Examples with Account com.gw2auth.oauth2.server.service.account.Account used on opensource projects

Example 11 with Account

use of com.gw2auth.oauth2.server.service.account.Account in project oauth2-server by gw2auth.

the class AccountControllerTest method addAccountFederationAlreadyLinkedToOtherAccount.

@WithGw2AuthLogin(issuer = "dummyIssuer", idAtIssuer = "A")
public void addAccountFederationAlreadyLinkedToOtherAccount(MockHttpSession session) throws Exception {
    final long otherUserAccountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    this.accountFederationRepository.save(new AccountFederationEntity("dummyIssuer", "B", otherUserAccountId));
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final String loginURL = this.mockMvc.perform(get("/api/account/federation/{provider}", "dummyIssuer").session(session)).andExpect(status().is3xxRedirection()).andReturn().getResponse().getRedirectedUrl();
    this.gw2AuthLoginExtension.login(loginURL, "dummyIssuer", "B").andExpect(status().is3xxRedirection()).andExpect(header().string("Location", new StringEndsWith("?error")));
    // only the initial federation should be present
    final List<AccountFederationEntity> result = this.accountFederationRepository.findAllByAccountId(accountId);
    assertEquals(1, result.size());
}

Example 12 with Account

use of com.gw2auth.oauth2.server.service.account.Account in project oauth2-server by gw2auth.

the class AccountControllerTest method getAccountSummary.

@WithGw2AuthLogin
public void getAccountSummary(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final int apiTokens = 3;
    final int verifiedGw2Accounts = 5;
    final int clientRegistrations = 12;
    // this must be less than clientRegistrations! (only to keep the testcase simple)
    final int clientAuthorizations = 10;
    final int accountFederations = 2;
    for (int i = 0; i < apiTokens; i++) {
        this.testHelper.createApiToken(accountId, UUID.randomUUID(), "", Set.of(), "Name");
    }
    for (int i = 0; i < verifiedGw2Accounts; i++) {
        this.gw2AccountVerificationRepository.save(new Gw2AccountVerificationEntity(UUID.randomUUID(), accountId));
    }
    final Queue<ClientRegistrationEntity> clientRegistrationEntities = new LinkedList<>();
    for (int i = 0; i < clientRegistrations; i++) {
        clientRegistrationEntities.add(this.clientRegistrationRepository.save(new ClientRegistrationEntity(null, accountId, Instant.now(), "Name", UUID.randomUUID(), "", Set.of(), Set.of("http://127.0.0.1/"))));
    }
    for (int i = 0; i < clientAuthorizations; i++) {
        this.clientConsentRepository.save(new ClientConsentEntity(accountId, clientRegistrationEntities.poll().id(), UUID.randomUUID(), Set.of("dummy")));
    }
    // add one client authorization without scopes (that should not be counted)
    this.clientConsentRepository.save(new ClientConsentEntity(accountId, clientRegistrationEntities.poll().id(), UUID.randomUUID(), Set.of()));
    for (int i = 0; i < accountFederations; i++) {
        this.accountFederationRepository.save(new AccountFederationEntity(UUID.randomUUID().toString(), UUID.randomUUID().toString(), accountId));
    }
    this.mockMvc.perform(get("/api/account/summary").session(session)).andExpect(status().isOk()).andExpect(jsonPath("$.apiTokens").value(Integer.toString(apiTokens))).andExpect(jsonPath("$.verifiedGw2Accounts").value(Integer.toString(verifiedGw2Accounts))).andExpect(jsonPath("$.clientRegistrations").value(Integer.toString(clientRegistrations))).andExpect(jsonPath("$.clientAuthorizations").value(Integer.toString(clientAuthorizations))).andExpect(// one more because WithGw2AuthLogin adds one
    jsonPath("$.accountFederations").value(Integer.toString(accountFederations + 1)));
}

Example 13 with Account

use of com.gw2auth.oauth2.server.service.account.Account in project oauth2-server by gw2auth.

the class AccountControllerTest method deleteAccountFederation.

@WithGw2AuthLogin(issuer = "issuer", idAtIssuer = "idAtIssuer")
public void deleteAccountFederation(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    this.accountFederationRepository.save(new AccountFederationEntity("issuer2", "idAtIssuer2", accountId));
    this.mockMvc.perform(delete("/api/account/federation").session(session).queryParam("issuer", "issuer2").queryParam("idAtIssuer", "idAtIssuer2").with(csrf())).andExpect(status().isOk());
    final List<AccountFederationEntity> result = this.accountFederationRepository.findAllByAccountId(accountId);
    assertEquals(1, result.size());
    assertEquals(new AccountFederationEntity("issuer", "idAtIssuer", accountId), result.get(0));
}

Example 14 with Account

use of com.gw2auth.oauth2.server.service.account.Account in project oauth2-server by gw2auth.

the class Gw2AuthClientConfiguration method initialize.

@PostConstruct
public void initialize() {
    for (Gw2AuthClientProperties.Registration registrationConfig : this.properties.getRegistration()) {
        final UUID clientId = UUID.fromString(registrationConfig.getClientId());
        if (this.clientRegistrationService.getClientRegistration(clientId).isEmpty()) {
            final List<Gw2AuthClientProperties.Account> accountsConfig = this.properties.getAccount().get(registrationConfig.getAccount());
            Account account = null;
            for (Gw2AuthClientProperties.Account accountConfig : accountsConfig) {
                if (account == null) {
                    account = this.accountService.getOrCreateAccount(accountConfig.getIssuer(), accountConfig.getIdAtIssuer());
                } else {
                    account = this.accountService.addAccountFederationOrReturnExisting(account.id(), accountConfig.getIssuer(), accountConfig.getIdAtIssuer());
                }
            }
            final ClientRegistrationCreation clientRegistrationCreation = this.clientRegistrationService.createClientRegistration(Objects.requireNonNull(account).id(), registrationConfig.getDisplayName(), registrationConfig.getAuthorizationGrantTypes(), Set.of(registrationConfig.getRedirectUri()));
            this.jdbcOperations.update("UPDATE client_registrations SET client_id = ?, client_secret = ? WHERE id = ?", clientId, this.passwordEncoder.encode(registrationConfig.getClientSecret()), clientRegistrationCreation.clientRegistration().id());
            LOG.debug("Created Gw2Auth Client with client-id={} from configuration", registrationConfig.getClientId());
        } else {
            LOG.debug("Gw2Auth Client with client-id={} already exists", registrationConfig.getClientId());
        }
    }
}

Example 15 with Account

use of com.gw2auth.oauth2.server.service.account.Account in project oauth2-server by gw2auth.

the class VerificationControllerTest method startAndSubmitChallengeForGw2AccountHavingAPendingVerification.

@WithGw2AuthLogin
public void startAndSubmitChallengeForGw2AccountHavingAPendingVerification(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    // prepare the testing clock
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.verificationService.setClock(testingClock);
    final UUID gw2AccountId = UUID.randomUUID();
    final String gw2ApiToken = TestHelper.randomRootToken();
    final String gw2ApiSubtoken = TestHelper.createSubtokenJWT(UUID.randomUUID(), Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(90L));
    // prepare the gw2 api
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant().plus(Duration.ofMinutes(90L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, "Not the name that was requested", Set.of(Gw2ApiPermission.ACCOUNT));
    // start the challenge
    this.verificationService.startChallenge(accountId, 1L);
    // submit the challenge
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isOk()).andExpect(jsonPath("$.isSuccess").value("false")).andExpect(jsonPath("$.pending").isMap());
    // started challenge should be removed
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, "").isEmpty());
    // pending challenge should be inserted
    final Gw2AccountVerificationChallengeEntity startedChallenge = this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).orElse(null);
    assertNotNull(startedChallenge);
    // start a new challenge
    this.verificationService.startChallenge(accountId, 1L);
    // prepare the gw2 api again
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant().plus(Duration.ofMinutes(90L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, "Not the name that was requested", Set.of(Gw2ApiPermission.ACCOUNT));
    // submit the challenge again (for the same gw2 account)
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isBadRequest());
    // pending challenge should not be modified
    assertEquals(startedChallenge, this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).orElse(null));
}