use of com.nexblocks.authguard.basic.config.OtpConfig in project AuthGuard by AuthGuard.
the class OtpProviderTest method generateToken.
@Test
void generateToken() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.ALPHANUMERIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final AccountBO account = random.nextObject(AccountBO.class).withActive(true);
final AuthResponseBO expected = AuthResponseBO.builder().type("otp").entityType(EntityType.ACCOUNT).entityId(account.getId()).build();
final AuthResponseBO generated = otpProvider.generateToken(account);
assertThat(generated).isEqualToIgnoringGivenFields(expected, "token");
assertThat(generated.getToken()).isNotNull();
final ArgumentCaptor<OneTimePasswordDO> argumentCaptor = ArgumentCaptor.forClass(OneTimePasswordDO.class);
Mockito.verify(mockOtpRepository).save(argumentCaptor.capture());
final OneTimePasswordDO persisted = argumentCaptor.getValue();
assertThat(persisted.getAccountId()).isEqualTo(account.getId());
assertThat(persisted.getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
assertThat(persisted.getId()).isNotNull();
assertThat(persisted.getPassword()).isNotNull();
assertThat(persisted.getPassword()).hasSize(6);
Mockito.verify(messageBus, Mockito.times(1)).publish(eq("otp"), any());
}
use of com.nexblocks.authguard.basic.config.OtpConfig in project AuthGuard by AuthGuard.
the class OtpProviderTest method generateNumeric.
@Test
void generateNumeric() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.NUMERIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final AccountBO account = random.nextObject(AccountBO.class).withActive(true);
final AuthResponseBO expected = AuthResponseBO.builder().type("otp").entityType(EntityType.ACCOUNT).entityId(account.getId()).build();
final AuthResponseBO generated = otpProvider.generateToken(account);
assertThat(generated).isEqualToIgnoringGivenFields(expected, "token");
assertThat(generated.getToken()).isNotNull();
final ArgumentCaptor<OneTimePasswordDO> argumentCaptor = ArgumentCaptor.forClass(OneTimePasswordDO.class);
Mockito.verify(mockOtpRepository).save(argumentCaptor.capture());
final OneTimePasswordDO persisted = argumentCaptor.getValue();
assertThat(persisted.getAccountId()).isEqualTo(account.getId());
assertThat(persisted.getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
assertThat(persisted.getId()).isNotNull();
assertThat(persisted.getPassword()).isNotNull();
assertThat(persisted.getPassword()).hasSize(6);
for (final char ch : persisted.getPassword().toCharArray()) {
assertThat(Character.isAlphabetic(ch)).isFalse();
}
Mockito.verify(messageBus, Mockito.times(1)).publish(eq("otp"), any());
}
use of com.nexblocks.authguard.basic.config.OtpConfig in project AuthGuard by AuthGuard.
the class OtpProviderTest method generateAlphabetic.
@Test
void generateAlphabetic() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.ALPHABETIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final AccountBO account = random.nextObject(AccountBO.class).withActive(true);
final AuthResponseBO expected = AuthResponseBO.builder().type("otp").entityType(EntityType.ACCOUNT).entityId(account.getId()).build();
final AuthResponseBO generated = otpProvider.generateToken(account);
assertThat(generated).isEqualToIgnoringGivenFields(expected, "token");
assertThat(generated.getToken()).isNotNull();
final ArgumentCaptor<OneTimePasswordDO> argumentCaptor = ArgumentCaptor.forClass(OneTimePasswordDO.class);
Mockito.verify(mockOtpRepository).save(argumentCaptor.capture());
final OneTimePasswordDO persisted = argumentCaptor.getValue();
assertThat(persisted.getAccountId()).isEqualTo(account.getId());
assertThat(persisted.getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
assertThat(persisted.getId()).isNotNull();
assertThat(persisted.getPassword()).isNotNull();
assertThat(persisted.getPassword()).hasSize(6);
for (final char ch : persisted.getPassword().toCharArray()) {
assertThat(Character.isDigit(ch)).isFalse();
}
Mockito.verify(messageBus, Mockito.times(1)).publish(eq("otp"), any());
}
use of com.nexblocks.authguard.basic.config.OtpConfig in project AuthGuard by AuthGuard.
the class OtpProviderTest method generateTokenForInactiveAccount.
@Test
void generateTokenForInactiveAccount() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.ALPHANUMERIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final AccountBO account = random.nextObject(AccountBO.class).withActive(false);
assertThatThrownBy(() -> otpProvider.generateToken(account)).isInstanceOf(ServiceAuthorizationException.class);
}
use of com.nexblocks.authguard.basic.config.OtpConfig in project AuthGuard by AuthGuard.
the class OtpVerifierTest method verifyPasswordNotFound.
@Test
void verifyPasswordNotFound() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.ALPHANUMERIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final OneTimePasswordDO otp = random.nextObject(OneTimePasswordDO.class);
Mockito.when(mockOtpRepository.getById(otp.getId())).thenReturn(CompletableFuture.completedFuture(Optional.empty()));
final Either<Exception, String> result = otpVerifier.verifyAccountToken(otp.getId() + ":" + otp.getPassword());
assertThat(result.isLeft()).isTrue();
assertThat(result.getLeft()).isInstanceOf(ServiceAuthorizationException.class);
}
Aggregations