Example 1 with PasswordLessUserNameAuthentication
use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.
the class PaymentsApiEndpointWrapperTest method verifyAccessToken_wrong_grantType.
@Test
public void verifyAccessToken_wrong_grantType() throws Exception {
// given
expectedEx.expect(OBErrorException.class);
expectedEx.expectMessage("The access token grant type AUTHORIZATION_CODE doesn't match one of the expected grant types");
String jws = jws(OpenBankingConstants.Scope.PAYMENTS, OIDCConstants.GrantType.AUTHORIZATION_CODE);
when(amResourceServerService.verifyAccessToken(SupportConstants.BEARER_PREFIX + jws)).thenReturn((SignedJWT) JWTParser.parse(jws));
when(obHeaderCheckerService.verifyFinancialIdHeader(any())).thenReturn(true);
// then
getEndpointWrapper(null).principal(new PasswordLessUserNameAuthentication(SupportConstants.USER_AUDIENCE, Collections.EMPTY_LIST)).authorization(SupportConstants.BEARER_PREFIX + jws).applyFilters();
}
Also used :
PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication)
Test(org.junit.Test)
Example 2 with PasswordLessUserNameAuthentication
use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.
the class PaymentsRequestPaymentIdEndpointWrapperTest method setup.
@Before
public void setup() {
// setting required objects to the perform test
UUID uuid = UUID.randomUUID();
RSEndpointWrapperService rsEndpointWrapperService = new RSEndpointWrapperService(obHeaderCheckerService, cryptoApiClient, null, null, rsConfiguration, null, null, false, null, rsConfiguration.financialId, amOpenBankingConfiguration, null, null, null, amResourceServerService, null, null, null, null);
wrapper = new PaymentsRequestPaymentIdEndpointWrapper(rsEndpointWrapperService, tppStoreService) {
@Override
protected ResponseEntity run(PaymentRestEndpointContent main) throws OBErrorException {
return super.run(main);
}
};
wrapper.xFapiFinancialId(uuid.toString());
wrapper.principal(new PasswordLessUserNameAuthentication("test-tpp", Collections.EMPTY_LIST));
}
Also used :
ResponseEntity(org.springframework.http.ResponseEntity)
PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication)
RSEndpointWrapperService(com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService)
OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)
UUID(java.util.UUID)
Before(org.junit.Before)
Example 3 with PasswordLessUserNameAuthentication
use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.
the class PaymentsSubmissionEndpointWrapperTest method setup.
@Before
public void setup() {
// setting required objects to the perform test
UUID uuid = UUID.randomUUID();
// create required object to initialise the wrapper properly
RSEndpointWrapperService rsEndpointWrapperService = new RSEndpointWrapperService(obHeaderCheckerService, cryptoApiClient, null, null, rsConfiguration, null, null, false, null, rsConfiguration.financialId, amOpenBankingConfiguration, null, null, null, amResourceServerService, null, null, null, null);
wrapper = new PaymentsSubmissionsEndpointWrapper(rsEndpointWrapperService, tppStoreService) {
@Override
protected ResponseEntity run(PaymentRestEndpointContent main) throws OBErrorException {
return super.run(main);
}
};
wrapper.principal(new PasswordLessUserNameAuthentication("test-tpp", Collections.EMPTY_LIST));
wrapper.xFapiFinancialId(uuid.toString());
// generic mock handled stubb
when(obHeaderCheckerService.verifyFinancialIdHeader(uuid.toString())).thenReturn(true);
}
Also used :
ResponseEntity(org.springframework.http.ResponseEntity)
PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication)
RSEndpointWrapperService(com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService)
OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)
UUID(java.util.UUID)
Before(org.junit.Before)
Example 4 with PasswordLessUserNameAuthentication
use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.
the class PaymentsApiEndpointWrapperTest method verifyAccessToken_grantType_fundsConfirmation.
@Test
public void verifyAccessToken_grantType_fundsConfirmation() throws Exception {
// given
String jws = jws(OpenBankingConstants.Scope.PAYMENTS, OIDCConstants.GrantType.AUTHORIZATION_CODE);
when(amResourceServerService.verifyAccessToken(SupportConstants.BEARER_PREFIX + jws)).thenReturn((SignedJWT) JWTParser.parse(jws));
when(obHeaderCheckerService.verifyFinancialIdHeader(any())).thenReturn(true);
// then
assertThatCode(() -> {
getEndpointWrapper(null).principal(new PasswordLessUserNameAuthentication(SupportConstants.USER_AUDIENCE, Collections.EMPTY_LIST)).authorization(SupportConstants.BEARER_PREFIX + jws).isFundsConfirmationRequest(true).applyFilters();
}).doesNotThrowAnyException();
}
Also used :
PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication)
Test(org.junit.Test)
Aggregations
PasswordLessUserNameAuthentication (com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication)4
RSEndpointWrapperService (com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService)2
OBErrorException (com.forgerock.openbanking.exceptions.OBErrorException)2
UUID (java.util.UUID)2
Before (org.junit.Before)2
Test (org.junit.Test)2
ResponseEntity (org.springframework.http.ResponseEntity)2
