4j.jax.rs.features.JaxRsConfigProvider;
 import org.pac4j.jax.rs.features.Pac4JSecurityFeature;
+import org.pac4j.jax.rs.resources.RestEasyResource;
 import org.pac4j.jax.rs.resteasy.features.Pac4JProfileInjectorFactory;
 import org.pac4j.jax.rs.servlet.features.ServletJaxRsContextFactoryProvider;
 
@@ -46,6 +47,13 @@ public Set<Object> getSingletons() {
         }
     }
 
+    @Override
+    public Set<Class<?>> getResources() {
+        Set<Class<?>> resources = SessionContainerRule.super.getResources();
+        resources.add(RestEasyResource.class);
+        return resources;
+    }
+
     @Override
     protected void before() throws Throwable {
         // Used by Jersey Client to store cookies