use of com.nexblocks.authguard.service.model.RequestContextBO in project AuthGuard by AuthGuard.
the class AuthRoute method exchange.
public void exchange(final Context context) {
final AuthRequestDTO authenticationRequest = authRequestBodyHandler.getValidated(context);
if (authenticationRequest.getDomain() != null && !ActorDomainVerifier.verifyActorDomain(context, authenticationRequest.getDomain())) {
return;
}
final String from = context.queryParam("from");
final String to = context.queryParam("to");
final RequestContextBO requestContext = RequestContextExtractor.extractWithoutIdempotentKey(context);
final AuthResponseBO tokens = exchangeService.exchange(restMapper.toBO(authenticationRequest), from, to, requestContext);
context.json(restMapper.toDTO(tokens));
}
use of com.nexblocks.authguard.service.model.RequestContextBO in project AuthGuard by AuthGuard.
the class OAuthService method getOrCreateAccount.
private AccountBO getOrCreateAccount(final OAuthServiceClient serviceClient, final String authorizationCode, final String idToken) {
final ImmutableOAuthClientConfiguration configuration = serviceClient.getConfiguration();
final DecodedJWT decoded = JWT.decode(idToken);
final String externalId = decoded.getSubject();
final Optional<AccountBO> account = accountsService.getByExternalId(externalId);
if (account.isPresent()) {
return account.get();
}
final AccountBO.Builder newAccount = AccountBO.builder().externalId(externalId).social(true).identityProvider(configuration.getProvider());
if (configuration.getEmailField() != null) {
final Claim emailClaim = decoded.getClaim(configuration.getEmailField());
if (!emailClaim.isNull()) {
newAccount.email(AccountEmailBO.builder().email(emailClaim.asString()).build());
}
}
final RequestContextBO requestContext = RequestContextBO.builder().source(configuration.getProvider()).idempotentKey(authorizationCode).build();
return accountsService.create(newAccount.build(), requestContext);
}
use of com.nexblocks.authguard.service.model.RequestContextBO in project AuthGuard by AuthGuard.
the class OAuthServiceTest method exchangeAuthorizationCodeAndCreateAccount.
@Test
void exchangeAuthorizationCodeAndCreateAccount() {
final RequestContextBO expectedContext = RequestContextBO.builder().idempotentKey("code").source("account_test").build();
Mockito.when(sessionsService.getByToken(Mockito.any())).thenAnswer(invocation -> {
final SessionBO session = SessionBO.builder().sessionToken(invocation.getArgument(0)).expiresAt(OffsetDateTime.now().plus(Duration.ofMinutes(2))).build();
return Optional.of(session);
});
Mockito.when(accountsService.create(Mockito.any(), Mockito.eq(expectedContext))).thenAnswer(invocation -> invocation.getArgument(0, AccountBO.class).withId("1"));
final TokensResponse actual = oAuthService.exchangeAuthorizationCode("account_test", "random", "code").join();
final TokensResponse expected = testIdentityServer.getSuccessResponse();
expected.setAccountId("1");
assertThat(actual).isEqualTo(expected);
}
use of com.nexblocks.authguard.service.model.RequestContextBO in project AuthGuard by AuthGuard.
the class AccountsApiTest method createWithCredentialsAllExist.
@Test
void createWithCredentialsAllExist() {
final CreateAccountRequestDTO accountRequest = CreateAccountRequestDTO.builder().externalId("external").email(AccountEmailDTO.builder().email("email@server.com").build()).domain("main").build();
final CreateCredentialsRequestDTO credentialsRequest = CreateCredentialsRequestDTO.builder().plainPassword("password").addIdentifiers(UserIdentifierDTO.builder().identifier("username").type(UserIdentifier.Type.USERNAME).build()).build();
final CreateCompleteAccountRequestDTO completeRequest = CreateCompleteAccountRequestDTO.builder().account(accountRequest).credentials(credentialsRequest).build();
final RequestContextBO requestContext = RequestContextBO.builder().idempotentKey(UUID.randomUUID().toString()).build();
final AccountBO accountBO = mapper().toBO(accountRequest);
final AccountBO accountResponse = accountBO.withId(UUID.randomUUID().toString());
final CredentialsBO credentialsBO = mapper().toBO(credentialsRequest).withAccountId(accountResponse.getId());
final CredentialsBO credentialsResponse = credentialsBO.withId(UUID.randomUUID().toString());
Mockito.when(accountsService.create(Mockito.eq(accountBO), Mockito.any())).thenThrow(new CompletionException(new IdempotencyException(IdempotentRecordBO.builder().entityId(accountResponse.getId()).build())));
Mockito.when(credentialsService.create(Mockito.eq(credentialsBO), Mockito.any())).thenThrow(new CompletionException(new IdempotencyException(IdempotentRecordBO.builder().entityId(credentialsResponse.getId()).build())));
LOG.info("Request {}", accountRequest);
final ValidatableResponse httpResponse = given().body(completeRequest).contentType(ContentType.JSON).header(IdempotencyHeader.HEADER_NAME, requestContext.getIdempotentKey()).post(url("complete")).then().statusCode(201).contentType(ContentType.JSON);
final CreateCompleteAccountResponseDTO response = httpResponse.extract().response().getBody().as(CreateCompleteAccountResponseDTO.class);
assertThat(response.getAccountId()).isEqualTo(accountResponse.getId());
assertThat(response.getCredentialsId()).isEqualTo(credentialsResponse.getId());
}
use of com.nexblocks.authguard.service.model.RequestContextBO in project AuthGuard by AuthGuard.
the class ApplicationsServiceImplTest method create.
@Test
void create() {
final AppBO app = random.nextObject(AppBO.class);
final String idempotentKey = "idempotent-key";
final RequestContextBO requestContext = RequestContextBO.builder().idempotentKey(idempotentKey).build();
Mockito.when(accountsService.getById(app.getParentAccountId())).thenReturn(Optional.of(random.nextObject(AccountBO.class)));
Mockito.when(applicationsRepository.save(any())).thenAnswer(invocation -> CompletableFuture.completedFuture(invocation.getArgument(0, AppDO.class)));
Mockito.when(idempotencyService.performOperation(Mockito.any(), Mockito.eq(idempotentKey), Mockito.eq(app.getEntityType()))).thenAnswer(invocation -> {
return CompletableFuture.completedFuture(invocation.getArgument(0, Supplier.class).get());
});
final AppBO created = applicationsService.create(app, requestContext);
final List<PermissionBO> expectedPermissions = app.getPermissions().stream().map(permission -> permission.withEntityType(null)).collect(Collectors.toList());
assertThat(created).isEqualToIgnoringGivenFields(app.withPermissions(expectedPermissions), "id", "createdAt", "lastModified", "entityType");
Mockito.verify(messageBus, Mockito.times(1)).publish(eq("apps"), any());
}
Aggregations