Example 1 with GitHubOAuth2AP
use of edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GitHubOAuth2AP in project dataverse by IQSS.
the class AuthUtilTest method testIsNonLocalLoginEnabled.
/**
* Test of isNonLocalLoginEnabled method, of class AuthUtil.
*/
@Test
public void testIsNonLocalLoginEnabled() {
System.out.println("isNonLocalLoginEnabled");
AuthUtil authUtil = new AuthUtil();
assertEquals(false, AuthUtil.isNonLocalLoginEnabled(null));
Collection<AuthenticationProvider> shibOnly = new HashSet<>();
shibOnly.add(new ShibAuthenticationProvider());
assertEquals(true, AuthUtil.isNonLocalLoginEnabled(shibOnly));
Collection<AuthenticationProvider> manyNonLocal = new HashSet<>();
manyNonLocal.add(new ShibAuthenticationProvider());
manyNonLocal.add(new GitHubOAuth2AP(null, null));
manyNonLocal.add(new GoogleOAuth2AP(null, null));
manyNonLocal.add(new OrcidOAuth2AP(null, null, null));
assertEquals(true, AuthUtil.isNonLocalLoginEnabled(manyNonLocal));
Collection<AuthenticationProvider> onlyBuiltin = new HashSet<>();
onlyBuiltin.add(new BuiltinAuthenticationProvider(null, null));
// only builtin provider
assertEquals(false, AuthUtil.isNonLocalLoginEnabled(onlyBuiltin));
}
Also used :
ShibAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.shib.ShibAuthenticationProvider)
GoogleOAuth2AP(edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GoogleOAuth2AP)
OrcidOAuth2AP(edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.OrcidOAuth2AP)
BuiltinAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider)
ShibAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.shib.ShibAuthenticationProvider)
BuiltinAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider)
GitHubOAuth2AP(edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GitHubOAuth2AP)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 2 with GitHubOAuth2AP
use of edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GitHubOAuth2AP in project dataverse by IQSS.
the class AdminIT method testConvertOAuthUserToBuiltin.
@Test
public void testConvertOAuthUserToBuiltin() throws Exception {
System.out.println("BEGIN testConvertOAuthUserToBuiltin");
Response createUserToConvert = UtilIT.createRandomUser();
createUserToConvert.prettyPrint();
long idOfUserToConvert = createUserToConvert.body().jsonPath().getLong("data.authenticatedUser.id");
String emailOfUserToConvert = createUserToConvert.body().jsonPath().getString("data.user.email");
String usernameOfUserToConvert = UtilIT.getUsernameFromResponse(createUserToConvert);
String password = usernameOfUserToConvert;
String newEmailAddressToUse = "builtin2shib." + UUID.randomUUID().toString().substring(0, 8) + "@mailinator.com";
GitHubOAuth2AP github = new GitHubOAuth2AP(null, null);
String providerIdToConvertTo = github.getId();
String newPersistentUserIdInLookupTable = UUID.randomUUID().toString().substring(0, 8);
String data = emailOfUserToConvert + ":" + password + ":" + newEmailAddressToUse + ":" + providerIdToConvertTo + ":" + newPersistentUserIdInLookupTable;
System.out.println("data: " + data);
Response builtinToOAuthAnon = UtilIT.migrateBuiltinToOAuth(data, "");
builtinToOAuthAnon.prettyPrint();
builtinToOAuthAnon.then().assertThat().statusCode(FORBIDDEN.getStatusCode());
Response createSuperuser = UtilIT.createRandomUser();
String superuserUsername = UtilIT.getUsernameFromResponse(createSuperuser);
String superuserApiToken = UtilIT.getApiTokenFromResponse(createSuperuser);
Response toggleSuperuser = UtilIT.makeSuperUser(superuserUsername);
toggleSuperuser.then().assertThat().statusCode(OK.getStatusCode());
Response getAuthProviders = UtilIT.getAuthProviders(superuserApiToken);
getAuthProviders.prettyPrint();
if (!getAuthProviders.body().asString().contains(BuiltinAuthenticationProvider.PROVIDER_ID)) {
System.out.println("Can't proceed with test without builtin provider.");
return;
}
Response makeOAuthUser = UtilIT.migrateBuiltinToOAuth(data, superuserApiToken);
makeOAuthUser.prettyPrint();
makeOAuthUser.then().assertThat().statusCode(OK.getStatusCode()).body("data.'changing to this provider'", equalTo("github")).body("data.'password supplied'", equalTo(password));
/**
* @todo Write more failing tests such as expecting a non-OK response if
* the OAuth user has an invalid email address:
* https://github.com/IQSS/dataverse/issues/2998
*/
Response oauthToBuiltinAnon = UtilIT.migrateOAuthToBuiltin(Long.MAX_VALUE, "", "");
oauthToBuiltinAnon.prettyPrint();
oauthToBuiltinAnon.then().assertThat().statusCode(FORBIDDEN.getStatusCode());
Response nonSuperuser = UtilIT.migrateOAuthToBuiltin(Long.MAX_VALUE, "", "");
nonSuperuser.prettyPrint();
nonSuperuser.then().assertThat().statusCode(FORBIDDEN.getStatusCode());
Response infoOfUserToConvert = UtilIT.getAuthenticatedUser(usernameOfUserToConvert, superuserApiToken);
infoOfUserToConvert.prettyPrint();
infoOfUserToConvert.then().assertThat().body("data.id", equalTo(Long.valueOf(idOfUserToConvert).intValue())).body("data.identifier", equalTo("@" + usernameOfUserToConvert)).body("data.persistentUserId", equalTo(newPersistentUserIdInLookupTable)).body("data.authenticationProviderId", equalTo("github")).statusCode(OK.getStatusCode());
String invalidEmailAddress = "invalidEmailAddress";
Response invalidEmailFail = UtilIT.migrateOAuthToBuiltin(idOfUserToConvert, invalidEmailAddress, superuserApiToken);
invalidEmailFail.prettyPrint();
invalidEmailFail.then().assertThat().body("status", equalTo("ERROR")).statusCode(BAD_REQUEST.getStatusCode());
String existingEmailAddress = "dataverse@mailinator.com";
Response existingEmailFail = UtilIT.migrateOAuthToBuiltin(idOfUserToConvert, existingEmailAddress, superuserApiToken);
existingEmailFail.prettyPrint();
existingEmailFail.then().assertThat().body("status", equalTo("ERROR")).body("message", equalTo("User id " + idOfUserToConvert + " could not be converted from remote to BuiltIn. Details from Exception: java.lang.Exception: User id " + idOfUserToConvert + " (@" + usernameOfUserToConvert + ") cannot be converted from remote to BuiltIn because the email address dataverse@mailinator.com is already in use by user id 1 (@dataverseAdmin). ")).statusCode(BAD_REQUEST.getStatusCode());
String newEmailAddress = UUID.randomUUID().toString().substring(0, 8) + "@mailinator.com";
Response shouldWork = UtilIT.migrateOAuthToBuiltin(idOfUserToConvert, newEmailAddress, superuserApiToken);
shouldWork.prettyPrint();
shouldWork.then().assertThat().body("data.username", notNullValue()).body("data.email", equalTo(newEmailAddress)).statusCode(OK.getStatusCode());
Response infoForUserConvertedToBuiltin = UtilIT.getAuthenticatedUser(usernameOfUserToConvert, superuserApiToken);
infoForUserConvertedToBuiltin.prettyPrint();
infoForUserConvertedToBuiltin.then().assertThat().body("data.id", equalTo(Long.valueOf(idOfUserToConvert).intValue())).body("data.identifier", equalTo("@" + usernameOfUserToConvert)).body("data.persistentUserId", equalTo(usernameOfUserToConvert)).body("data.authenticationProviderId", equalTo("builtin")).body("data.email", equalTo(newEmailAddress)).statusCode(OK.getStatusCode());
Response deleteUserToConvert = UtilIT.deleteUser(usernameOfUserToConvert);
assertEquals(200, deleteUserToConvert.getStatusCode());
Response deleteSuperuser = UtilIT.deleteUser(superuserUsername);
assertEquals(200, deleteSuperuser.getStatusCode());
}
Also used :
Response(com.jayway.restassured.response.Response)
UtilIT.getRandomString(edu.harvard.iq.dataverse.api.UtilIT.getRandomString)
GitHubOAuth2AP(edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GitHubOAuth2AP)
Test(org.junit.Test)
Example 3 with GitHubOAuth2AP
use of edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GitHubOAuth2AP in project dataverse by IQSS.
the class AuthenticationServiceBean method getAuthenticationProviderIdsSorted.
/**
* @todo Consider making the sort order configurable by making it a colum on
* AuthenticationProviderRow
*/
public List<String> getAuthenticationProviderIdsSorted() {
GitHubOAuth2AP github = new GitHubOAuth2AP(null, null);
GoogleOAuth2AP google = new GoogleOAuth2AP(null, null);
return Arrays.asList(BuiltinAuthenticationProvider.PROVIDER_ID, ShibAuthenticationProvider.PROVIDER_ID, OrcidOAuth2AP.PROVIDER_ID_PRODUCTION, OrcidOAuth2AP.PROVIDER_ID_SANDBOX, github.getId(), google.getId());
}
Also used :
GoogleOAuth2AP(edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GoogleOAuth2AP)
GitHubOAuth2AP(edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GitHubOAuth2AP)
Aggregations
GitHubOAuth2AP (edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GitHubOAuth2AP)3
GoogleOAuth2AP (edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.GoogleOAuth2AP)2
Test (org.junit.Test)2
Response (com.jayway.restassured.response.Response)1
UtilIT.getRandomString (edu.harvard.iq.dataverse.api.UtilIT.getRandomString)1
BuiltinAuthenticationProvider (edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider)1
OrcidOAuth2AP (edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.OrcidOAuth2AP)1
ShibAuthenticationProvider (edu.harvard.iq.dataverse.authorization.providers.shib.ShibAuthenticationProvider)1
HashSet (java.util.HashSet)1
