use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class OtpProviderTest method generateToken.
@Test
void generateToken() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.ALPHANUMERIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final AccountBO account = random.nextObject(AccountBO.class).withActive(true);
final AuthResponseBO expected = AuthResponseBO.builder().type("otp").entityType(EntityType.ACCOUNT).entityId(account.getId()).build();
final AuthResponseBO generated = otpProvider.generateToken(account);
assertThat(generated).isEqualToIgnoringGivenFields(expected, "token");
assertThat(generated.getToken()).isNotNull();
final ArgumentCaptor<OneTimePasswordDO> argumentCaptor = ArgumentCaptor.forClass(OneTimePasswordDO.class);
Mockito.verify(mockOtpRepository).save(argumentCaptor.capture());
final OneTimePasswordDO persisted = argumentCaptor.getValue();
assertThat(persisted.getAccountId()).isEqualTo(account.getId());
assertThat(persisted.getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
assertThat(persisted.getId()).isNotNull();
assertThat(persisted.getPassword()).isNotNull();
assertThat(persisted.getPassword()).hasSize(6);
Mockito.verify(messageBus, Mockito.times(1)).publish(eq("otp"), any());
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class OtpProviderTest method generateNumeric.
@Test
void generateNumeric() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.NUMERIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final AccountBO account = random.nextObject(AccountBO.class).withActive(true);
final AuthResponseBO expected = AuthResponseBO.builder().type("otp").entityType(EntityType.ACCOUNT).entityId(account.getId()).build();
final AuthResponseBO generated = otpProvider.generateToken(account);
assertThat(generated).isEqualToIgnoringGivenFields(expected, "token");
assertThat(generated.getToken()).isNotNull();
final ArgumentCaptor<OneTimePasswordDO> argumentCaptor = ArgumentCaptor.forClass(OneTimePasswordDO.class);
Mockito.verify(mockOtpRepository).save(argumentCaptor.capture());
final OneTimePasswordDO persisted = argumentCaptor.getValue();
assertThat(persisted.getAccountId()).isEqualTo(account.getId());
assertThat(persisted.getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
assertThat(persisted.getId()).isNotNull();
assertThat(persisted.getPassword()).isNotNull();
assertThat(persisted.getPassword()).hasSize(6);
for (final char ch : persisted.getPassword().toCharArray()) {
assertThat(Character.isAlphabetic(ch)).isFalse();
}
Mockito.verify(messageBus, Mockito.times(1)).publish(eq("otp"), any());
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class OtpProviderTest method generateAlphabetic.
@Test
void generateAlphabetic() {
final OtpConfig otpConfig = OtpConfig.builder().mode(OtpMode.ALPHABETIC).length(6).lifeTime("5m").build();
setup(otpConfig);
final AccountBO account = random.nextObject(AccountBO.class).withActive(true);
final AuthResponseBO expected = AuthResponseBO.builder().type("otp").entityType(EntityType.ACCOUNT).entityId(account.getId()).build();
final AuthResponseBO generated = otpProvider.generateToken(account);
assertThat(generated).isEqualToIgnoringGivenFields(expected, "token");
assertThat(generated.getToken()).isNotNull();
final ArgumentCaptor<OneTimePasswordDO> argumentCaptor = ArgumentCaptor.forClass(OneTimePasswordDO.class);
Mockito.verify(mockOtpRepository).save(argumentCaptor.capture());
final OneTimePasswordDO persisted = argumentCaptor.getValue();
assertThat(persisted.getAccountId()).isEqualTo(account.getId());
assertThat(persisted.getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
assertThat(persisted.getId()).isNotNull();
assertThat(persisted.getPassword()).isNotNull();
assertThat(persisted.getPassword()).hasSize(6);
for (final char ch : persisted.getPassword().toCharArray()) {
assertThat(Character.isDigit(ch)).isFalse();
}
Mockito.verify(messageBus, Mockito.times(1)).publish(eq("otp"), any());
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class ActionTokenServiceImplTest method generateOtp.
@Test
void generateOtp() {
final AccountBO accountBO = AccountBO.builder().id("account").build();
final AuthResponseBO otpResponse = AuthResponseBO.builder().token("password-id").build();
Mockito.when(accountsService.getById("account")).thenReturn(Optional.of(accountBO));
Mockito.when(otpProvider.generateToken(accountBO)).thenReturn(otpResponse);
final Try<AuthResponseBO> response = actionTokenService.generateOtp("account");
assertThat(response.isSuccess());
assertThat(response.get()).isEqualTo(otpResponse);
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class AuthenticationServiceImpl method authenticate.
@Override
public Optional<AuthResponseBO> authenticate(final AuthRequestBO authRequest, final RequestContextBO requestContext) {
final AuthResponseBO tokens = exchangeService.exchange(authRequest, FROM_TOKEN_TYPE, generateTokenType, requestContext);
final Collection<AccountLockBO> locks = accountLocksService.getActiveLocksByAccountId(tokens.getEntityId());
if (locks == null || locks.isEmpty()) {
return Optional.of(tokens);
} else {
throw new ServiceAuthorizationException(ErrorCode.ACCOUNT_IS_LOCKED, "There is an active lock on account " + tokens.getEntityId());
}
}
Aggregations