Example 21 with IdmJwtAuthentication
use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.
the class LoginControllerRestTest method testCasLoginResponse.
@Test
public void testCasLoginResponse() throws Exception {
// without login
getMockMvc().perform(get(BaseController.BASE_PATH + LoginController.AUTH_PATH + LoginController.CAS_LOGIN_RESPONSE_PATH).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isFound()).andExpect(MockMvcResultMatchers.redirectedUrl(LoginController.CAS_LOGIN_RESPONSE_PATH + "?status-code=" + CoreResultCode.LOG_IN_FAILED.getCode().toLowerCase()));
// with login
try {
loginAsAdmin();
IdmTokenDto currentToken = tokenManager.getCurrentToken();
IdmJwtAuthentication authentication = jwtTokenMapper.fromDto(currentToken);
String token = jwtTokenMapper.writeToken(authentication);
//
getMockMvc().perform(get(BaseController.BASE_PATH + LoginController.AUTH_PATH + LoginController.CAS_LOGIN_RESPONSE_PATH).header(JwtAuthenticationMapper.AUTHENTICATION_TOKEN_NAME, token).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isFound());
} finally {
logout();
}
}
Also used :
IdmTokenDto(eu.bcvsolutions.idm.core.api.dto.IdmTokenDto)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AbstractRestTest(eu.bcvsolutions.idm.test.api.AbstractRestTest)
Test(org.junit.Test)
Example 22 with IdmJwtAuthentication
use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.
the class DefaultTwoFactorAuthenticationManagerIntegrationTest method testAuthenticateTokenExpired.
@Test(expected = ResultCodeException.class)
public void testAuthenticateTokenExpired() throws Exception {
// password is needed
IdmIdentityDto identity = getHelper().createIdentity();
//
TwoFactorRegistrationResponseDto initResponse = manager.init(identity.getId(), TwoFactorAuthenticationType.NOTIFICATION);
Assert.assertNotNull(initResponse);
Assert.assertNotNull(initResponse.getVerificationSecret());
Assert.assertEquals(identity.getUsername(), initResponse.getUsername());
Assert.assertNull(initResponse.getQrcode());
//
// confirm
TwoFactorRegistrationConfirmDto confirm = new TwoFactorRegistrationConfirmDto();
confirm.setVerificationSecret(new GuardedString(initResponse.getVerificationSecret()));
confirm.setVerificationCode(manager.generateCode(new GuardedString(initResponse.getVerificationSecret())));
confirm.setTwoFactorAuthenticationType(TwoFactorAuthenticationType.NOTIFICATION);
Assert.assertTrue(manager.confirm(identity.getId(), confirm));
Assert.assertEquals(initResponse.getVerificationSecret(), getHelper().getPassword(identity).getVerificationSecret());
//
LoginDto loginDto = new LoginDto();
loginDto.setUsername(identity.getUsername());
loginDto.setPassword(identity.getPassword());
// creadentials are valid
Assert.assertTrue(authenticationManager.validate(loginDto));
// but two factor authentication is required
String token = null;
try {
authenticationManager.authenticate(loginDto);
} catch (TwoFactorAuthenticationRequiredException ex) {
token = ex.getToken();
}
Assert.assertNotNull(token);
//
// set token expiration
IdmJwtAuthentication jwt = jwtAuthenticationMapper.readToken(token);
jwt.setExpiration(ZonedDateTime.now().minusDays(1));
token = jwtAuthenticationMapper.writeToken(jwt);
//
loginDto.setToken(token);
loginDto.setPassword(manager.generateCode(identity.getId()));
//
manager.authenticate(loginDto);
}
Also used :
TwoFactorRegistrationConfirmDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationConfirmDto)
TwoFactorRegistrationResponseDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
TwoFactorAuthenticationRequiredException(eu.bcvsolutions.idm.core.security.api.exception.TwoFactorAuthenticationRequiredException)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 23 with IdmJwtAuthentication
use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.
the class OAuthAuthenticationManagerUnitTest method testAuthSuccess.
/**
* Successful authentication
*/
@Test
public void testAuthSuccess() {
IdmIdentityDto i = getTestIdentity();
IdmJwtAuthentication authentication = getAuthentication(UUID.randomUUID(), i, ZonedDateTime.now().plusHours(1), ZonedDateTime.now());
doNothing().when(workflowIdentityService).setAuthenticatedUserId(USER_NAME);
doNothing().when(securityService).setAuthentication(authentication);
IdmTokenDto token = new IdmTokenDto(authentication.getId());
token.setOwnerId(i.getId());
when(tokenService.get(authentication.getId())).thenReturn(token);
when(cacheManager.getValue(TokenManager.TOKEN_CACHE_NAME, token.getId())).thenReturn(null);
Authentication auth = authManager.authenticate(authentication);
Assert.assertEquals(USER_NAME, auth.getName());
Assert.assertEquals(USER_NAME, auth.getPrincipal());
Assert.assertTrue(auth.getAuthorities().isEmpty());
verify(workflowIdentityService).setAuthenticatedUserId(USER_NAME);
verify(securityService).setAuthentication(authentication);
verify(tokenService).get(authentication.getId());
verify(cacheManager).getValue(TokenManager.TOKEN_CACHE_NAME, token.getId());
}
Also used :
IdmTokenDto(eu.bcvsolutions.idm.core.api.dto.IdmTokenDto)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
Authentication(org.springframework.security.core.Authentication)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Test(org.junit.Test)
AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)
Example 24 with IdmJwtAuthentication
use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.
the class OAuthAuthenticationManagerUnitTest method testAuthExpired.
/**
* Expired tokens are not accepted.
*/
@Test(expected = ResultCodeException.class)
public void testAuthExpired() {
IdmIdentityDto i = getTestIdentity();
IdmTokenDto token = new IdmTokenDto(UUID.randomUUID());
token.setExpiration(ZonedDateTime.now().minusHours(1));
when(tokenService.get(token.getId())).thenReturn(token);
when(cacheManager.getValue(TokenManager.TOKEN_CACHE_NAME, token.getId())).thenReturn(null);
IdmJwtAuthentication authentication = getAuthentication(token.getId(), i, ZonedDateTime.now().minusHours(1), ZonedDateTime.now().plusHours(2));
authManager.authenticate(authentication);
Assert.fail("Cannot authenticate with expired token.");
}
Also used :
IdmTokenDto(eu.bcvsolutions.idm.core.api.dto.IdmTokenDto)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Test(org.junit.Test)
AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)
Example 25 with IdmJwtAuthentication
use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.
the class AbstractIntegrationTest method loginWithout.
/**
* Login as user without authorities given in parameter authorities.
*
* @param user
* @param authorities
*/
public void loginWithout(String user, String... authorities) {
Collection<GrantedAuthority> authoritiesWithout = IdmAuthorityUtils.toAuthorities(moduleService.getAvailablePermissions()).stream().filter(authority -> {
for (String auth : authorities) {
if (auth.equals(authority.getAuthority())) {
return false;
}
}
return true;
}).collect(Collectors.toList());
IdmIdentityDto identity = (IdmIdentityDto) lookupService.getDtoLookup(IdmIdentityDto.class).lookup(user);
SecurityContextHolder.getContext().setAuthentication(new IdmJwtAuthentication(identity, null, authoritiesWithout, "test"));
}
Also used :
AbstractEntityRepository(eu.bcvsolutions.idm.core.api.repository.AbstractEntityRepository)
BeforeClass(org.junit.BeforeClass)
WebEnvironment(org.springframework.boot.test.context.SpringBootTest.WebEnvironment)
RunWith(org.junit.runner.RunWith)
Autowired(org.springframework.beans.factory.annotation.Autowired)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
BaseEntity(eu.bcvsolutions.idm.core.api.entity.BaseEntity)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
IdmAuthorityUtils(eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
After(org.junit.After)
TransactionContextHolder(eu.bcvsolutions.idm.core.api.domain.TransactionContextHolder)
IdmLongRunningTaskFilter(eu.bcvsolutions.idm.core.scheduler.api.dto.filter.IdmLongRunningTaskFilter)
Assume(org.junit.Assume)
ModuleService(eu.bcvsolutions.idm.core.api.service.ModuleService)
SpringRunner(org.springframework.test.context.junit4.SpringRunner)
IdmLongRunningTaskService(eu.bcvsolutions.idm.core.scheduler.api.service.IdmLongRunningTaskService)
SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder)
Before(org.junit.Before)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager)
Collection(java.util.Collection)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmEntityEventFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityEventFilter)
IdmCacheManager(eu.bcvsolutions.idm.core.api.service.IdmCacheManager)
ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
Ignore(org.junit.Ignore)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
PlatformTransactionManager(org.springframework.transaction.PlatformTransactionManager)
TransactionTemplate(org.springframework.transaction.support.TransactionTemplate)
TransactionStatus(org.springframework.transaction.TransactionStatus)
BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto)
TransactionCallback(org.springframework.transaction.support.TransactionCallback)
IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)
IdmApplication(eu.bcvsolutions.idm.IdmApplication)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Rollback(org.springframework.test.annotation.Rollback)
Transactional(org.springframework.transaction.annotation.Transactional)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Aggregations
IdmJwtAuthentication (eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)31
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)22
Test (org.junit.Test)14
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)10
GrantedAuthority (org.springframework.security.core.GrantedAuthority)10
AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)8
Collection (java.util.Collection)8
IdmTokenDto (eu.bcvsolutions.idm.core.api.dto.IdmTokenDto)7
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)7
UUID (java.util.UUID)7
Collectors (java.util.stream.Collectors)7
Autowired (org.springframework.beans.factory.annotation.Autowired)7
ModuleService (eu.bcvsolutions.idm.core.api.service.ModuleService)6
IdmGroupPermission (eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)6
IdmAuthorityUtils (eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils)6
Before (org.junit.Before)6
SecurityContextHolder (org.springframework.security.core.context.SecurityContextHolder)6
IdmJwtAuthenticationDto (eu.bcvsolutions.idm.core.security.api.dto.IdmJwtAuthenticationDto)4
LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)4
After (org.junit.After)4
