Examples with Gw2AccountVerificationEntity com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity used on opensource projects

Example 6 with Gw2AccountVerificationEntity

use of com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity in project oauth2-server by gw2auth.

the class VerificationControllerTest method startAndSubmitChallengeForGw2AccountAlreadyVerified.

@WithGw2AuthLogin
public void startAndSubmitChallengeForGw2AccountAlreadyVerified(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    // prepare the testing clock
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.verificationService.setClock(testingClock);
    final UUID gw2AccountId = UUID.randomUUID();
    final String gw2ApiToken = UUID.randomUUID().toString();
    final String gw2ApiSubtoken = TestHelper.createSubtokenJWT(UUID.randomUUID(), Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(90L));
    // insert the verification
    this.gw2AccountVerificationRepository.save(new Gw2AccountVerificationEntity(gw2AccountId, accountId));
    // prepare the gw2 api
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant().plus(Duration.ofMinutes(90L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, "Not the name that was requested", Set.of(Gw2ApiPermission.ACCOUNT));
    // start the challenge
    this.verificationService.startChallenge(accountId, 1L);
    // submit the challenge
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isBadRequest());
}

Example 7 with Gw2AccountVerificationEntity

use of com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity in project oauth2-server by gw2auth.

the class AccountControllerTest method getAccountSummary.

@WithGw2AuthLogin
public void getAccountSummary(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final int apiTokens = 3;
    final int verifiedGw2Accounts = 5;
    final int clientRegistrations = 12;
    // this must be less than clientRegistrations! (only to keep the testcase simple)
    final int clientAuthorizations = 10;
    final int accountFederations = 2;
    for (int i = 0; i < apiTokens; i++) {
        this.testHelper.createApiToken(accountId, UUID.randomUUID(), "", Set.of(), "Name");
    }
    for (int i = 0; i < verifiedGw2Accounts; i++) {
        this.gw2AccountVerificationRepository.save(new Gw2AccountVerificationEntity(UUID.randomUUID(), accountId));
    }
    final Queue<ClientRegistrationEntity> clientRegistrationEntities = new LinkedList<>();
    for (int i = 0; i < clientRegistrations; i++) {
        clientRegistrationEntities.add(this.clientRegistrationRepository.save(new ClientRegistrationEntity(null, accountId, Instant.now(), "Name", UUID.randomUUID(), "", Set.of(), Set.of("http://127.0.0.1/"))));
    }
    for (int i = 0; i < clientAuthorizations; i++) {
        this.clientConsentRepository.save(new ClientConsentEntity(accountId, clientRegistrationEntities.poll().id(), UUID.randomUUID(), Set.of("dummy")));
    }
    // add one client authorization without scopes (that should not be counted)
    this.clientConsentRepository.save(new ClientConsentEntity(accountId, clientRegistrationEntities.poll().id(), UUID.randomUUID(), Set.of()));
    for (int i = 0; i < accountFederations; i++) {
        this.accountFederationRepository.save(new AccountFederationEntity(UUID.randomUUID().toString(), UUID.randomUUID().toString(), accountId));
    }
    this.mockMvc.perform(get("/api/account/summary").session(session)).andExpect(status().isOk()).andExpect(jsonPath("$.apiTokens").value(Integer.toString(apiTokens))).andExpect(jsonPath("$.verifiedGw2Accounts").value(Integer.toString(verifiedGw2Accounts))).andExpect(jsonPath("$.clientRegistrations").value(Integer.toString(clientRegistrations))).andExpect(jsonPath("$.clientAuthorizations").value(Integer.toString(clientAuthorizations))).andExpect(// one more because WithGw2AuthLogin adds one
    jsonPath("$.accountFederations").value(Integer.toString(accountFederations + 1)));
}

Example 8 with Gw2AccountVerificationEntity

use of com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity in project oauth2-server by gw2auth.

the class VerificationControllerTest method startAndSubmitTPBuyOrderChallengeDirectlyFulfilled.

@WithGw2AuthLogin
public void startAndSubmitTPBuyOrderChallengeDirectlyFulfilled(MockHttpSession session) throws Exception {
    final UUID gw2AccountId = UUID.randomUUID();
    // insert an api token for another account but for the same gw2 account id
    final long otherUserAccountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    this.testHelper.createApiToken(otherUserAccountId, gw2AccountId, Set.of(), "Name");
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    // prepare the testing clock
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.verificationService.setClock(testingClock);
    final String gw2ApiToken = TestHelper.randomRootToken();
    final String gw2ApiSubtoken = TestHelper.createSubtokenJWT(UUID.randomUUID(), Set.of(Gw2ApiPermission.ACCOUNT, Gw2ApiPermission.TRADINGPOST), testingClock.instant(), Duration.ofMinutes(15L));
    // start the challenge
    final VerificationChallengeStart challengeStart = this.verificationService.startChallenge(accountId, 2L);
    // prepare the gw2 api
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT, Gw2ApiPermission.TRADINGPOST), testingClock.instant().plus(Duration.ofMinutes(15L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTransactionsRequest(gw2ApiSubtoken, 20, (int) challengeStart.message().get("gw2ItemId"), 1, (long) challengeStart.message().get("buyOrderCoins"), testingClock.instant());
    // submit the challenge
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isOk()).andExpect(jsonPath("$.isSuccess").value("true"));
    // started challenge should be removed
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, "").isEmpty());
    // pending challenge should not be present (either removed or never inserted)
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).isEmpty());
    // account should now be verified
    final Gw2AccountVerificationEntity accountVerification = this.gw2AccountVerificationRepository.findById(gw2AccountId).orElse(null);
    assertNotNull(accountVerification);
    assertEquals(accountId, accountVerification.accountId());
    // the other users api token should be removed
    assertTrue(this.apiTokenRepository.findByAccountIdAndGw2AccountId(otherUserAccountId, gw2AccountId).isEmpty());
}

Example 9 with Gw2AccountVerificationEntity

use of com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity in project oauth2-server by gw2auth.

the class VerificationServiceImpl method submitChallenge.

@Override
@Transactional
public VerificationChallengeSubmit submitChallenge(long accountId, String gw2ApiToken) {
    Gw2AccountVerificationChallengeEntity entity = this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, STARTED_CHALLENGE_GW2_ACCOUNT_ID).orElseThrow(() -> new Gw2AccountVerificationServiceException(Gw2AccountVerificationServiceException.CHALLENGE_NOT_FOUND, HttpStatus.NOT_FOUND));
    this.gw2AccountVerificationChallengeRepository.deleteByAccountIdAndGw2AccountId(accountId, STARTED_CHALLENGE_GW2_ACCOUNT_ID);
    final VerificationChallenge<?> challenge = this.challengesById.get(entity.challengeId());
    if (challenge == null) {
        throw new Gw2AccountVerificationServiceException(Gw2AccountVerificationServiceException.CHALLENGE_NOT_FOUND, HttpStatus.NOT_FOUND);
    }
    final Instant startTime = this.clock.instant();
    final Instant timeout = startTime.plus(challenge.getTimeout());
    final Gw2SubToken gw2SubToken = this.gw2ApiService.createSubToken(gw2ApiToken, challenge.getRequiredGw2ApiPermissions(), timeout);
    if (!gw2SubToken.permissions().containsAll(challenge.getRequiredGw2ApiPermissions())) {
        throw new Gw2AccountVerificationServiceException(Gw2AccountVerificationServiceException.INSUFFICIENT_PERMISSIONS, HttpStatus.BAD_REQUEST);
    }
    final UUID gw2AccountId = this.gw2ApiService.getAccount(gw2SubToken.value()).id();
    final Gw2AccountVerificationChallengeEntity pendingChallengeEntity = this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).orElse(null);
    if (pendingChallengeEntity != null) {
        if (pendingChallengeEntity.challengeId() == VERIFICATION_FAILED_CHALLENGE_ID) {
            final Duration timeUntilAvailable = Duration.between(this.clock.instant(), pendingChallengeEntity.timeoutAt());
            final long minutes = timeUntilAvailable.toMinutes();
            // a verification for this gw2-account failed before
            throw new Gw2AccountVerificationServiceException(String.format(Gw2AccountVerificationServiceException.CHALLENGE_FOR_THIS_ACCOUNT_BLOCKED, minutes), HttpStatus.BAD_REQUEST);
        } else {
            // allow only one active challenge per gw2 account
            throw new Gw2AccountVerificationServiceException(Gw2AccountVerificationServiceException.CHALLENGE_FOR_THIS_GW2_ACCOUNT_ALREADY_STARTED, HttpStatus.BAD_REQUEST);
        }
    } else if (this.gw2AccountVerificationRepository.findById(gw2AccountId).map(Gw2AccountVerificationEntity::accountId).orElse(-1L) == accountId) {
        // if this gw2 account is already verified for this same gw2auth account, dont proceed
        throw new Gw2AccountVerificationServiceException(Gw2AccountVerificationServiceException.GW2_ACCOUNT_ALREADY_VERIFIED, HttpStatus.BAD_REQUEST);
    }
    entity = new Gw2AccountVerificationChallengeEntity(entity.accountId(), gw2AccountId.toString(), entity.challengeId(), entity.state(), gw2SubToken.value(), startTime, timeout);
    final boolean isVerified = verify(entity);
    final VerificationChallengePending verificationChallengePending;
    if (isVerified) {
        verificationChallengePending = null;
    } else {
        this.gw2AccountVerificationChallengeRepository.save(entity);
        verificationChallengePending = new VerificationChallengePending(entity.challengeId(), gw2AccountId, startTime);
    }
    return new VerificationChallengeSubmit(verificationChallengePending, isVerified);
}