use of com.auth0.flickr2.domain.User in project gravitee-management-rest-api by gravitee-io.
the class UserServiceTest method shouldUpdateUser_UpdateFields_And_CreateFields.
@Test
public void shouldUpdateUser_UpdateFields_And_CreateFields() throws Exception {
final String USER_ID = "userid";
User user = new User();
user.setId(USER_ID);
user.setSourceId("sourceId");
Date updatedAt = new Date(1234567890L);
user.setUpdatedAt(updatedAt);
user.setFirstname("john");
user.setLastname("doe");
user.setEmail("john.doe@mail.domain");
when(userRepository.findById(USER_ID)).thenReturn(of(user));
UpdateUserEntity toUpdate = new UpdateUserEntity();
toUpdate.setEmail(user.getEmail());
toUpdate.setFirstname(user.getFirstname());
toUpdate.setLastname(user.getLastname());
toUpdate.setCustomFields(Maps.<String, Object>builder().put("fieldToUpdate", "valueUpdated").put("fieldToCreate", "newValue").build());
UserMetadataEntity existingField = new UserMetadataEntity();
existingField.setValue("value1");
existingField.setUserId(USER_ID);
existingField.setFormat(MetadataFormat.STRING);
existingField.setName("fieldToUpdate");
existingField.setKey("fieldToUpdate");
when(userMetadataService.findAllByUserId(USER_ID)).thenReturn(Arrays.asList(existingField));
userService.update(USER_ID, toUpdate);
verify(userMetadataService).update(argThat(entity -> entity.getKey().equals(existingField.getKey()) && entity.getName().equals(existingField.getName()) && entity.getUserId().equals(existingField.getUserId()) && entity.getValue().equals(toUpdate.getCustomFields().get(existingField.getKey()))));
verify(userMetadataService).create(argThat(entity -> entity.getName().equals("fieldToCreate") && entity.getUserId().equals(existingField.getUserId()) && entity.getValue().equals(toUpdate.getCustomFields().get("fieldToCreate"))));
}
use of com.auth0.flickr2.domain.User in project gravitee-management-rest-api by gravitee-io.
the class UserServiceTest method shouldCreateNewUserWithGroupsMappingFromUserInfo.
@Test
public void shouldCreateNewUserWithGroupsMappingFromUserInfo() throws IOException, TechnicalException {
reset(identityProvider, userRepository, groupService, roleService, membershipService);
mockDefaultEnvironment();
mockGroupsMapping();
mockRolesMapping();
User createdUser = mockUser();
when(userRepository.create(any(User.class))).thenReturn(createdUser);
when(identityProvider.getId()).thenReturn("oauth2");
when(userRepository.findBySource("oauth2", "janedoe@example.com", ORGANIZATION)).thenReturn(Optional.empty());
// mock group search and association
when(groupService.findById("Example group")).thenReturn(mockGroupEntity("group_id_1", "Example group"));
when(groupService.findById("soft user")).thenReturn(mockGroupEntity("group_id_2", "soft user"));
when(groupService.findById("Api consumer")).thenReturn(mockGroupEntity("group_id_4", "Api consumer"));
// mock role search
RoleEntity roleOrganizationAdmin = mockRoleEntity(RoleScope.ORGANIZATION, "ADMIN");
RoleEntity roleOrganizationUser = mockRoleEntity(RoleScope.ORGANIZATION, "USER");
RoleEntity roleEnvironmentAdmin = mockRoleEntity(RoleScope.ENVIRONMENT, "ADMIN");
RoleEntity roleApiUser = mockRoleEntity(RoleScope.API, "USER");
RoleEntity roleApplicationAdmin = mockRoleEntity(RoleScope.APPLICATION, "ADMIN");
when(roleService.findByScopeAndName(RoleScope.ORGANIZATION, "ADMIN")).thenReturn(Optional.of(roleOrganizationAdmin));
when(roleService.findByScopeAndName(RoleScope.ORGANIZATION, "USER")).thenReturn(Optional.of(roleOrganizationUser));
when(roleService.findDefaultRoleByScopes(RoleScope.API, RoleScope.APPLICATION)).thenReturn(Arrays.asList(roleApiUser, roleApplicationAdmin));
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_1")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_2")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_4")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.ORGANIZATION, "DEFAULT")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "ADMIN")) && roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "USER"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
String userInfo = IOUtils.toString(read("/oauth2/json/user_info_response_body.json"), Charset.defaultCharset());
userService.createOrUpdateUserFromSocialIdentityProvider(identityProvider, userInfo);
// verify group creations
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_1")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_2")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(0)).updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_3")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_4")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(new MembershipService.MembershipReference(MembershipReferenceType.ORGANIZATION, "DEFAULT")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "ADMIN")) && roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "USER"))), eq("oauth2"));
}
use of com.auth0.flickr2.domain.User in project gravitee-management-rest-api by gravitee-io.
the class TokenAuthenticationFilter method doFilter.
@Override
@SuppressWarnings(value = "unchecked")
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String stringToken = req.getHeader(HttpHeaders.AUTHORIZATION);
if (isEmpty(stringToken) && req.getCookies() != null) {
final Optional<Cookie> optionalStringToken = Arrays.stream(req.getCookies()).filter(cookie -> AUTH_COOKIE_NAME.equals(cookie.getName())).findAny();
if (optionalStringToken.isPresent()) {
stringToken = decode(optionalStringToken.get().getValue(), defaultCharset().name());
}
}
if (isEmpty(stringToken)) {
LOGGER.debug("Authorization header/cookie not found");
} else {
try {
if (stringToken.toLowerCase().contains(TOKEN_AUTH_SCHEMA)) {
final String tokenValue = stringToken.substring(TOKEN_AUTH_SCHEMA.length()).trim();
if (tokenValue.contains(".")) {
final DecodedJWT jwt = jwtVerifier.verify(tokenValue);
final Set<GrantedAuthority> authorities = this.authoritiesProvider.retrieveAuthorities(jwt.getClaim(Claims.SUBJECT).asString());
final UserDetails userDetails = new UserDetails(getStringValue(jwt.getSubject()), "", authorities);
userDetails.setEmail(jwt.getClaim(Claims.EMAIL).asString());
userDetails.setFirstname(jwt.getClaim(Claims.FIRSTNAME).asString());
userDetails.setLastname(jwt.getClaim(Claims.LASTNAME).asString());
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(userDetails, null, authorities));
} else if (tokenService != null && userService != null) {
final Token token = tokenService.findByToken(tokenValue);
final UserEntity user = userService.findById(token.getReferenceId());
final Set<GrantedAuthority> authorities = this.authoritiesProvider.retrieveAuthorities(user.getId());
final UserDetails userDetails = new UserDetails(user.getId(), "", authorities);
userDetails.setFirstname(user.getFirstname());
userDetails.setLastname(user.getLastname());
userDetails.setEmail(user.getEmail());
userDetails.setSource("token");
userDetails.setSourceId(token.getName());
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(userDetails, null, authorities));
}
} else {
LOGGER.debug("Authorization schema not found");
}
} catch (final Exception e) {
final String errorMessage = "Invalid token";
if (LOGGER.isDebugEnabled()) {
LOGGER.error(errorMessage, e);
} else {
if (e instanceof JWTVerificationException) {
LOGGER.warn(errorMessage);
} else {
LOGGER.error(errorMessage);
}
}
res.addCookie(cookieGenerator.generate(TokenAuthenticationFilter.AUTH_COOKIE_NAME, null));
res.sendError(HttpStatusCode.UNAUTHORIZED_401);
return;
}
}
chain.doFilter(request, response);
}
use of com.auth0.flickr2.domain.User in project gravitee-management-rest-api by gravitee-io.
the class UserServiceImpl method delete.
@Override
public void delete(String id) {
try {
// If the users is PO of apps or apis, throw an exception
long apiCount = apiService.findByUser(id, null, false).stream().filter(entity -> entity.getPrimaryOwner().getId().equals(id)).count();
long applicationCount = applicationService.findByUser(id).stream().filter(app -> app.getPrimaryOwner() != null).filter(app -> app.getPrimaryOwner().getId().equals(id)).count();
if (apiCount > 0 || applicationCount > 0) {
throw new StillPrimaryOwnerException(apiCount, applicationCount);
}
Optional<User> optionalUser = userRepository.findById(id);
if (!optionalUser.isPresent()) {
throw new UserNotFoundException(id);
}
membershipService.removeMemberMemberships(MembershipMemberType.USER, id);
User user = optionalUser.get();
// remove notifications
portalNotificationService.deleteAll(user.getId());
portalNotificationConfigService.deleteByUser(user.getId());
genericNotificationConfigService.deleteByUser(user);
// remove tokens
tokenService.revokeByUser(user.getId());
// change user datas
user.setSourceId("deleted-" + user.getSourceId());
user.setStatus(UserStatus.ARCHIVED);
user.setUpdatedAt(new Date());
if (anonymizeOnDelete) {
User anonym = new User();
anonym.setId(user.getId());
anonym.setCreatedAt(user.getCreatedAt());
anonym.setUpdatedAt(user.getUpdatedAt());
anonym.setStatus(user.getStatus());
anonym.setSource(user.getSource());
anonym.setLastConnectionAt(user.getLastConnectionAt());
anonym.setSourceId("deleted-" + user.getId());
anonym.setFirstname("Unknown");
anonym.setLastname("");
anonym.setLoginCount(user.getLoginCount());
user = anonym;
}
userRepository.update(user);
final UserEntity userEntity = convert(optionalUser.get(), false);
searchEngineService.delete(userEntity, false);
} catch (TechnicalException ex) {
LOGGER.error("An error occurs while trying to delete user", ex);
throw new TechnicalManagementException("An error occurs while trying to delete user", ex);
}
}
use of com.auth0.flickr2.domain.User in project gravitee-management-rest-api by gravitee-io.
the class UserServiceImpl method finalizeResetPassword.
@Override
public UserEntity finalizeResetPassword(ResetPasswordUserEntity registerUserEntity) {
try {
DecodedJWT jwt = getDecodedJWT(registerUserEntity.getToken());
final String action = jwt.getClaim(Claims.ACTION).asString();
if (!RESET_PASSWORD.name().equals(action)) {
throw new UserStateConflictException("Invalid action on reset password resource");
}
final Object subject = jwt.getSubject();
User user;
if (subject == null) {
throw new UserNotFoundException("Subject missing from JWT token");
} else {
final String username = subject.toString();
LOGGER.debug("Find user {} to update password", username);
Optional<User> checkUser = userRepository.findById(username);
user = checkUser.orElseThrow(() -> new UserNotFoundException(username));
}
// Set date fields
user.setUpdatedAt(new Date());
// Encrypt password if internal user
encryptPassword(user, registerUserEntity.getPassword());
user = userRepository.update(user);
auditService.createOrganizationAuditLog(Collections.singletonMap(USER, user.getId()), User.AuditEvent.PASSWORD_CHANGED, user.getUpdatedAt(), null, null);
// Do not send back the password
user.setPassword(null);
return convert(user, true);
} catch (AbstractManagementException ex) {
throw ex;
} catch (Exception ex) {
LOGGER.error("An error occurs while trying to change password of an internal user with the token {}", registerUserEntity.getToken(), ex);
throw new TechnicalManagementException(ex.getMessage(), ex);
}
}
Aggregations