Examples with AccountEntity com.gw2auth.oauth2.server.repository.account.AccountEntity used on opensource projects

Example 1 with AccountEntity

use of com.gw2auth.oauth2.server.repository.account.AccountEntity in project oauth2-server by gw2auth.

the class AccountServiceImpl method getOrCreateAccountInternal.

@Transactional
protected AccountEntity getOrCreateAccountInternal(String issuer, String idAtIssuer) {
    final Optional<AccountEntity> optionalAccount = this.accountRepository.findByFederation(issuer, idAtIssuer);
    AccountEntity accountEntity;
    if (optionalAccount.isEmpty()) {
        accountEntity = this.accountRepository.save(new AccountEntity(null, Instant.now()));
        AccountFederationEntity accountFederationEntity = new AccountFederationEntity(issuer, idAtIssuer, accountEntity.id());
        accountFederationEntity = this.accountFederationRepository.save(accountFederationEntity);
    } else {
        accountEntity = optionalAccount.get();
    }
    return accountEntity;
}

Example 2 with AccountEntity

use of com.gw2auth.oauth2.server.repository.account.AccountEntity in project oauth2-server by gw2auth.

the class AccountServiceImpl method addAccountFederationOrReturnExisting.

@Override
@Transactional
public Account addAccountFederationOrReturnExisting(long accountId, String issuer, String idAtIssuer) {
    final Optional<AccountEntity> optionalAccountEntity = this.accountRepository.findByFederation(issuer, idAtIssuer);
    AccountEntity accountEntity;
    if (optionalAccountEntity.isEmpty()) {
        accountEntity = this.accountRepository.findById(accountId).orElseThrow(IllegalArgumentException::new);
        AccountFederationEntity accountFederationEntity = new AccountFederationEntity(issuer, idAtIssuer, accountId);
        accountFederationEntity = this.accountFederationRepository.save(accountFederationEntity);
    } else {
        accountEntity = optionalAccountEntity.get();
    }
    return Account.fromEntity(accountEntity);
}

Example 3 with AccountEntity

use of com.gw2auth.oauth2.server.repository.account.AccountEntity in project oauth2-server by gw2auth.

the class ApplicationControllerTest method getApplicationSummary.

@Test
public void getApplicationSummary() throws Exception {
    final long accountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    final int accounts = 102;
    final int apiTokens = 3;
    final int verifiedGw2Accounts = 5;
    final int clientRegistrations = 12;
    // this must be less than clientRegistrations! (only to keep the testcase simple)
    final int clientAuthorizations = 10;
    for (int i = 0; i < accounts; i++) {
        this.accountRepository.save(new AccountEntity(null, Instant.now()));
    }
    for (int i = 0; i < apiTokens; i++) {
        this.testHelper.createApiToken(accountId, UUID.randomUUID(), Set.of(), "Name");
    }
    for (int i = 0; i < verifiedGw2Accounts; i++) {
        this.gw2AccountVerificationRepository.save(new Gw2AccountVerificationEntity(UUID.randomUUID(), accountId));
    }
    final Queue<ClientRegistrationEntity> clientRegistrationEntities = new LinkedList<>();
    for (int i = 0; i < clientRegistrations; i++) {
        clientRegistrationEntities.add(this.clientRegistrationRepository.save(new ClientRegistrationEntity(null, accountId, Instant.now(), "Name", UUID.randomUUID(), "", Set.of(), Set.of("http://127.0.0.1/"))));
    }
    for (int i = 0; i < clientAuthorizations; i++) {
        this.clientConsentRepository.save(new ClientConsentEntity(accountId, clientRegistrationEntities.poll().id(), UUID.randomUUID(), Set.of("dummy")));
    }
    // add one client authorization without scopes (that should not be counted)
    this.clientConsentRepository.save(new ClientConsentEntity(accountId, clientRegistrationEntities.poll().id(), UUID.randomUUID(), Set.of()));
    this.mockMvc.perform(get("/api/application/summary")).andExpect(status().isOk()).andExpect(// we create one dummy account who owns everything else
    jsonPath("$.accounts").value(Integer.toString(accounts + 1))).andExpect(jsonPath("$.apiTokens").value(Integer.toString(apiTokens))).andExpect(jsonPath("$.verifiedGw2Accounts").value(Integer.toString(verifiedGw2Accounts))).andExpect(jsonPath("$.clientRegistrations").value(Integer.toString(clientRegistrations))).andExpect(jsonPath("$.clientAuthorizations").value(Integer.toString(clientAuthorizations)));
}

Example 4 with AccountEntity

use of com.gw2auth.oauth2.server.repository.account.AccountEntity in project oauth2-server by gw2auth.

the class ApiTokenControllerTest method updateApiTokenThatHasBeenVerifiedByAnotherAccount.

@WithGw2AuthLogin
public void updateApiTokenThatHasBeenVerifiedByAnotherAccount(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final long otherUserAccountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    final UUID gw2AccountId = UUID.randomUUID();
    // save key for the same gw2 account id on both accounts
    this.testHelper.createApiToken(accountId, gw2AccountId, Set.of(), "Name A");
    this.testHelper.createApiToken(otherUserAccountId, gw2AccountId, Set.of(), "Name B");
    // save verification for the other account
    this.gw2AccountVerificationRepository.save(new Gw2AccountVerificationEntity(gw2AccountId, otherUserAccountId));
    this.mockMvc.perform(patch("/api/token/{gw2AccountId}", gw2AccountId).session(session).with(csrf()).queryParam("displayName", "Hello World")).andExpect(status().isNotAcceptable());
    // api token should be deleted now
    assertTrue(this.apiTokenRepository.findAllByAccountIdAndGw2AccountIds(accountId, Set.of(gw2AccountId)).isEmpty());
}

Example 5 with AccountEntity

use of com.gw2auth.oauth2.server.repository.account.AccountEntity in project oauth2-server by gw2auth.

the class VerificationControllerTest method startAndSubmitApiTokenNameChallengeLaterFulfilled.

@WithGw2AuthLogin
public void startAndSubmitApiTokenNameChallengeLaterFulfilled(MockHttpSession session) throws Exception {
    final UUID gw2AccountId = UUID.randomUUID();
    // insert an api token for another account but for the same gw2 account id
    final long otherUserAccountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    this.testHelper.createApiToken(otherUserAccountId, gw2AccountId, Set.of(), "Name");
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    // prepare the testing clock
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.verificationService.setClock(testingClock);
    final String gw2ApiToken = TestHelper.randomRootToken();
    final String gw2ApiSubtoken = TestHelper.createSubtokenJWT(UUID.randomUUID(), Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(90L));
    // prepare the gw2 api
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant().plus(Duration.ofMinutes(90L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, "Not the name that was requested", Set.of(Gw2ApiPermission.ACCOUNT));
    // start the challenge
    final VerificationChallengeStart challengeStart = this.verificationService.startChallenge(accountId, 1L);
    // submit the challenge
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isOk()).andExpect(jsonPath("$.isSuccess").value("false")).andExpect(jsonPath("$.pending").isMap());
    // started challenge should be removed
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, "").isEmpty());
    // pending challenge should be inserted
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).isPresent());
    // let 15 minutes pass
    testingClock = Clock.offset(testingClock, Duration.ofMinutes(15L));
    this.verificationService.setClock(testingClock);
    // prepare the api again and now set the name to the requested one
    this.gw2RestServer.reset();
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, challengeStart.message().get("apiTokenName").toString(), Set.of(Gw2ApiPermission.ACCOUNT));
    // simulate scheduled check
    this.verificationService.tryVerifyAllPending();
    // pending challenge should be removed
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).isEmpty());
    // account should now be verified
    final Gw2AccountVerificationEntity accountVerification = this.gw2AccountVerificationRepository.findById(gw2AccountId).orElse(null);
    assertNotNull(accountVerification);
    assertEquals(accountId, accountVerification.accountId());
    // the other users api token should be removed
    assertTrue(this.apiTokenRepository.findByAccountIdAndGw2AccountId(otherUserAccountId, gw2AccountId).isEmpty());
}