Search in sources :

Example 6 with AuthorityEntity

use of com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity in project webauthn4j-spring-security by webauthn4j.

the class AppSpecificMapper method mapToProfileForm.

public ProfileForm mapToProfileForm(UserEntity userEntity) {
    ProfileForm profileForm = new ProfileForm();
    profileForm.setId(userEntity.getId());
    profileForm.setUserHandle(mapToBase64Url(userEntity.getUserHandle()));
    profileForm.setFirstName(userEntity.getFirstName());
    profileForm.setLastName(userEntity.getLastName());
    profileForm.setEmailAddress(userEntity.getEmailAddress());
    // authenticators
    profileForm.setAuthenticators(new ArrayList<>());
    mapToAuthenticatorFormList(userEntity.getAuthenticators(), profileForm.getAuthenticators());
    profileForm.setSingleFactorAuthenticationAllowed(userEntity.getAuthorities().stream().anyMatch(authorityEntity -> authorityEntity.getAuthority().equals("SINGLE_FACTOR_AUTHN_ALLOWED")));
    return profileForm;
}
Also used : WebAuthnSampleEntityNotFoundException(com.webauthn4j.springframework.security.webauthn.sample.domain.exception.WebAuthnSampleEntityNotFoundException) Arrays(java.util.Arrays) AuthenticatorForm(com.webauthn4j.springframework.security.webauthn.sample.app.api.AuthenticatorForm) ProfileCreateForm(com.webauthn4j.springframework.security.webauthn.sample.app.api.ProfileCreateForm) ProfileForm(com.webauthn4j.springframework.security.webauthn.sample.app.api.ProfileForm) UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) AuthenticatorEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthenticatorEntity) Autowired(org.springframework.beans.factory.annotation.Autowired) Base64UrlUtil(com.webauthn4j.util.Base64UrlUtil) ArrayList(java.util.ArrayList) Component(org.springframework.stereotype.Component) List(java.util.List) PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity) ProfileUpdateForm(com.webauthn4j.springframework.security.webauthn.sample.app.api.ProfileUpdateForm) ProfileForm(com.webauthn4j.springframework.security.webauthn.sample.app.api.ProfileForm)

Example 7 with AuthorityEntity

use of com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity in project webauthn4j-spring-security by webauthn4j.

the class WithMockWebAuthnUserSecurityContextFactory method createSecurityContext.

/**
 * Create a {@link SecurityContext} given an Annotation.
 *
 * @param user the {@link WithMockWebAuthnUser} to create the {@link SecurityContext}
 *             from. Cannot be null.
 * @return the {@link SecurityContext} to use. Cannot be null.
 */
@Override
public SecurityContext createSecurityContext(WithMockWebAuthnUser user) {
    SecurityContext context = SecurityContextHolder.createEmptyContext();
    List<AuthorityEntity> authorities = Arrays.stream(user.authorities()).map((name) -> new AuthorityEntity(null, name)).collect(Collectors.toList());
    List<GroupEntity> groups = Arrays.stream(user.groups()).map(GroupEntity::new).collect(Collectors.toList());
    List<AuthenticatorEntity> authenticatorEntities = Arrays.stream(user.authenticators()).map((name) -> {
        AuthenticatorEntity authenticatorEntity = new AuthenticatorEntity();
        authenticatorEntity.setName(name);
        return authenticatorEntity;
    }).collect(Collectors.toList());
    UserEntity principal = new UserEntity();
    principal.setId(user.id());
    principal.setUserHandle(Base64UrlUtil.decode(user.userHandleBase64Url()));
    principal.setFirstName(user.firstName());
    principal.setLastName(user.lastName());
    principal.setEmailAddress(user.emailAddress());
    principal.setGroups(groups);
    principal.setAuthorities(authorities);
    principal.setAuthenticators(authenticatorEntities);
    principal.setLocked(user.locked());
    WebAuthnAuthenticationRequest request = mock(WebAuthnAuthenticationRequest.class);
    Authentication auth = new WebAuthnAuthenticationToken(principal, request, principal.getAuthorities());
    context.setAuthentication(auth);
    return context;
}
Also used : Arrays(java.util.Arrays) UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) GroupEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.GroupEntity) WithSecurityContextFactory(org.springframework.security.test.context.support.WithSecurityContextFactory) AuthenticatorEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthenticatorEntity) Base64UrlUtil(com.webauthn4j.util.Base64UrlUtil) Collectors(java.util.stream.Collectors) WebAuthnAuthenticationToken(com.webauthn4j.springframework.security.WebAuthnAuthenticationToken) List(java.util.List) WebAuthnAuthenticationRequest(com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest) SecurityContext(org.springframework.security.core.context.SecurityContext) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity) Authentication(org.springframework.security.core.Authentication) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) Mockito.mock(org.mockito.Mockito.mock) AuthenticatorEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthenticatorEntity) WebAuthnAuthenticationRequest(com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest) GroupEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.GroupEntity) Authentication(org.springframework.security.core.Authentication) SecurityContext(org.springframework.security.core.context.SecurityContext) UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) WebAuthnAuthenticationToken(com.webauthn4j.springframework.security.WebAuthnAuthenticationToken) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity)

Example 8 with AuthorityEntity

use of com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity in project webauthn4j-spring-security by webauthn4j.

the class AuthorityServiceImpl method update.

@Override
public AuthorityEntity update(AuthorityUpdateDto authorityUpdateDto) {
    AuthorityEntity retrievedAuthorityEntity = authorityEntityRepository.findById(authorityUpdateDto.getId()).orElseThrow(() -> new WebAuthnSampleEntityNotFoundException("Authority not found."));
    List<UserEntity> userEntityList = userEntityRepository.findAllById(authorityUpdateDto.getUsers());
    List<GroupEntity> groupEntityList = groupEntityRepository.findAllById(authorityUpdateDto.getGroups());
    retrievedAuthorityEntity.setUsers(userEntityList);
    retrievedAuthorityEntity.setGroups(groupEntityList);
    return retrievedAuthorityEntity;
}
Also used : WebAuthnSampleEntityNotFoundException(com.webauthn4j.springframework.security.webauthn.sample.domain.exception.WebAuthnSampleEntityNotFoundException) GroupEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.GroupEntity) UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity)

Example 9 with AuthorityEntity

use of com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity in project webauthn4j-spring-security by webauthn4j.

the class ProfileControllerTest method show_test.

@Test
@WithMockWebAuthnUser(id = 1, firstName = "John", lastName = "Doe", emailAddress = "john.doe@example.com", authorities = { "ROLE_USER" }, authenticators = {})
public void show_test() throws Exception {
    int userId = 1;
    UserEntity userEntity = new UserEntity();
    userEntity.setUserHandle(new byte[0]);
    userEntity.setId(userId);
    userEntity.setFirstName("John");
    userEntity.setLastName("Doe");
    userEntity.setEmailAddress("john.doe@example.com");
    userEntity.setAuthenticators(Collections.emptyList());
    userEntity.setAuthorities(Collections.singletonList(new AuthorityEntity(0, "SINGLE_FACTOR_AUTHN_ALLOWED")));
    when(profileAppService.findOne(userId)).thenReturn(userEntity);
    // When
    mvc.perform(get("/api/profile")).andExpect(status().isOk()).andExpect(jsonPath("$.id", is(1))).andExpect(jsonPath("$.userHandle", is(""))).andExpect(jsonPath("$.firstName", is("John"))).andExpect(jsonPath("$.lastName", is("Doe"))).andExpect(jsonPath("$.emailAddress", is("john.doe@example.com"))).andExpect(jsonPath("$.authenticators", is(empty()))).andExpect(jsonPath("$.singleFactorAuthenticationAllowed", is(true)));
}
Also used : UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity) WithMockWebAuthnUser(com.webauthn4j.springframework.security.webauthn.sample.test.WithMockWebAuthnUser) Test(org.junit.Test) WebMvcTest(org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)

Example 10 with AuthorityEntity

use of com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity in project webauthn4j-spring-security by webauthn4j.

the class ProfileControllerTest method update_test.

@Test
@WithMockWebAuthnUser(id = 1, firstName = "John", lastName = "Doe", emailAddress = "john.doe@example.com", authorities = { "ROLE_USER" }, authenticators = {})
public void update_test() throws Exception {
    int userId = 1;
    byte[] userHandle = UUIDUtil.convertUUIDToBytes(UUID.randomUUID());
    ProfileUpdateForm userUpdateForm = new ProfileUpdateForm();
    userUpdateForm.setUserHandle(Base64UrlUtil.encodeToString(userHandle));
    userUpdateForm.setFirstName("John");
    userUpdateForm.setLastName("Smith");
    userUpdateForm.setEmailAddress("john.smith@example.com");
    userUpdateForm.setAuthenticators(Collections.emptyList());
    userUpdateForm.setSingleFactorAuthenticationAllowed(true);
    UserEntity userEntity = new UserEntity();
    userEntity.setId(userId);
    userEntity.setUserHandle(userHandle);
    userEntity.setId(userId);
    userEntity.setFirstName("John");
    userEntity.setLastName("Smith");
    userEntity.setEmailAddress("john.smith@example.com");
    userEntity.setAuthenticators(Collections.emptyList());
    userEntity.setAuthorities(Collections.singletonList(new AuthorityEntity(0, "SINGLE_FACTOR_AUTHN_ALLOWED")));
    when(profileAppService.update(anyInt(), any())).thenReturn(userEntity);
    // When
    mvc.perform(put("/api/profile").contentType(MediaType.APPLICATION_JSON).content(objectMapper.writeValueAsString(userUpdateForm)).with(SecurityMockMvcRequestPostProcessors.csrf())).andExpect(status().isOk()).andExpect(jsonPath("$.id", is(1))).andExpect(jsonPath("$.userHandle", is(Base64UrlUtil.encodeToString(userHandle)))).andExpect(jsonPath("$.firstName", is("John"))).andExpect(jsonPath("$.lastName", is("Smith"))).andExpect(jsonPath("$.emailAddress", is("john.smith@example.com"))).andExpect(jsonPath("$.authenticators", is(empty()))).andExpect(jsonPath("$.singleFactorAuthenticationAllowed", is(true)));
    verify(profileAppService).update(anyInt(), any());
}
Also used : UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity) WithMockWebAuthnUser(com.webauthn4j.springframework.security.webauthn.sample.test.WithMockWebAuthnUser) Test(org.junit.Test) WebMvcTest(org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)

Aggregations

AuthorityEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity)10 UserEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity)7 GroupEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.GroupEntity)4 WebAuthnSampleEntityNotFoundException (com.webauthn4j.springframework.security.webauthn.sample.domain.exception.WebAuthnSampleEntityNotFoundException)4 Test (org.junit.Test)3 WebMvcTest (org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)3 AuthenticatorForm (com.webauthn4j.springframework.security.webauthn.sample.app.api.AuthenticatorForm)2 AuthenticatorEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthenticatorEntity)2 WithMockWebAuthnUser (com.webauthn4j.springframework.security.webauthn.sample.test.WithMockWebAuthnUser)2 Base64UrlUtil (com.webauthn4j.util.Base64UrlUtil)2 ArrayList (java.util.ArrayList)2 Arrays (java.util.Arrays)2 List (java.util.List)2 WebAuthnAuthenticationRequest (com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest)1 WebAuthnAuthenticationToken (com.webauthn4j.springframework.security.WebAuthnAuthenticationToken)1 ProfileCreateForm (com.webauthn4j.springframework.security.webauthn.sample.app.api.ProfileCreateForm)1 ProfileForm (com.webauthn4j.springframework.security.webauthn.sample.app.api.ProfileForm)1 ProfileUpdateForm (com.webauthn4j.springframework.security.webauthn.sample.app.api.ProfileUpdateForm)1 Collectors (java.util.stream.Collectors)1 Mockito.mock (org.mockito.Mockito.mock)1