use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLockerTest method onMessageNotAuth.
@Test
void onMessageNotAuth() {
// data
final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
final Message<Object> message = Message.builder().eventType(EventType.EMAIL_VERIFICATION).bodyType(AuthMessage.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
// call
accountLocker.onMessage(message);
// verify
Mockito.verifyZeroInteractions(exchangeAttemptsRepository, accountLocksService);
}
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class ExchangeServiceImpl method exchangeSuccess.
private void exchangeSuccess(final AuthRequestBO authRequest, final RequestContextBO requestContext, final AuthResponseBO tokens, final String fromTokenType, final String toTokenType) {
final AuthMessage authMessage = AuthMessage.success(fromTokenType, toTokenType, tokens.getEntityType(), tokens.getEntityId());
final ExchangeAttemptBO attempt = createBaseAttempt(authRequest, requestContext).exchangeFrom(fromTokenType).exchangeTo(toTokenType).successful(true).entityId(tokens.getEntityId()).build();
exchangeAttemptsService.create(attempt);
emb.publish(CHANNEL, Messages.auth(authMessage));
}
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLocker method processAuthMessage.
private void processAuthMessage(final AuthMessage authMessage) {
if (authMessage.getEntityType() == EntityType.ACCOUNT) {
final OffsetDateTime now = OffsetDateTime.now();
final OffsetDateTime from = now.minusMinutes(config.getCheckPeriod());
exchangeAttemptsRepository.findByEntityAndTimestamp(authMessage.getEntityId(), from).thenAccept(attempts -> {
final long failedCount = attempts.stream().filter(attempt -> !attempt.isSuccessful()).count();
if (failedCount >= config.getMaxAttempts()) {
LOG.info("Account {} had {} failed attempts in the past {} minutes; a lock will be placed", authMessage.getEntityId(), attempts.size(), config.getCheckPeriod());
final AccountLockBO lock = AccountLockBO.builder().accountId(authMessage.getEntityId()).expiresAt(now.plusMinutes(config.getLockPeriod())).build();
accountLocksService.create(lock);
}
});
} else {
LOG.info("Skipping entity auth message for entity of type {}", authMessage.getEntityType());
}
}
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLockerTest method onMessageLock.
@Test
void onMessageLock() {
// data
final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
final Message<Object> message = Message.builder().eventType(EventType.AUTHENTICATION).bodyType(AuthMessage.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
// mocks
Mockito.when(exchangeAttemptsRepository.findByEntityAndTimestamp(Mockito.any(), Mockito.any())).thenReturn(CompletableFuture.completedFuture(Arrays.asList(ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build())));
// call
accountLocker.onMessage(message);
// verify
final ArgumentCaptor<OffsetDateTime> timeArgumentCaptor = ArgumentCaptor.forClass(OffsetDateTime.class);
final ArgumentCaptor<AccountLockBO> accountLockArgumentCaptor = ArgumentCaptor.forClass(AccountLockBO.class);
Mockito.verify(exchangeAttemptsRepository).findByEntityAndTimestamp(Mockito.eq("account"), timeArgumentCaptor.capture());
assertThat(timeArgumentCaptor.getValue()).isBetween(OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).minusMinutes(1), OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).plusMinutes(1));
Mockito.verify(accountLocksService).create(accountLockArgumentCaptor.capture());
assertThat(accountLockArgumentCaptor.getValue().getAccountId()).isEqualTo(authMessage.getEntityId());
assertThat(accountLockArgumentCaptor.getValue().getExpiresAt()).isBetween(OffsetDateTime.now().plusMinutes(config.getLockPeriod()).minusMinutes(1), OffsetDateTime.now().plusMinutes(config.getLockPeriod()).plusMinutes(1));
}
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLockerTest method onMessageAuthWrongBodyType.
@Test
void onMessageAuthWrongBodyType() {
// data
final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
final Message<Object> message = Message.builder().eventType(EventType.AUTHENTICATION).bodyType(ImmutableAccountLockerConfig.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
// call
accountLocker.onMessage(message);
// verify
Mockito.verifyZeroInteractions(exchangeAttemptsRepository, accountLocksService);
}
Aggregations