Example 1 with AuthMessage
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLockerTest method onMessageNotAuth.
@Test
void onMessageNotAuth() {
// data
final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
final Message<Object> message = Message.builder().eventType(EventType.EMAIL_VERIFICATION).bodyType(AuthMessage.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
// call
accountLocker.onMessage(message);
// verify
Mockito.verifyZeroInteractions(exchangeAttemptsRepository, accountLocksService);
}
Also used :
AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage)
Test(org.junit.jupiter.api.Test)
Example 2 with AuthMessage
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class ExchangeServiceImpl method exchangeSuccess.
private void exchangeSuccess(final AuthRequestBO authRequest, final RequestContextBO requestContext, final AuthResponseBO tokens, final String fromTokenType, final String toTokenType) {
final AuthMessage authMessage = AuthMessage.success(fromTokenType, toTokenType, tokens.getEntityType(), tokens.getEntityId());
final ExchangeAttemptBO attempt = createBaseAttempt(authRequest, requestContext).exchangeFrom(fromTokenType).exchangeTo(toTokenType).successful(true).entityId(tokens.getEntityId()).build();
exchangeAttemptsService.create(attempt);
emb.publish(CHANNEL, Messages.auth(authMessage));
}
Also used :
AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage)
Example 3 with AuthMessage
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLocker method processAuthMessage.
private void processAuthMessage(final AuthMessage authMessage) {
if (authMessage.getEntityType() == EntityType.ACCOUNT) {
final OffsetDateTime now = OffsetDateTime.now();
final OffsetDateTime from = now.minusMinutes(config.getCheckPeriod());
exchangeAttemptsRepository.findByEntityAndTimestamp(authMessage.getEntityId(), from).thenAccept(attempts -> {
final long failedCount = attempts.stream().filter(attempt -> !attempt.isSuccessful()).count();
if (failedCount >= config.getMaxAttempts()) {
LOG.info("Account {} had {} failed attempts in the past {} minutes; a lock will be placed", authMessage.getEntityId(), attempts.size(), config.getCheckPeriod());
final AccountLockBO lock = AccountLockBO.builder().accountId(authMessage.getEntityId()).expiresAt(now.plusMinutes(config.getLockPeriod())).build();
accountLocksService.create(lock);
}
});
} else {
LOG.info("Skipping entity auth message for entity of type {}", authMessage.getEntityType());
}
}
Also used :
Logger(org.slf4j.Logger)
EntityType(com.nexblocks.authguard.service.model.EntityType)
Inject(com.google.inject.Inject)
LoggerFactory(org.slf4j.LoggerFactory)
EventType(com.nexblocks.authguard.emb.model.EventType)
MessageSubscriber(com.nexblocks.authguard.emb.MessageSubscriber)
OffsetDateTime(java.time.OffsetDateTime)
AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage)
Channel(com.nexblocks.authguard.emb.annotations.Channel)
ExchangeAttemptsRepository(com.nexblocks.authguard.dal.persistence.ExchangeAttemptsRepository)
Message(com.nexblocks.authguard.emb.model.Message)
ConfigContext(com.nexblocks.authguard.config.ConfigContext)
Named(com.google.inject.name.Named)
ImmutableAccountLockerConfig(com.nexblocks.authguard.extensions.config.ImmutableAccountLockerConfig)
AccountLocksService(com.nexblocks.authguard.service.AccountLocksService)
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
OffsetDateTime(java.time.OffsetDateTime)
Example 4 with AuthMessage
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLockerTest method onMessageLock.
@Test
void onMessageLock() {
// data
final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
final Message<Object> message = Message.builder().eventType(EventType.AUTHENTICATION).bodyType(AuthMessage.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
// mocks
Mockito.when(exchangeAttemptsRepository.findByEntityAndTimestamp(Mockito.any(), Mockito.any())).thenReturn(CompletableFuture.completedFuture(Arrays.asList(ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build(), ExchangeAttemptDO.builder().build())));
// call
accountLocker.onMessage(message);
// verify
final ArgumentCaptor<OffsetDateTime> timeArgumentCaptor = ArgumentCaptor.forClass(OffsetDateTime.class);
final ArgumentCaptor<AccountLockBO> accountLockArgumentCaptor = ArgumentCaptor.forClass(AccountLockBO.class);
Mockito.verify(exchangeAttemptsRepository).findByEntityAndTimestamp(Mockito.eq("account"), timeArgumentCaptor.capture());
assertThat(timeArgumentCaptor.getValue()).isBetween(OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).minusMinutes(1), OffsetDateTime.now().minusMinutes(config.getCheckPeriod()).plusMinutes(1));
Mockito.verify(accountLocksService).create(accountLockArgumentCaptor.capture());
assertThat(accountLockArgumentCaptor.getValue().getAccountId()).isEqualTo(authMessage.getEntityId());
assertThat(accountLockArgumentCaptor.getValue().getExpiresAt()).isBetween(OffsetDateTime.now().plusMinutes(config.getLockPeriod()).minusMinutes(1), OffsetDateTime.now().plusMinutes(config.getLockPeriod()).plusMinutes(1));
}
Also used :
AccountLockBO(com.nexblocks.authguard.service.model.AccountLockBO)
OffsetDateTime(java.time.OffsetDateTime)
AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage)
Test(org.junit.jupiter.api.Test)
Example 5 with AuthMessage
use of com.nexblocks.authguard.service.messaging.AuthMessage in project AuthGuard by AuthGuard.
the class AccountLockerTest method onMessageAuthWrongBodyType.
@Test
void onMessageAuthWrongBodyType() {
// data
final AuthMessage authMessage = AuthMessage.success("basic", "session", EntityType.ACCOUNT, "account");
final Message<Object> message = Message.builder().eventType(EventType.AUTHENTICATION).bodyType(ImmutableAccountLockerConfig.class).messageBody(authMessage).timestamp(OffsetDateTime.now()).build();
// call
accountLocker.onMessage(message);
// verify
Mockito.verifyZeroInteractions(exchangeAttemptsRepository, accountLocksService);
}
Also used :
ImmutableAccountLockerConfig(com.nexblocks.authguard.extensions.config.ImmutableAccountLockerConfig)
AuthMessage(com.nexblocks.authguard.service.messaging.AuthMessage)
Test(org.junit.jupiter.api.Test)
Aggregations
AuthMessage (com.nexblocks.authguard.service.messaging.AuthMessage)8
Test (org.junit.jupiter.api.Test)5
OffsetDateTime (java.time.OffsetDateTime)3
ImmutableAccountLockerConfig (com.nexblocks.authguard.extensions.config.ImmutableAccountLockerConfig)2
AccountLockBO (com.nexblocks.authguard.service.model.AccountLockBO)2
Inject (com.google.inject.Inject)1
Named (com.google.inject.name.Named)1
ConfigContext (com.nexblocks.authguard.config.ConfigContext)1
ExchangeAttemptsRepository (com.nexblocks.authguard.dal.persistence.ExchangeAttemptsRepository)1
MessageSubscriber (com.nexblocks.authguard.emb.MessageSubscriber)1
Channel (com.nexblocks.authguard.emb.annotations.Channel)1
EventType (com.nexblocks.authguard.emb.model.EventType)1
Message (com.nexblocks.authguard.emb.model.Message)1
AccountLocksService (com.nexblocks.authguard.service.AccountLocksService)1
ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)1
EntityType (com.nexblocks.authguard.service.model.EntityType)1
Logger (org.slf4j.Logger)1
LoggerFactory (org.slf4j.LoggerFactory)1
