Examples with TwoFactorRegistrationResponseDto eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto used on opensource projects

Search in sources :

Example 6 with TwoFactorRegistrationResponseDto

use of eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto in project CzechIdMng by bcvsolutions.

the class DefaultTwoFactorAuthenticationManagerIntegrationTest method testAuthenticateTokenNotFound.

@Test(expected = ResultCodeException.class)
public void testAuthenticateTokenNotFound() {
    // password is needed
    IdmIdentityDto identity = getHelper().createIdentity();
    // 
    TwoFactorRegistrationResponseDto initResponse = manager.init(identity.getId(), TwoFactorAuthenticationType.NOTIFICATION);
    Assert.assertNotNull(initResponse);
    Assert.assertNotNull(initResponse.getVerificationSecret());
    Assert.assertEquals(identity.getUsername(), initResponse.getUsername());
    Assert.assertNull(initResponse.getQrcode());
    // 
    // confirm
    TwoFactorRegistrationConfirmDto confirm = new TwoFactorRegistrationConfirmDto();
    confirm.setVerificationSecret(new GuardedString(initResponse.getVerificationSecret()));
    confirm.setVerificationCode(manager.generateCode(new GuardedString(initResponse.getVerificationSecret())));
    confirm.setTwoFactorAuthenticationType(TwoFactorAuthenticationType.NOTIFICATION);
    Assert.assertTrue(manager.confirm(identity.getId(), confirm));
    Assert.assertEquals(initResponse.getVerificationSecret(), getHelper().getPassword(identity).getVerificationSecret());
    // 
    LoginDto loginDto = new LoginDto();
    loginDto.setUsername(identity.getUsername());
    loginDto.setPassword(manager.generateCode(identity.getId()));
    // 
    manager.authenticate(loginDto);
}
Also used : TwoFactorRegistrationConfirmDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationConfirmDto) TwoFactorRegistrationResponseDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 7 with TwoFactorRegistrationResponseDto

use of eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto in project CzechIdMng by bcvsolutions.

the class DefaultTwoFactorAuthenticationManagerIntegrationTest method testNotRequireTwoFactorAuthenticationWithVerifiedToken.

@Test
public void testNotRequireTwoFactorAuthenticationWithVerifiedToken() {
    // password is needed
    IdmIdentityDto identity = getHelper().createIdentity();
    // 
    TwoFactorRegistrationResponseDto initResponse = manager.init(identity.getId(), TwoFactorAuthenticationType.NOTIFICATION);
    Assert.assertNotNull(initResponse);
    Assert.assertNotNull(initResponse.getVerificationSecret());
    Assert.assertEquals(identity.getUsername(), initResponse.getUsername());
    Assert.assertNull(initResponse.getQrcode());
    // 
    // confirm
    TwoFactorRegistrationConfirmDto confirm = new TwoFactorRegistrationConfirmDto();
    confirm.setVerificationSecret(new GuardedString(initResponse.getVerificationSecret()));
    confirm.setVerificationCode(manager.generateCode(new GuardedString(initResponse.getVerificationSecret())));
    confirm.setTwoFactorAuthenticationType(TwoFactorAuthenticationType.NOTIFICATION);
    Assert.assertTrue(manager.confirm(identity.getId(), confirm));
    Assert.assertEquals(initResponse.getVerificationSecret(), getHelper().getPassword(identity).getVerificationSecret());
    // 
    IdmTokenDto token = createToken(identity, true);
    // 
    Assert.assertFalse(manager.requireTwoFactorAuthentication(identity.getId(), token.getId()));
}
Also used : IdmTokenDto(eu.bcvsolutions.idm.core.api.dto.IdmTokenDto) TwoFactorRegistrationConfirmDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationConfirmDto) TwoFactorRegistrationResponseDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 8 with TwoFactorRegistrationResponseDto

use of eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto in project CzechIdMng by bcvsolutions.

the class DefaultTwoFactorAuthenticationManagerIntegrationTest method testAuthenticateMustChangePassword.

@Test(expected = MustChangePasswordException.class)
public void testAuthenticateMustChangePassword() {
    // password is needed
    IdmIdentityDto identity = getHelper().createIdentity();
    IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
    password.setMustChange(true);
    passwordService.save(password);
    // 
    TwoFactorRegistrationResponseDto initResponse = manager.init(identity.getId(), TwoFactorAuthenticationType.NOTIFICATION);
    Assert.assertNotNull(initResponse);
    Assert.assertNotNull(initResponse.getVerificationSecret());
    Assert.assertEquals(identity.getUsername(), initResponse.getUsername());
    Assert.assertNull(initResponse.getQrcode());
    // 
    // confirm
    TwoFactorRegistrationConfirmDto confirm = new TwoFactorRegistrationConfirmDto();
    confirm.setVerificationSecret(new GuardedString(initResponse.getVerificationSecret()));
    confirm.setVerificationCode(manager.generateCode(new GuardedString(initResponse.getVerificationSecret())));
    confirm.setTwoFactorAuthenticationType(TwoFactorAuthenticationType.NOTIFICATION);
    Assert.assertTrue(manager.confirm(identity.getId(), confirm));
    Assert.assertEquals(initResponse.getVerificationSecret(), getHelper().getPassword(identity).getVerificationSecret());
    // 
    LoginDto loginDto = new LoginDto();
    loginDto.setUsername(identity.getUsername());
    loginDto.setPassword(identity.getPassword());
    // creadentials are valid
    Assert.assertTrue(authenticationManager.validate(loginDto));
    // but two factor authentication is required
    String token = null;
    try {
        authenticationManager.authenticate(loginDto);
    } catch (TwoFactorAuthenticationRequiredException ex) {
        token = ex.getToken();
    }
    Assert.assertNotNull(token);
    // 
    loginDto.setToken(token);
    loginDto.setPassword(manager.generateCode(identity.getId()));
    manager.authenticate(loginDto);
}
Also used : TwoFactorRegistrationConfirmDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationConfirmDto) TwoFactorRegistrationResponseDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) TwoFactorAuthenticationRequiredException(eu.bcvsolutions.idm.core.security.api.exception.TwoFactorAuthenticationRequiredException) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 9 with TwoFactorRegistrationResponseDto

use of eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto in project CzechIdMng by bcvsolutions.

the class LoginControllerRestTest method testMustChangePasswordAfterTwoFactorLogin.

@Test
public void testMustChangePasswordAfterTwoFactorLogin() throws Exception {
    IdmIdentityDto identity = getHelper().createIdentity();
    IdmProfileDto profile = getHelper().createProfile(identity);
    IdmRoleDto role = getHelper().createRole();
    getHelper().createIdentityRole(identity, role);
    getHelper().createBasePolicy(role.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.READ);
    // login
    Map<String, String> login = new HashMap<>();
    login.put("username", identity.getUsername());
    login.put("password", identity.getPassword().asString());
    String response = getMockMvc().perform(post(BaseController.BASE_PATH + LoginController.AUTH_PATH).content(serialize(login)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    String token = getToken(response);
    // 
    // init two factor authentication by profile controller
    response = getMockMvc().perform(put(BaseController.BASE_PATH + "/profiles/" + profile.getId() + "/two-factor/init").param(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME, token).param("twoFactorAuthenticationType", TwoFactorAuthenticationType.APPLICATION.name()).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    TwoFactorRegistrationResponseDto twoFactorInit = getMapper().readValue(response, TwoFactorRegistrationResponseDto.class);
    Assert.assertNotNull(twoFactorInit);
    Assert.assertNotNull(twoFactorInit.getVerificationSecret());
    // 
    // confirm two factor authentication by profile controller
    Map<String, String> twoFactorConfirm = new HashMap<>();
    twoFactorConfirm.put("verificationCode", twoFactorAuthenticationManager.generateCode(new GuardedString(twoFactorInit.getVerificationSecret())).asString());
    twoFactorConfirm.put("verificationSecret", twoFactorInit.getVerificationSecret());
    twoFactorConfirm.put("twoFactorAuthenticationType", TwoFactorAuthenticationType.APPLICATION.name());
    response = getMockMvc().perform(put(BaseController.BASE_PATH + "/profiles/" + profile.getId() + "/two-factor/confirm").param(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME, token).content(serialize(twoFactorConfirm)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    IdmProfileDto updatedProfile = getMapper().readValue(response, IdmProfileDto.class);
    Assert.assertNotNull(updatedProfile);
    Assert.assertEquals(TwoFactorAuthenticationType.APPLICATION, updatedProfile.getTwoFactorAuthenticationType());
    // 
    // set password must change
    IdmPasswordDto password = getHelper().getPassword(identity);
    password.setMustChange(true);
    passwordService.save(password);
    // 
    // login as identity again
    response = getMockMvc().perform(post(BaseController.BASE_PATH + LoginController.AUTH_PATH).content(serialize(login)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isUnauthorized()).andReturn().getResponse().getContentAsString();
    // 
    // get token form response
    token = getMapper().readTree(response).get("_errors").get(0).get("parameters").get("token").asText();
    Assert.assertNotNull(token);
    // 
    // two factor authentication
    Map<String, String> twoFactorLogin = new HashMap<>();
    GuardedString generateCode = twoFactorAuthenticationManager.generateCode(identity.getId());
    Assert.assertTrue(twoFactorAuthenticationManager.verifyCode(identity.getId(), generateCode));
    twoFactorLogin.put("verificationCode", generateCode.asString());
    twoFactorLogin.put("token", token);
    getMockMvc().perform(post(BaseController.BASE_PATH + "/authentication/two-factor").content(serialize(twoFactorLogin)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isUnauthorized());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) HashMap(java.util.HashMap) TwoFactorRegistrationResponseDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AbstractRestTest(eu.bcvsolutions.idm.test.api.AbstractRestTest) Test(org.junit.Test)

Example 10 with TwoFactorRegistrationResponseDto

use of eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto in project CzechIdMng by bcvsolutions.

the class LoginControllerRestTest method testTwoFactorLogin.

@Test
public void testTwoFactorLogin() throws Exception {
    IdmIdentityDto identity = getHelper().createIdentity();
    IdmProfileDto profile = getHelper().createProfile(identity);
    IdmRoleDto role = getHelper().createRole();
    getHelper().createIdentityRole(identity, role);
    getHelper().createBasePolicy(role.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.READ);
    // login
    Map<String, String> login = new HashMap<>();
    login.put("username", identity.getUsername());
    login.put("password", identity.getPassword().asString());
    String response = getMockMvc().perform(post(BaseController.BASE_PATH + LoginController.AUTH_PATH).content(serialize(login)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    String token = getToken(response);
    // 
    // init two factor authentication by profile controller
    response = getMockMvc().perform(put(BaseController.BASE_PATH + "/profiles/" + profile.getId() + "/two-factor/init").param(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME, token).param("twoFactorAuthenticationType", TwoFactorAuthenticationType.APPLICATION.name()).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    TwoFactorRegistrationResponseDto twoFactorInit = getMapper().readValue(response, TwoFactorRegistrationResponseDto.class);
    Assert.assertNotNull(twoFactorInit);
    Assert.assertNotNull(twoFactorInit.getVerificationSecret());
    // 
    // confirm two factor authentication by profile controller
    Map<String, String> twoFactorConfirm = new HashMap<>();
    twoFactorConfirm.put("verificationCode", twoFactorAuthenticationManager.generateCode(new GuardedString(twoFactorInit.getVerificationSecret())).asString());
    twoFactorConfirm.put("verificationSecret", twoFactorInit.getVerificationSecret());
    twoFactorConfirm.put("twoFactorAuthenticationType", TwoFactorAuthenticationType.APPLICATION.name());
    response = getMockMvc().perform(put(BaseController.BASE_PATH + "/profiles/" + profile.getId() + "/two-factor/confirm").param(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME, token).content(serialize(twoFactorConfirm)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    IdmProfileDto updatedProfile = getMapper().readValue(response, IdmProfileDto.class);
    Assert.assertNotNull(updatedProfile);
    Assert.assertEquals(TwoFactorAuthenticationType.APPLICATION, updatedProfile.getTwoFactorAuthenticationType());
    Assert.assertEquals(TwoFactorAuthenticationType.APPLICATION, twoFactorAuthenticationManager.getTwoFactorAuthenticationType(identity.getId()));
    // 
    // login as identity again
    response = getMockMvc().perform(post(BaseController.BASE_PATH + LoginController.AUTH_PATH).content(serialize(login)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isUnauthorized()).andReturn().getResponse().getContentAsString();
    // 
    // get token form response
    token = getMapper().readTree(response).get("_errors").get(0).get("parameters").get("token").asText();
    Assert.assertNotNull(token);
    // 
    // two factor authentication
    Map<String, String> twoFactorLogin = new HashMap<>();
    GuardedString generateCode = twoFactorAuthenticationManager.generateCode(identity.getId());
    Assert.assertTrue(twoFactorAuthenticationManager.verifyCode(identity.getId(), generateCode));
    twoFactorLogin.put("verificationCode", generateCode.asString());
    twoFactorLogin.put("token", token);
    response = getMockMvc().perform(post(BaseController.BASE_PATH + "/authentication/two-factor").content(serialize(twoFactorLogin)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    token = getToken(response);
    // 
    // 
    // load identities with valid token
    getMockMvc().perform(get(BaseController.BASE_PATH + "/identities").param(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME, token).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) HashMap(java.util.HashMap) TwoFactorRegistrationResponseDto(eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AbstractRestTest(eu.bcvsolutions.idm.test.api.AbstractRestTest) Test(org.junit.Test)

Aggregations

IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)20 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)20 TwoFactorRegistrationResponseDto (eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationResponseDto)20 Test (org.junit.Test)19 TwoFactorRegistrationConfirmDto (eu.bcvsolutions.idm.core.security.api.dto.TwoFactorRegistrationConfirmDto)15 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)15 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)9 TwoFactorAuthenticationRequiredException (eu.bcvsolutions.idm.core.security.api.exception.TwoFactorAuthenticationRequiredException)8 IdmPasswordDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto)5 IdmProfileDto (eu.bcvsolutions.idm.core.api.dto.IdmProfileDto)4 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)4 AbstractRestTest (eu.bcvsolutions.idm.test.api.AbstractRestTest)4 HashMap (java.util.HashMap)4 IdmTokenDto (eu.bcvsolutions.idm.core.api.dto.IdmTokenDto)3 IdmJwtAuthentication (eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)2 CodeGenerationException (dev.samstevens.totp.exceptions.CodeGenerationException)1 QrData (dev.samstevens.totp.qr.QrData)1 EntityNotFoundException (eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException)1 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)1 MustChangePasswordException (eu.bcvsolutions.idm.core.security.api.exception.MustChangePasswordException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial