use of io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldNotUpdateStatus_UnknownRequestId.
@Test
public void shouldNotUpdateStatus_UnknownRequestId() {
final String STATE = "state";
final String EXTERNAL_ID = "externalId";
final String AUTH_REQ_ID = "auth_red_id";
final boolean requestValidated = new Random().nextBoolean();
AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse(EXTERNAL_ID, STATE, requestValidated))));
final JWT stateJwt = new JWT();
stateJwt.setJti(EXTERNAL_ID);
when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.just(stateJwt));
final CibaAuthRequest cibaRequest = new CibaAuthRequest();
cibaRequest.setId(AUTH_REQ_ID);
when(this.requestRepository.findByExternalId(EXTERNAL_ID)).thenReturn(Maybe.empty());
final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
observer.awaitTerminalEvent();
observer.assertError(InvalidRequestException.class);
verify(clientService).findByClientId(any());
verify(jwtService).decodeAndVerify(anyString(), any(Client.class));
verify(requestRepository, never()).updateStatus(any(), any());
}
use of io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldUpdateAuthReqStatus.
@Test
public void shouldUpdateAuthReqStatus() {
final String STATE = "state";
final String EXTERNAL_ID = "externalId";
final String AUTH_REQ_ID = "auth_red_id";
final boolean requestValidated = new Random().nextBoolean();
AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse(EXTERNAL_ID, STATE, requestValidated))));
final JWT stateJwt = new JWT();
stateJwt.setJti(EXTERNAL_ID);
when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.just(stateJwt));
final CibaAuthRequest cibaRequest = new CibaAuthRequest();
cibaRequest.setId(AUTH_REQ_ID);
when(this.requestRepository.findByExternalId(EXTERNAL_ID)).thenReturn(Maybe.just(cibaRequest));
final String status = requestValidated ? AuthenticationRequestStatus.SUCCESS.name() : AuthenticationRequestStatus.REJECTED.name();
when(this.requestRepository.updateStatus(AUTH_REQ_ID, status)).thenReturn(Single.just(cibaRequest));
final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
observer.awaitTerminalEvent();
observer.assertNoErrors();
verify(requestRepository).updateStatus(AUTH_REQ_ID, status);
}
use of io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestCallbackHandler method handle.
@Override
public void handle(RoutingContext context) {
final ADCallbackContext adCallbackContext = new ADCallbackContext(context.request().headers(), context.request().params());
authRequestService.validateUserResponse(adCallbackContext).doOnComplete(() -> context.response().setStatusCode(HttpStatusCode.OK_200).end()).doOnError(error -> {
LOGGER.warn("Authentication Request validation can't be processed", error);
if (error instanceof OAuth2Exception) {
context.fail(HttpStatusCode.BAD_REQUEST_400, error);
} else {
context.fail(HttpStatusCode.INTERNAL_SERVER_ERROR_500);
}
}).subscribe();
}
use of io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldNotUpdateStatus_StateMismatch.
@Test
public void shouldNotUpdateStatus_StateMismatch() {
final String STATE = "state";
final String EXTERNAL_ID = "externalId";
final boolean requestValidated = new Random().nextBoolean();
AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse("unknown", STATE, requestValidated))));
final JWT stateJwt = new JWT();
stateJwt.setJti(EXTERNAL_ID);
when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.just(stateJwt));
final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
observer.awaitTerminalEvent();
observer.assertError(InvalidRequestException.class);
verify(clientService).findByClientId(any());
verify(requestRepository, never()).updateStatus(any(), any());
}
use of io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldNotUpdateStatus_InvalidSignature.
@Test
public void shouldNotUpdateStatus_InvalidSignature() {
final String STATE = "state";
final String EXTERNAL_ID = "externalId";
final boolean requestValidated = new Random().nextBoolean();
AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse(EXTERNAL_ID, STATE, requestValidated))));
final JWT stateJwt = new JWT();
stateJwt.setJti(EXTERNAL_ID);
when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.error(new InvalidTokenException()));
final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
observer.awaitTerminalEvent();
observer.assertError(InvalidRequestException.class);
verify(clientService).findByClientId(any());
verify(requestRepository, never()).updateStatus(any(), any());
}
Aggregations