use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditingHelper method verifyAuditing.
public void verifyAuditing(String actor, String path, int statusCode, List<EventAuditRecordParameters> eventAuditRecordParametersList) {
RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(requestAuditRecord.getPath(), equalTo(path));
assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
List<EventAuditRecord> eventAuditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
assertThat(eventAuditRecords, hasSize(greaterThanOrEqualTo(eventAuditRecordParametersList.size())));
boolean expectedSuccess = HttpStatus.valueOf(statusCode).is2xxSuccessful();
assertThat(eventAuditRecords.subList(0, eventAuditRecordParametersList.size()), containsInAnyOrder(eventAuditRecordParametersList.stream().map(parameters -> matchesExpectedEvent(parameters, actor, expectedSuccess, requestAuditRecord.getUuid())).collect(Collectors.toList())));
}
use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditOAuth2AuthenticationExceptionHandlerTest method whenTheTokenIsValid_logsTheCorrectExceptionToTheDatabase.
@Test
public void whenTheTokenIsValid_logsTheCorrectExceptionToTheDatabase() throws Exception {
mockMvc.perform(get(CREDENTIAL_URL).header("Authorization", "Bearer " + AuthConstants.INVALID_JSON_JWT).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
request.setRemoteAddr("99.99.99.99");
return request;
}));
AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
assertThat(auditRecord.getAuthMethod(), equalTo(UserContext.AUTH_METHOD_UAA));
assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
assertThat(auditRecord.getRequesterIp(), equalTo("99.99.99.99"));
assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
assertThat(auditRecord.getFailureDescription(), equalTo("Cannot convert access token to JSON"));
assertThat(auditRecord.getUserId(), equalTo(null));
assertThat(auditRecord.getUserName(), equalTo(null));
assertThat(auditRecord.getUaaUrl(), equalTo(null));
assertThat(auditRecord.getAuthValidFrom(), equalTo(-1L));
assertThat(auditRecord.getAuthValidUntil(), equalTo(-1L));
assertThat(auditRecord.getClientId(), equalTo(null));
assertThat(auditRecord.getScope(), equalTo(null));
assertThat(auditRecord.getGrantType(), equalTo(null));
assertThat(auditRecord.getMethod(), equalTo("GET"));
assertThat(auditRecord.getStatusCode(), equalTo(401));
}
use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditOAuth2AuthenticationExceptionHandlerTest method whenThereIsNoToken_logsTheCorrectExceptionToTheDatabase.
@Test
public void whenThereIsNoToken_logsTheCorrectExceptionToTheDatabase() throws Exception {
mockMvc.perform(get(CREDENTIAL_URL).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
request.setRemoteAddr("12346");
return request;
}));
AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(auditRecord.getNow(), equalTo(NOW));
assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
assertThat(auditRecord.getAuthMethod(), equalTo(UserContext.AUTH_METHOD_UAA));
assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
assertThat(auditRecord.getRequesterIp(), equalTo("12346"));
assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
assertThat(auditRecord.getFailureDescription(), equalTo("Full authentication is required to access this resource"));
assertThat(auditRecord.getUserId(), nullValue());
assertThat(auditRecord.getUserName(), nullValue());
assertThat(auditRecord.getUaaUrl(), nullValue());
assertThat(auditRecord.getAuthValidFrom(), equalTo(-1L));
assertThat(auditRecord.getAuthValidUntil(), equalTo(-1L));
assertThat(auditRecord.getClientId(), equalTo(null));
assertThat(auditRecord.getScope(), equalTo(null));
assertThat(auditRecord.getGrantType(), equalTo(null));
assertThat(auditRecord.getMethod(), equalTo("GET"));
assertThat(auditRecord.getStatusCode(), equalTo(401));
}
use of org.springframework.data.domain.Sort.Direction.DESC in project credhub by cloudfoundry-incubator.
the class AuditOAuth2AuthenticationExceptionHandlerTest method whenTheTokenHasExpired_savesTheCorrectExceptionToTheDatabase.
@Test
public void whenTheTokenHasExpired_savesTheCorrectExceptionToTheDatabase() throws Exception {
mockMvc.perform(get(CREDENTIAL_URL).header("Authorization", "Bearer " + AuthConstants.EXPIRED_KEY_JWT).header("X-Forwarded-For", "1.1.1.1,2.2.2.2").accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).with(request -> {
request.setRemoteAddr("99.99.99.99");
return request;
}));
AuthFailureAuditRecord auditRecord = authFailureAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(auditRecord.getNow(), equalTo(NOW));
assertThat(auditRecord.getPath(), equalTo(CREDENTIAL_URL_PATH));
assertThat(auditRecord.getQueryParameters(), equalTo("my_name=my_value"));
assertThat(auditRecord.getRequesterIp(), equalTo("99.99.99.99"));
assertThat(auditRecord.getXForwardedFor(), equalTo("1.1.1.1,2.2.2.2"));
assertThat(auditRecord.getFailureDescription(), equalTo("Access token expired"));
OAuth2AccessToken accessToken = tokenServices.readAccessToken(AuthConstants.EXPIRED_KEY_JWT);
Map<String, Object> additionalInformation = accessToken.getAdditionalInformation();
assertThat(auditRecord.getUserId(), equalTo(additionalInformation.get("user_id")));
assertThat(auditRecord.getUserName(), equalTo(additionalInformation.get("user_name")));
assertThat(auditRecord.getUaaUrl(), equalTo(additionalInformation.get("iss")));
assertThat(auditRecord.getAuthValidFrom(), // 1469051704L
equalTo(((Number) additionalInformation.get("iat")).longValue()));
assertThat(auditRecord.getAuthValidUntil(), // 1469051824L
equalTo(accessToken.getExpiration().toInstant().getEpochSecond()));
assertThat(auditRecord.getClientId(), equalTo("credhub_cli"));
assertThat(auditRecord.getScope(), equalTo("credhub.write,credhub.read"));
assertThat(auditRecord.getGrantType(), equalTo("password"));
assertThat(auditRecord.getMethod(), equalTo("GET"));
assertThat(auditRecord.getStatusCode(), equalTo(401));
}
Aggregations