use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAuthorizationManagerIntegrationTest method testPredicate.
@Test
public void testPredicate() {
loginAsAdmin(InitTestData.TEST_USER_1);
// prepare role
IdmRoleDto role = helper.createRole();
helper.createUuidPolicy(role.getId(), role.getId(), IdmBasePermission.READ);
helper.createBasePolicy(role.getId(), IdmBasePermission.AUTOCOMPLETE);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
// empty without login
IdmRoleFilter filter = new IdmRoleFilter();
assertEquals(0, roleService.find(filter, null, IdmBasePermission.READ).getTotalElements());
assertEquals(0, roleService.find(filter, null, IdmBasePermission.AUTOCOMPLETE).getTotalElements());
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
assertEquals(1, roleService.find(filter, null, IdmBasePermission.READ).getTotalElements());
assertEquals(roleService.find(null).getTotalElements(), roleService.find(filter, null, IdmBasePermission.AUTOCOMPLETE).getTotalElements());
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAuthorizationManagerIntegrationTest method testEvaluate.
@Test
public void testEvaluate() {
loginAsAdmin(InitTestData.TEST_USER_1);
// prepare role
IdmRoleDto role = helper.createRole();
helper.createBasePolicy(role.getId(), IdmBasePermission.READ);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
identity.setPassword(new GuardedString("heslo"));
identityService.save(identity);
// assign role
helper.createIdentityRole(identity, role);
logout();
//
// without login
assertFalse(manager.evaluate(role, IdmBasePermission.READ));
assertFalse(manager.evaluate(role, IdmBasePermission.UPDATE));
assertFalse(manager.evaluate(role, IdmBasePermission.ADMIN));
assertFalse(manager.evaluate(role, IdmBasePermission.AUTOCOMPLETE));
//
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
//
// evaluate access
assertTrue(manager.evaluate(role, IdmBasePermission.READ));
assertFalse(manager.evaluate(role, IdmBasePermission.UPDATE));
assertFalse(manager.evaluate(role, IdmBasePermission.ADMIN));
assertFalse(manager.evaluate(role, IdmBasePermission.AUTOCOMPLETE));
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class LoginControllerRestTest method testFailLoginCounter.
@Test
@Transactional
public void testFailLoginCounter() throws Exception {
IdmIdentityDto identity = testHelper.createIdentity(new GuardedString("SafePassword"));
// Unsuccessful attempts
tryLogin(identity.getUsername(), "hgjgjh").andExpect(status().is(HttpStatus.UNAUTHORIZED.value()));
tryLogin(identity.getUsername(), "hgjgjh").andExpect(status().is(HttpStatus.UNAUTHORIZED.value()));
tryLogin(identity.getUsername(), "hgjgjh").andExpect(status().is(HttpStatus.UNAUTHORIZED.value()));
assertEquals(3, passwordService.findOneByIdentity(identity.getUsername()).getUnsuccessfulAttempts());
// Successful attempt
LoginDto loginDto = new LoginDto();
loginDto.setUsername(identity.getUsername());
loginDto.setPassword(new GuardedString("SafePassword"));
loginController.login(loginDto);
//
assertEquals(0, passwordService.findOneByIdentity(identity.getUsername()).getUnsuccessfulAttempts());
//
logout();
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class LoginControllerTest method testSuccesfulLogIn.
@Test
public void testSuccesfulLogIn() throws Exception {
LoginDto loginDto = new LoginDto();
loginDto.setUsername(InitTestData.TEST_ADMIN_USERNAME);
loginDto.setPassword(new GuardedString(InitTestData.TEST_ADMIN_PASSWORD));
Resource<LoginDto> response = loginController.login(loginDto);
IdmJwtAuthenticationDto authentication = response.getContent().getAuthentication();
assertNotNull(authentication);
assertEquals(InitTestData.TEST_ADMIN_USERNAME, authentication.getCurrentUsername());
assertEquals(InitTestData.TEST_ADMIN_USERNAME, authentication.getOriginalUsername());
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class LoginControllerTest method testBadCredentialsLogIn.
@Test(expected = AuthenticationException.class)
public void testBadCredentialsLogIn() {
LoginDto loginDto = new LoginDto();
loginDto.setUsername(InitTestData.TEST_ADMIN_USERNAME);
loginDto.setPassword(new GuardedString("wrong_pass"));
loginController.login(loginDto);
}
Aggregations