Search in sources :

Example 6 with AuthRequestBO

use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.

the class OtpServiceImplTest method authenticate.

@Test
void authenticate() {
    final OtpConfig otpConfig = OtpConfig.builder().generateToken("accessToken").build();
    setup(otpConfig);
    final OneTimePasswordDO otp = random.nextObject(OneTimePasswordDO.class);
    final AuthResponseBO tokens = random.nextObject(AuthResponseBO.class);
    final String otpToken = otp.getId() + ":" + otp.getPassword();
    final AuthRequestBO authRequest = AuthRequestBO.builder().token(otpToken).build();
    final RequestContextBO requestContext = RequestContextBO.builder().build();
    Mockito.when(mockExchangeService.exchange(authRequest, "otp", otpConfig.getGenerateToken(), requestContext)).thenReturn(tokens);
    final AuthResponseBO generated = otpService.authenticate(otp.getId(), otp.getPassword(), requestContext);
    assertThat(generated).isEqualTo(tokens);
}
Also used : RequestContextBO(com.nexblocks.authguard.service.model.RequestContextBO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) OtpConfig(com.nexblocks.authguard.basic.config.OtpConfig) OneTimePasswordDO(com.nexblocks.authguard.dal.model.OneTimePasswordDO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) Test(org.junit.jupiter.api.Test)

Example 7 with AuthRequestBO

use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.

the class AuthRouteTest method authenticateUnsuccessful.

@Test
void authenticateUnsuccessful() {
    final AuthRequestDTO requestDTO = randomObject(AuthRequestDTO.class);
    final AuthRequestBO requestBO = restMapper.toBO(requestDTO);
    final RequestContextBO requestContext = RequestContextBO.builder().build();
    Mockito.when(authenticationService.authenticate(requestBO, requestContext)).thenReturn(Optional.empty());
    given().body(requestDTO).post(url("authenticate")).then().statusCode(400);
}
Also used : RequestContextBO(com.nexblocks.authguard.service.model.RequestContextBO) AuthRequestDTO(com.nexblocks.authguard.api.dto.requests.AuthRequestDTO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) Test(org.junit.jupiter.api.Test)

Example 8 with AuthRequestBO

use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.

the class ActionTokensRoute method createToken.

@Override
public void createToken(final Context context) {
    final ActionTokenRequestDTO request = actionTokenRequestBodyHandler.getValidated(context);
    final Try<ActionTokenBO> result;
    if (request.getType() == ActionTokenRequestType.OTP) {
        result = actionTokenService.generateFromOtp(request.getOtp().getPasswordId(), request.getOtp().getPassword(), request.getAction());
    } else {
        final AuthRequestBO authRequest = restMapper.toBO(request.getBasic());
        result = actionTokenService.generateFromBasicAuth(authRequest, request.getAction());
    }
    if (result.isFailure()) {
        throw (ServiceException) result.getCause();
    }
    context.status(201).json(restMapper.toDTO(result.get()));
}
Also used : ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException) ActionTokenRequestDTO(com.nexblocks.authguard.api.dto.requests.ActionTokenRequestDTO) ActionTokenBO(com.nexblocks.authguard.service.model.ActionTokenBO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO)

Example 9 with AuthRequestBO

use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.

the class RefreshToAccessTokenTest method exchangeWithRestrictions.

@Test
void exchangeWithRestrictions() {
    // data
    final String accountId = "account";
    final String refreshToken = "refresh_token";
    final String restrictionPermission = "permission.read";
    final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
    final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).tokenRestrictions(TokenRestrictionsDO.builder().permissions(Collections.singleton(restrictionPermission)).scopes(Collections.emptySet()).build()).build();
    final AccountBO account = AccountBO.builder().id(accountId).build();
    final AuthResponseBO newTokens = AuthResponseBO.builder().token("new_token").refreshToken("new_refresh_token").build();
    // mock
    Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.of(account));
    Mockito.when(accessTokenProvider.generateToken(account, TokenRestrictionsBO.builder().addPermissions(restrictionPermission).build())).thenReturn(newTokens);
    // do
    final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
    // assert
    assertThat(actual.isRight()).isTrue();
    assertThat(actual.right().get()).isEqualTo(newTokens);
    Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Example 10 with AuthRequestBO

use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.

the class RefreshToAccessTokenTest method exchangeNoAccount.

@Test
void exchangeNoAccount() {
    // data
    final String accountId = "account";
    final String refreshToken = "refresh_token";
    final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
    final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).build();
    // mock
    Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.empty());
    // do
    final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
    // assert
    assertThat(actual.isLeft()).isTrue();
    assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
    Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Also used : AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Aggregations

AuthRequestBO (com.nexblocks.authguard.service.model.AuthRequestBO)14 Test (org.junit.jupiter.api.Test)13 AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)11 AccountTokenDO (com.nexblocks.authguard.dal.model.AccountTokenDO)6 ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)6 AccountBO (com.nexblocks.authguard.service.model.AccountBO)5 RequestContextBO (com.nexblocks.authguard.service.model.RequestContextBO)4 AuthRequestDTO (com.nexblocks.authguard.api.dto.requests.AuthRequestDTO)2 ActionTokenBO (com.nexblocks.authguard.service.model.ActionTokenBO)2 AuthResponseDTO (com.nexblocks.authguard.api.dto.entities.AuthResponseDTO)1 ActionTokenRequestDTO (com.nexblocks.authguard.api.dto.requests.ActionTokenRequestDTO)1 OtpConfig (com.nexblocks.authguard.basic.config.OtpConfig)1 OneTimePasswordDO (com.nexblocks.authguard.dal.model.OneTimePasswordDO)1 ServiceException (com.nexblocks.authguard.service.exceptions.ServiceException)1 ValidatableResponse (io.restassured.response.ValidatableResponse)1 HashSet (java.util.HashSet)1