Example 1 with DESC
use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditingHelper method verifyAuditing.
public void verifyAuditing(String actor, String path, int statusCode, List<EventAuditRecordParameters> eventAuditRecordParametersList) {
RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(requestAuditRecord.getPath(), equalTo(path));
assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
List<EventAuditRecord> eventAuditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
assertThat(eventAuditRecords, hasSize(greaterThanOrEqualTo(eventAuditRecordParametersList.size())));
boolean expectedSuccess = HttpStatus.valueOf(statusCode).is2xxSuccessful();
assertThat(eventAuditRecords.subList(0, eventAuditRecordParametersList.size()), containsInAnyOrder(eventAuditRecordParametersList.stream().map(parameters -> matchesExpectedEvent(parameters, actor, expectedSuccess, requestAuditRecord.getUuid())).collect(Collectors.toList())));
}
Also used :
Description(org.hamcrest.Description)
Matchers.greaterThanOrEqualTo(org.hamcrest.Matchers.greaterThanOrEqualTo)
IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo)
EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord)
UUID(java.util.UUID)
StringUtils(org.apache.commons.lang3.StringUtils)
Collectors(java.util.stream.Collectors)
BaseMatcher(org.hamcrest.BaseMatcher)
HttpStatus(org.springframework.http.HttpStatus)
List(java.util.List)
EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters)
RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord)
Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder)
AuditingOperationCode(org.cloudfoundry.credhub.audit.AuditingOperationCode)
Matcher(org.hamcrest.Matcher)
RequestAuditRecordRepository(org.cloudfoundry.credhub.repository.RequestAuditRecordRepository)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
Sort(org.springframework.data.domain.Sort)
EventAuditRecordRepository(org.cloudfoundry.credhub.repository.EventAuditRecordRepository)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
DESC(org.springframework.data.domain.Sort.Direction.DESC)
EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord)
RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord)
Sort(org.springframework.data.domain.Sort)
Example 2 with DESC
use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditOAuth2AuthenticationExceptionHandlerTest method whenTheTokenIsValid_logsTheCorrectExceptionToTheDatabase.
@Test
public void whenTheTokenIsValid_logsTheCorrectExceptionToTheDatabase() throws Exception {
mockMvc.perform(get(CREDENTIAL_URL).header("Authorization", "Bearer " + AuthConstants.INVALID_JSON_JWT).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
request.setRemoteAddr("99.99.99.99");
return request;
}));
AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
assertThat(auditRecord.getAuthMethod(), equalTo(UserContext.AUTH_METHOD_UAA));
assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
assertThat(auditRecord.getRequesterIp(), equalTo("99.99.99.99"));
assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
assertThat(auditRecord.getFailureDescription(), equalTo("Cannot convert access token to JSON"));
assertThat(auditRecord.getUserId(), equalTo(null));
assertThat(auditRecord.getUserName(), equalTo(null));
assertThat(auditRecord.getUaaUrl(), equalTo(null));
assertThat(auditRecord.getAuthValidFrom(), equalTo(-1L));
assertThat(auditRecord.getAuthValidUntil(), equalTo(-1L));
assertThat(auditRecord.getClientId(), equalTo(null));
assertThat(auditRecord.getScope(), equalTo(null));
assertThat(auditRecord.getGrantType(), equalTo(null));
assertThat(auditRecord.getMethod(), equalTo("GET"));
assertThat(auditRecord.getStatusCode(), equalTo(401));
}
Also used :
MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath)
RunWith(org.junit.runner.RunWith)
IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ActiveProfiles(org.springframework.test.context.ActiveProfiles)
MockMvc(org.springframework.test.web.servlet.MockMvc)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status)
AuthFailureAuditRecordRepository(org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository)
MockMvcBuilders(org.springframework.test.web.servlet.setup.MockMvcBuilders)
Map(java.util.Map)
Sort(org.springframework.data.domain.Sort)
SpringRunner(org.springframework.test.context.junit4.SpringRunner)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
DatabaseProfileResolver(org.cloudfoundry.credhub.util.DatabaseProfileResolver)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
Before(org.junit.Before)
MockBean(org.springframework.boot.test.mock.mockito.MockBean)
MediaType(org.springframework.http.MediaType)
WebApplicationContext(org.springframework.web.context.WebApplicationContext)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
CurrentTimeProvider(org.cloudfoundry.credhub.util.CurrentTimeProvider)
Instant(java.time.Instant)
ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices)
SecurityMockMvcConfigurers.springSecurity(org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)
AuthConstants(org.cloudfoundry.credhub.util.AuthConstants)
MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get)
DESC(org.springframework.data.domain.Sort.Direction.DESC)
Transactional(org.springframework.transaction.annotation.Transactional)
AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)
Sort(org.springframework.data.domain.Sort)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 3 with DESC
use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditOAuth2AuthenticationExceptionHandlerTest method whenThereIsNoToken_logsTheCorrectExceptionToTheDatabase.
@Test
public void whenThereIsNoToken_logsTheCorrectExceptionToTheDatabase() throws Exception {
mockMvc.perform(get(CREDENTIAL_URL).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
request.setRemoteAddr("12346");
return request;
}));
AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(auditRecord.getNow(), equalTo(NOW));
assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
assertThat(auditRecord.getAuthMethod(), equalTo(UserContext.AUTH_METHOD_UAA));
assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
assertThat(auditRecord.getRequesterIp(), equalTo("12346"));
assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
assertThat(auditRecord.getFailureDescription(), equalTo("Full authentication is required to access this resource"));
assertThat(auditRecord.getUserId(), nullValue());
assertThat(auditRecord.getUserName(), nullValue());
assertThat(auditRecord.getUaaUrl(), nullValue());
assertThat(auditRecord.getAuthValidFrom(), equalTo(-1L));
assertThat(auditRecord.getAuthValidUntil(), equalTo(-1L));
assertThat(auditRecord.getClientId(), equalTo(null));
assertThat(auditRecord.getScope(), equalTo(null));
assertThat(auditRecord.getGrantType(), equalTo(null));
assertThat(auditRecord.getMethod(), equalTo("GET"));
assertThat(auditRecord.getStatusCode(), equalTo(401));
}
Also used :
MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath)
RunWith(org.junit.runner.RunWith)
IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ActiveProfiles(org.springframework.test.context.ActiveProfiles)
MockMvc(org.springframework.test.web.servlet.MockMvc)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status)
AuthFailureAuditRecordRepository(org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository)
MockMvcBuilders(org.springframework.test.web.servlet.setup.MockMvcBuilders)
Map(java.util.Map)
Sort(org.springframework.data.domain.Sort)
SpringRunner(org.springframework.test.context.junit4.SpringRunner)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
DatabaseProfileResolver(org.cloudfoundry.credhub.util.DatabaseProfileResolver)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
Before(org.junit.Before)
MockBean(org.springframework.boot.test.mock.mockito.MockBean)
MediaType(org.springframework.http.MediaType)
WebApplicationContext(org.springframework.web.context.WebApplicationContext)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
CurrentTimeProvider(org.cloudfoundry.credhub.util.CurrentTimeProvider)
Instant(java.time.Instant)
ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices)
SecurityMockMvcConfigurers.springSecurity(org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)
AuthConstants(org.cloudfoundry.credhub.util.AuthConstants)
MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get)
DESC(org.springframework.data.domain.Sort.Direction.DESC)
Transactional(org.springframework.transaction.annotation.Transactional)
AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)
Sort(org.springframework.data.domain.Sort)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 4 with DESC
use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditOAuth2AuthenticationExceptionHandlerTest method whenTheTokenHasExpired_savesTheCorrectExceptionToTheDatabase.
@Test
public void whenTheTokenHasExpired_savesTheCorrectExceptionToTheDatabase() throws Exception {
mockMvc.perform(get(CREDENTIAL_URL).header("Authorization", "Bearer " + AuthConstants.EXPIRED_KEY_JWT).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
request.setRemoteAddr("99.99.99.99");
return request;
}));
AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(auditRecord.getNow(), equalTo(NOW));
assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
assertThat(auditRecord.getRequesterIp(), equalTo("99.99.99.99"));
assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
assertThat(auditRecord.getFailureDescription(), equalTo("Access token expired"));
OAuth2AccessToken accessToken = tokenServices.readAccessToken(AuthConstants.EXPIRED_KEY_JWT);
Map<String, Object> additionalInformation = accessToken.getAdditionalInformation();
assertThat(auditRecord.getUserId(), equalTo(additionalInformation.get("user_id")));
assertThat(auditRecord.getUserName(), equalTo(additionalInformation.get("user_name")));
assertThat(auditRecord.getUaaUrl(), equalTo(additionalInformation.get("iss")));
assertThat(auditRecord.getAuthValidFrom(), // 1469051704L
equalTo(((Number) additionalInformation.get("iat")).longValue()));
assertThat(auditRecord.getAuthValidUntil(), // 1469051824L
equalTo(accessToken.getExpiration().toInstant().getEpochSecond()));
assertThat(auditRecord.getClientId(), equalTo("credhub_cli"));
assertThat(auditRecord.getScope(), equalTo("credhub.write,credhub.read"));
assertThat(auditRecord.getGrantType(), equalTo("password"));
assertThat(auditRecord.getMethod(), equalTo("GET"));
assertThat(auditRecord.getStatusCode(), equalTo(401));
}
Also used :
MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath)
RunWith(org.junit.runner.RunWith)
IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ActiveProfiles(org.springframework.test.context.ActiveProfiles)
MockMvc(org.springframework.test.web.servlet.MockMvc)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status)
AuthFailureAuditRecordRepository(org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository)
MockMvcBuilders(org.springframework.test.web.servlet.setup.MockMvcBuilders)
Map(java.util.Map)
Sort(org.springframework.data.domain.Sort)
SpringRunner(org.springframework.test.context.junit4.SpringRunner)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
DatabaseProfileResolver(org.cloudfoundry.credhub.util.DatabaseProfileResolver)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
Before(org.junit.Before)
MockBean(org.springframework.boot.test.mock.mockito.MockBean)
MediaType(org.springframework.http.MediaType)
WebApplicationContext(org.springframework.web.context.WebApplicationContext)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
CurrentTimeProvider(org.cloudfoundry.credhub.util.CurrentTimeProvider)
Instant(java.time.Instant)
ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices)
SecurityMockMvcConfigurers.springSecurity(org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)
AuthConstants(org.cloudfoundry.credhub.util.AuthConstants)
MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get)
DESC(org.springframework.data.domain.Sort.Direction.DESC)
Transactional(org.springframework.transaction.annotation.Transactional)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
AuthFailureAuditRecord(org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)
Sort(org.springframework.data.domain.Sort)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Aggregations
MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)4
IsEqual.equalTo (org.hamcrest.core.IsEqual.equalTo)4
Sort (org.springframework.data.domain.Sort)4
DESC (org.springframework.data.domain.Sort.Direction.DESC)4
Instant (java.time.Instant)3
Map (java.util.Map)3
AuthFailureAuditRecord (org.cloudfoundry.credhub.entity.AuthFailureAuditRecord)3
AuthFailureAuditRecordRepository (org.cloudfoundry.credhub.repository.AuthFailureAuditRecordRepository)3
AuthConstants (org.cloudfoundry.credhub.util.AuthConstants)3
CurrentTimeProvider (org.cloudfoundry.credhub.util.CurrentTimeProvider)3
DatabaseProfileResolver (org.cloudfoundry.credhub.util.DatabaseProfileResolver)3
CoreMatchers.nullValue (org.hamcrest.CoreMatchers.nullValue)3
Before (org.junit.Before)3
Test (org.junit.Test)3
RunWith (org.junit.runner.RunWith)3
Mockito.when (org.mockito.Mockito.when)3
Autowired (org.springframework.beans.factory.annotation.Autowired)3
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3
MockBean (org.springframework.boot.test.mock.mockito.MockBean)3
MediaType (org.springframework.http.MediaType)3
