Search in sources :

Example 1 with PasswordLessUserNameAuthentication

use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentsApiEndpointWrapperTest method verifyAccessToken_wrong_grantType.

@Test
public void verifyAccessToken_wrong_grantType() throws Exception {
    // given
    expectedEx.expect(OBErrorException.class);
    expectedEx.expectMessage("The access token grant type AUTHORIZATION_CODE doesn't match one of the expected grant types");
    String jws = jws(OpenBankingConstants.Scope.PAYMENTS, OIDCConstants.GrantType.AUTHORIZATION_CODE);
    when(amResourceServerService.verifyAccessToken(SupportConstants.BEARER_PREFIX + jws)).thenReturn((SignedJWT) JWTParser.parse(jws));
    when(obHeaderCheckerService.verifyFinancialIdHeader(any())).thenReturn(true);
    // then
    getEndpointWrapper(null).principal(new PasswordLessUserNameAuthentication(SupportConstants.USER_AUDIENCE, Collections.EMPTY_LIST)).authorization(SupportConstants.BEARER_PREFIX + jws).applyFilters();
}
Also used : PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication) Test(org.junit.Test)

Example 2 with PasswordLessUserNameAuthentication

use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentsRequestPaymentIdEndpointWrapperTest method setup.

@Before
public void setup() {
    // setting required objects to the perform test
    UUID uuid = UUID.randomUUID();
    RSEndpointWrapperService rsEndpointWrapperService = new RSEndpointWrapperService(obHeaderCheckerService, cryptoApiClient, null, null, rsConfiguration, null, null, false, null, rsConfiguration.financialId, amOpenBankingConfiguration, null, null, null, amResourceServerService, null, null, null, null);
    wrapper = new PaymentsRequestPaymentIdEndpointWrapper(rsEndpointWrapperService, tppStoreService) {

        @Override
        protected ResponseEntity run(PaymentRestEndpointContent main) throws OBErrorException {
            return super.run(main);
        }
    };
    wrapper.xFapiFinancialId(uuid.toString());
    wrapper.principal(new PasswordLessUserNameAuthentication("test-tpp", Collections.EMPTY_LIST));
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication) RSEndpointWrapperService(com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) UUID(java.util.UUID) Before(org.junit.Before)

Example 3 with PasswordLessUserNameAuthentication

use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentsSubmissionEndpointWrapperTest method setup.

@Before
public void setup() {
    // setting required objects to the perform test
    UUID uuid = UUID.randomUUID();
    // create required object to initialise the wrapper properly
    RSEndpointWrapperService rsEndpointWrapperService = new RSEndpointWrapperService(obHeaderCheckerService, cryptoApiClient, null, null, rsConfiguration, null, null, false, null, rsConfiguration.financialId, amOpenBankingConfiguration, null, null, null, amResourceServerService, null, null, null, null);
    wrapper = new PaymentsSubmissionsEndpointWrapper(rsEndpointWrapperService, tppStoreService) {

        @Override
        protected ResponseEntity run(PaymentRestEndpointContent main) throws OBErrorException {
            return super.run(main);
        }
    };
    wrapper.principal(new PasswordLessUserNameAuthentication("test-tpp", Collections.EMPTY_LIST));
    wrapper.xFapiFinancialId(uuid.toString());
    // generic mock handled stubb
    when(obHeaderCheckerService.verifyFinancialIdHeader(uuid.toString())).thenReturn(true);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication) RSEndpointWrapperService(com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) UUID(java.util.UUID) Before(org.junit.Before)

Example 4 with PasswordLessUserNameAuthentication

use of com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentsApiEndpointWrapperTest method verifyAccessToken_grantType_fundsConfirmation.

@Test
public void verifyAccessToken_grantType_fundsConfirmation() throws Exception {
    // given
    String jws = jws(OpenBankingConstants.Scope.PAYMENTS, OIDCConstants.GrantType.AUTHORIZATION_CODE);
    when(amResourceServerService.verifyAccessToken(SupportConstants.BEARER_PREFIX + jws)).thenReturn((SignedJWT) JWTParser.parse(jws));
    when(obHeaderCheckerService.verifyFinancialIdHeader(any())).thenReturn(true);
    // then
    assertThatCode(() -> {
        getEndpointWrapper(null).principal(new PasswordLessUserNameAuthentication(SupportConstants.USER_AUDIENCE, Collections.EMPTY_LIST)).authorization(SupportConstants.BEARER_PREFIX + jws).isFundsConfirmationRequest(true).applyFilters();
    }).doesNotThrowAnyException();
}
Also used : PasswordLessUserNameAuthentication(com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication) Test(org.junit.Test)

Aggregations

PasswordLessUserNameAuthentication (com.forgerock.spring.security.multiauth.model.authentication.PasswordLessUserNameAuthentication)4 RSEndpointWrapperService (com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService)2 OBErrorException (com.forgerock.openbanking.exceptions.OBErrorException)2 UUID (java.util.UUID)2 Before (org.junit.Before)2 Test (org.junit.Test)2 ResponseEntity (org.springframework.http.ResponseEntity)2