Examples with AuthFailureAuditRecord org.cloudfoundry.credhub.entity.AuthFailureAuditRecord used on opensource projects

Search in sources :

Example 1 with AuthFailureAuditRecord

use of org.cloudfoundry.credhub.entity.AuthFailureAuditRecord in project credhub by cloudfoundry-incubator.

the class AuthFailureAuditRecordDataServiceTest method save_whenGivenARecord_savesTheRecord.

@Test
public void save_whenGivenARecord_savesTheRecord() {
    assertNotNull(record);
    List<AuthFailureAuditRecord> records = jdbcTemplate.query("select * from auth_failure_audit_record", (rs, rowCount) -> {
        AuthFailureAuditRecord r = new AuthFailureAuditRecord();
        r.setId(rs.getLong("id"));
        r.setFailureDescription(rs.getString("failure_description"));
        r.setHostName(rs.getString("host_name"));
        r.setNow(Instant.ofEpochMilli(rs.getLong("now")));
        r.setPath(rs.getString("path"));
        r.setRequesterIp(rs.getString("requester_ip"));
        r.setAuthValidUntil(rs.getLong("auth_valid_until"));
        r.setAuthValidFrom(rs.getLong("auth_valid_from"));
        r.setUaaUrl(rs.getString("uaa_url"));
        r.setUserId(rs.getString("user_id"));
        r.setUserName(rs.getString("user_name"));
        r.setXForwardedFor(rs.getString("x_forwarded_for"));
        r.setScope(rs.getString("scope"));
        r.setGrantType(rs.getString("grant_type"));
        r.setClientId(rs.getString("client_id"));
        r.setMethod(rs.getString("method"));
        r.setStatusCode(rs.getInt("status_code"));
        r.setQueryParameters(rs.getString("query_parameters"));
        return r;
    });
    assertThat(records.size(), equalTo(1));
    AuthFailureAuditRecord expected = records.get(0);
    AuthFailureAuditRecord actual = record;
    assertThat(expected.getId(), equalTo(actual.getId()));
    assertThat(expected.getFailureDescription(), equalTo(actual.getFailureDescription()));
    assertThat(expected.getHostName(), equalTo(actual.getHostName()));
    assertThat(expected.getNow(), equalTo(actual.getNow()));
    assertThat(expected.getNow(), equalTo(frozenTime));
    assertThat(expected.getPath(), equalTo(actual.getPath()));
    assertThat(expected.getRequesterIp(), equalTo(actual.getRequesterIp()));
    assertThat(expected.getAuthValidUntil(), equalTo(actual.getAuthValidUntil()));
    assertThat(expected.getAuthValidUntil(), equalTo(authValidUntil));
    assertThat(expected.getAuthValidFrom(), equalTo(actual.getAuthValidFrom()));
    assertThat(expected.getAuthValidFrom(), equalTo(authValidFrom));
    assertThat(expected.getUaaUrl(), equalTo(actual.getUaaUrl()));
    assertThat(expected.getUserId(), equalTo(actual.getUserId()));
    assertThat(expected.getUserName(), equalTo(actual.getUserName()));
    assertThat(expected.getXForwardedFor(), equalTo(actual.getXForwardedFor()));
    assertThat(expected.getScope(), equalTo(actual.getScope()));
    assertThat(expected.getGrantType(), equalTo(actual.getGrantType()));
    assertThat(expected.getClientId(), equalTo(actual.getClientId()));
    assertThat(expected.getMethod(), equalTo(actual.getMethod()));
    assertThat(expected.getStatusCode(), equalTo(actual.getStatusCode()));
    assertThat(expected.getQueryParameters(), equalTo(actual.getQueryParameters()));
}
Also used : AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord) Test(org.junit.Test) DataJpaTest(org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest)

Example 2 with AuthFailureAuditRecord

use of org.cloudfoundry.credhub.entity.AuthFailureAuditRecord in project credhub by cloudfoundry-incubator.

the class AuthFailureAuditRecordDataServiceTest method createAuthFailureAuditRecord.

AuthFailureAuditRecord createAuthFailureAuditRecord() {
    AuthFailureAuditRecord record = new AuthFailureAuditRecord();
    record.setAuthMethod(UserContext.AUTH_METHOD_UAA);
    record.setFailureDescription("it failed");
    record.setHostName("host.example.com");
    record.setNow(frozenTime);
    record.setPath("/api/some-path");
    record.setRequesterIp("127.0.0.1");
    record.setAuthValidUntil(authValidUntil);
    record.setAuthValidFrom(authValidFrom);
    record.setUaaUrl("https://uaa.example.com");
    record.setUserId("test-user-id");
    record.setUserName("test-user-name");
    record.setXForwardedFor("test-x-forwarded-for");
    record.setScope("test.scope");
    record.setGrantType("test-grant-type");
    record.setClientId("test-client-id");
    record.setMethod("GET");
    record.setStatusCode(HttpStatus.INTERNAL_SERVER_ERROR.value());
    record.setQueryParameters("query=param");
    return record;
}
Also used : AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)

Example 3 with AuthFailureAuditRecord

use of org.cloudfoundry.credhub.entity.AuthFailureAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditOAuth2AuthenticationExceptionHandlerTest method whenTheTokenIsValid_logsTheCorrectExceptionToTheDatabase.

@Test
public void whenTheTokenIsValid_logsTheCorrectExceptionToTheDatabase() throws Exception {
    mockMvc.perform(get(CREDENTIAL_URL).header("Authorization", "Bearer " + AuthConstants.INVALID_JSON_JWT).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
        request.setRemoteAddr("99.99.99.99");
        return request;
    }));
    AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
    assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
    assertThat(auditRecord.getAuthMethod(), equalTo(UserContext.AUTH_METHOD_UAA));
    assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
    assertThat(auditRecord.getRequesterIp(), equalTo("99.99.99.99"));
    assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
    assertThat(auditRecord.getFailureDescription(), equalTo("Cannot convert access token to JSON"));
    assertThat(auditRecord.getUserId(), equalTo(null));
    assertThat(auditRecord.getUserName(), equalTo(null));
    assertThat(auditRecord.getUaaUrl(), equalTo(null));
    assertThat(auditRecord.getAuthValidFrom(), equalTo(-1L));
    assertThat(auditRecord.getAuthValidUntil(), equalTo(-1L));
    assertThat(auditRecord.getClientId(), equalTo(null));
    assertThat(auditRecord.getScope(), equalTo(null));
    assertThat(auditRecord.getGrantType(), equalTo(null));
    assertThat(auditRecord.getMethod(), equalTo("GET"));
    assertThat(auditRecord.getStatusCode(), equalTo(401));
}
Also used : MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath) RunWith(org.junit.runner.RunWith) IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo) Autowired(org.springframework.beans.factory.annotation.Autowired) ActiveProfiles(org.springframework.test.context.ActiveProfiles) MockMvc(org.springframework.test.web.servlet.MockMvc) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) AuthFailureAuditRecordRepository(org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository) MockMvcBuilders(org.springframework.test.web.servlet.setup.MockMvcBuilders) Map(java.util.Map) Sort(org.springframework.data.domain.Sort) SpringRunner(org.springframework.test.context.junit4.SpringRunner) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) DatabaseProfileResolver(org.cloudfoundry.credhub.util.DatabaseProfileResolver) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) Before(org.junit.Before) MockBean(org.springframework.boot.test.mock.mockito.MockBean) MediaType(org.springframework.http.MediaType) WebApplicationContext(org.springframework.web.context.WebApplicationContext) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) CurrentTimeProvider(org.cloudfoundry.credhub.util.CurrentTimeProvider) Instant(java.time.Instant) ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices) SecurityMockMvcConfigurers.springSecurity(org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord) AuthConstants(org.cloudfoundry.credhub.util.AuthConstants) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) DESC(org.springframework.data.domain.Sort.Direction.DESC) Transactional(org.springframework.transaction.annotation.Transactional) AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord) Sort(org.springframework.data.domain.Sort) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 4 with AuthFailureAuditRecord

use of org.cloudfoundry.credhub.entity.AuthFailureAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditOAuth2AuthenticationExceptionHandlerTest method whenThereIsNoToken_logsTheCorrectExceptionToTheDatabase.

@Test
public void whenThereIsNoToken_logsTheCorrectExceptionToTheDatabase() throws Exception {
    mockMvc.perform(get(CREDENTIAL_URL).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
        request.setRemoteAddr("12346");
        return request;
    }));
    AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
    assertThat(auditRecord.getNow(), equalTo(NOW));
    assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
    assertThat(auditRecord.getAuthMethod(), equalTo(UserContext.AUTH_METHOD_UAA));
    assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
    assertThat(auditRecord.getRequesterIp(), equalTo("12346"));
    assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
    assertThat(auditRecord.getFailureDescription(), equalTo("Full authentication is required to access this resource"));
    assertThat(auditRecord.getUserId(), nullValue());
    assertThat(auditRecord.getUserName(), nullValue());
    assertThat(auditRecord.getUaaUrl(), nullValue());
    assertThat(auditRecord.getAuthValidFrom(), equalTo(-1L));
    assertThat(auditRecord.getAuthValidUntil(), equalTo(-1L));
    assertThat(auditRecord.getClientId(), equalTo(null));
    assertThat(auditRecord.getScope(), equalTo(null));
    assertThat(auditRecord.getGrantType(), equalTo(null));
    assertThat(auditRecord.getMethod(), equalTo("GET"));
    assertThat(auditRecord.getStatusCode(), equalTo(401));
}
Also used : MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath) RunWith(org.junit.runner.RunWith) IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo) Autowired(org.springframework.beans.factory.annotation.Autowired) ActiveProfiles(org.springframework.test.context.ActiveProfiles) MockMvc(org.springframework.test.web.servlet.MockMvc) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) AuthFailureAuditRecordRepository(org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository) MockMvcBuilders(org.springframework.test.web.servlet.setup.MockMvcBuilders) Map(java.util.Map) Sort(org.springframework.data.domain.Sort) SpringRunner(org.springframework.test.context.junit4.SpringRunner) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) DatabaseProfileResolver(org.cloudfoundry.credhub.util.DatabaseProfileResolver) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) Before(org.junit.Before) MockBean(org.springframework.boot.test.mock.mockito.MockBean) MediaType(org.springframework.http.MediaType) WebApplicationContext(org.springframework.web.context.WebApplicationContext) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) CurrentTimeProvider(org.cloudfoundry.credhub.util.CurrentTimeProvider) Instant(java.time.Instant) ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices) SecurityMockMvcConfigurers.springSecurity(org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord) AuthConstants(org.cloudfoundry.credhub.util.AuthConstants) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) DESC(org.springframework.data.domain.Sort.Direction.DESC) Transactional(org.springframework.transaction.annotation.Transactional) AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord) Sort(org.springframework.data.domain.Sort) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 5 with AuthFailureAuditRecord

use of org.cloudfoundry.credhub.entity.AuthFailureAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditOAuth2AuthenticationExceptionHandlerTest method whenTheTokenHasExpired_savesTheCorrectExceptionToTheDatabase.

@Test
public void whenTheTokenHasExpired_savesTheCorrectExceptionToTheDatabase() throws Exception {
    mockMvc.perform(get(CREDENTIAL_URL).header("Authorization", "Bearer " + AuthConstants.EXPIRED_KEY_JWT).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
        request.setRemoteAddr("99.99.99.99");
        return request;
    }));
    AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
    assertThat(auditRecord.getNow(), equalTo(NOW));
    assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
    assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
    assertThat(auditRecord.getRequesterIp(), equalTo("99.99.99.99"));
    assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
    assertThat(auditRecord.getFailureDescription(), equalTo("Access token expired"));
    OAuth2AccessToken accessToken = tokenServices.readAccessToken(AuthConstants.EXPIRED_KEY_JWT);
    Map<String, Object> additionalInformation = accessToken.getAdditionalInformation();
    assertThat(auditRecord.getUserId(), equalTo(additionalInformation.get("user_id")));
    assertThat(auditRecord.getUserName(), equalTo(additionalInformation.get("user_name")));
    assertThat(auditRecord.getUaaUrl(), equalTo(additionalInformation.get("iss")));
    assertThat(auditRecord.getAuthValidFrom(), // 1469051704L
    equalTo(((Number) additionalInformation.get("iat")).longValue()));
    assertThat(auditRecord.getAuthValidUntil(), // 1469051824L
    equalTo(accessToken.getExpiration().toInstant().getEpochSecond()));
    assertThat(auditRecord.getClientId(), equalTo("credhub_cli"));
    assertThat(auditRecord.getScope(), equalTo("credhub.write,credhub.read"));
    assertThat(auditRecord.getGrantType(), equalTo("password"));
    assertThat(auditRecord.getMethod(), equalTo("GET"));
    assertThat(auditRecord.getStatusCode(), equalTo(401));
}
Also used : MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath) RunWith(org.junit.runner.RunWith) IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo) Autowired(org.springframework.beans.factory.annotation.Autowired) ActiveProfiles(org.springframework.test.context.ActiveProfiles) MockMvc(org.springframework.test.web.servlet.MockMvc) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) AuthFailureAuditRecordRepository(org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository) MockMvcBuilders(org.springframework.test.web.servlet.setup.MockMvcBuilders) Map(java.util.Map) Sort(org.springframework.data.domain.Sort) SpringRunner(org.springframework.test.context.junit4.SpringRunner) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) DatabaseProfileResolver(org.cloudfoundry.credhub.util.DatabaseProfileResolver) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) Before(org.junit.Before) MockBean(org.springframework.boot.test.mock.mockito.MockBean) MediaType(org.springframework.http.MediaType) WebApplicationContext(org.springframework.web.context.WebApplicationContext) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) CurrentTimeProvider(org.cloudfoundry.credhub.util.CurrentTimeProvider) Instant(java.time.Instant) ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices) SecurityMockMvcConfigurers.springSecurity(org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord) AuthConstants(org.cloudfoundry.credhub.util.AuthConstants) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) DESC(org.springframework.data.domain.Sort.Direction.DESC) Transactional(org.springframework.transaction.annotation.Transactional) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord) Sort(org.springframework.data.domain.Sort) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

AuthFailureAuditRecord (org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)7 Test (org.junit.Test)4 Instant (java.time.Instant)3 Map (java.util.Map)3 AuthFailureAuditRecordRepository (org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository)3 AuthConstants (org.cloudfoundry.credhub.util.AuthConstants)3 CurrentTimeProvider (org.cloudfoundry.credhub.util.CurrentTimeProvider)3 DatabaseProfileResolver (org.cloudfoundry.credhub.util.DatabaseProfileResolver)3 CoreMatchers.nullValue (org.hamcrest.CoreMatchers.nullValue)3 MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)3 IsEqual.equalTo (org.hamcrest.core.IsEqual.equalTo)3 Before (org.junit.Before)3 RunWith (org.junit.runner.RunWith)3 Mockito.when (org.mockito.Mockito.when)3 Autowired (org.springframework.beans.factory.annotation.Autowired)3 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3 MockBean (org.springframework.boot.test.mock.mockito.MockBean)3 Sort (org.springframework.data.domain.Sort)3 DESC (org.springframework.data.domain.Sort.Direction.DESC)3 MediaType (org.springframework.http.MediaType)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial