Search in sources :

Example 1 with UserAuthenticationManager

use of io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager in project gravitee-access-management by gravitee-io.

the class SocialAuthenticationProviderTest method shouldAuthenticateUser_sso_no_id_token.

@Test
public void shouldAuthenticateUser_sso_no_id_token() throws Exception {
    JsonObject credentials = new JsonObject();
    credentials.put("username", "my-user-id");
    credentials.put("password", "my-user-password");
    credentials.put("provider", "idp");
    credentials.put("additionalParameters", Collections.emptyMap());
    io.gravitee.am.identityprovider.api.User user = new io.gravitee.am.identityprovider.api.DefaultUser("username");
    Client client = new Client();
    client.setSingleSignOut(true);
    when(userAuthenticationManager.connect(any())).thenReturn(Single.just(new User()));
    when(authenticationProvider.loadUserByUsername(any(EndUserAuthentication.class))).thenReturn(Maybe.just(user));
    when(routingContext.get("client")).thenReturn(client);
    when(routingContext.get("provider")).thenReturn(authenticationProvider);
    when(routingContext.get("providerId")).thenReturn("idp");
    when(routingContext.request()).thenReturn(httpServerRequest);
    when(routingContext.data()).thenReturn(Map.of("id_token", "some_id_token"));
    final io.vertx.core.http.HttpServerRequest delegateRequest = mock(io.vertx.core.http.HttpServerRequest.class);
    when(httpServerRequest.getDelegate()).thenReturn(delegateRequest);
    when(delegateRequest.method()).thenReturn(HttpMethod.POST);
    CountDownLatch latch = new CountDownLatch(1);
    authProvider.authenticate(routingContext, credentials, userAsyncResult -> {
        latch.countDown();
        Assert.assertNotNull(userAsyncResult);
        Assert.assertNotNull(userAsyncResult.result());
    });
    assertTrue(latch.await(10, TimeUnit.SECONDS));
    verify(userAuthenticationManager, times(1)).connect(any());
    verify(eventManager).publishEvent(argThat(evt -> evt == AuthenticationEvent.SUCCESS), any());
}
Also used : Client(io.gravitee.am.model.oidc.Client) Mock(org.mockito.Mock) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) Single(io.reactivex.Single) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) Map(java.util.Map) JsonObject(io.vertx.core.json.JsonObject) User(io.gravitee.am.model.User) InjectMocks(org.mockito.InjectMocks) EventManager(io.gravitee.am.common.event.EventManager) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) TimeUnit(java.util.concurrent.TimeUnit) Matchers.any(org.mockito.Matchers.any) CountDownLatch(java.util.concurrent.CountDownLatch) Mockito(org.mockito.Mockito) AuthenticationEvent(io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) HttpMethod(io.vertx.core.http.HttpMethod) Assert(org.junit.Assert) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) Collections(java.util.Collections) User(io.gravitee.am.model.User) JsonObject(io.vertx.core.json.JsonObject) CountDownLatch(java.util.concurrent.CountDownLatch) Client(io.gravitee.am.model.oidc.Client) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) Test(org.junit.Test)

Example 2 with UserAuthenticationManager

use of io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager in project gravitee-access-management by gravitee-io.

the class SocialAuthenticationProviderTest method shouldAuthenticateUser_with_access_token_and_id_token.

@Test
public void shouldAuthenticateUser_with_access_token_and_id_token() throws Exception {
    JsonObject credentials = new JsonObject();
    credentials.put("username", "my-user-id");
    credentials.put("password", "my-user-password");
    credentials.put("provider", "idp");
    credentials.put("additionalParameters", Collections.emptyMap());
    io.gravitee.am.identityprovider.api.User user = new io.gravitee.am.identityprovider.api.DefaultUser("username");
    Client client = new Client();
    when(userAuthenticationManager.connect(any())).thenReturn(Single.just(new User()));
    when(authenticationProvider.loadUserByUsername(any(EndUserAuthentication.class))).thenReturn(Maybe.just(user));
    when(routingContext.get("client")).thenReturn(client);
    when(routingContext.get("provider")).thenReturn(authenticationProvider);
    when(routingContext.get("providerId")).thenReturn("idp");
    when(routingContext.request()).thenReturn(httpServerRequest);
    when(routingContext.data()).thenReturn(Map.of("access_token", "some_access_token", "id_token", "some_id_token"));
    final io.vertx.core.http.HttpServerRequest delegateRequest = mock(io.vertx.core.http.HttpServerRequest.class);
    when(httpServerRequest.getDelegate()).thenReturn(delegateRequest);
    when(delegateRequest.method()).thenReturn(HttpMethod.POST);
    CountDownLatch latch = new CountDownLatch(1);
    authProvider.authenticate(routingContext, credentials, userAsyncResult -> {
        latch.countDown();
        Assert.assertNotNull(userAsyncResult);
        Assert.assertNotNull(userAsyncResult.result());
    });
    assertTrue(latch.await(10, TimeUnit.SECONDS));
    verify(userAuthenticationManager, times(1)).connect(any());
    verify(eventManager).publishEvent(argThat(evt -> evt == AuthenticationEvent.SUCCESS), any());
}
Also used : Client(io.gravitee.am.model.oidc.Client) Mock(org.mockito.Mock) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) Single(io.reactivex.Single) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) Map(java.util.Map) JsonObject(io.vertx.core.json.JsonObject) User(io.gravitee.am.model.User) InjectMocks(org.mockito.InjectMocks) EventManager(io.gravitee.am.common.event.EventManager) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) TimeUnit(java.util.concurrent.TimeUnit) Matchers.any(org.mockito.Matchers.any) CountDownLatch(java.util.concurrent.CountDownLatch) Mockito(org.mockito.Mockito) AuthenticationEvent(io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) HttpMethod(io.vertx.core.http.HttpMethod) Assert(org.junit.Assert) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) Collections(java.util.Collections) User(io.gravitee.am.model.User) JsonObject(io.vertx.core.json.JsonObject) CountDownLatch(java.util.concurrent.CountDownLatch) Client(io.gravitee.am.model.oidc.Client) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) Test(org.junit.Test)

Example 3 with UserAuthenticationManager

use of io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager in project gravitee-access-management by gravitee-io.

the class SocialAuthenticationProviderTest method shouldAuthenticateUser_with_id_token_client_sso.

@Test
public void shouldAuthenticateUser_with_id_token_client_sso() throws Exception {
    JsonObject credentials = new JsonObject();
    credentials.put("username", "my-user-id");
    credentials.put("password", "my-user-password");
    credentials.put("provider", "idp");
    credentials.put("additionalParameters", Collections.emptyMap());
    io.gravitee.am.identityprovider.api.User user = new io.gravitee.am.identityprovider.api.DefaultUser("username");
    Client client = new Client();
    client.setSingleSignOut(true);
    when(userAuthenticationManager.connect(any())).thenReturn(Single.just(new User()));
    when(authenticationProvider.loadUserByUsername(any(EndUserAuthentication.class))).thenReturn(Maybe.just(user));
    when(routingContext.get("client")).thenReturn(client);
    when(routingContext.get("provider")).thenReturn(authenticationProvider);
    when(routingContext.get("providerId")).thenReturn("idp");
    when(routingContext.request()).thenReturn(httpServerRequest);
    when(routingContext.data()).thenReturn(Map.of("id_token", "some_id_token"));
    final io.vertx.core.http.HttpServerRequest delegateRequest = mock(io.vertx.core.http.HttpServerRequest.class);
    when(httpServerRequest.getDelegate()).thenReturn(delegateRequest);
    when(delegateRequest.method()).thenReturn(HttpMethod.POST);
    CountDownLatch latch = new CountDownLatch(1);
    authProvider.authenticate(routingContext, credentials, userAsyncResult -> {
        latch.countDown();
        Assert.assertNotNull(userAsyncResult);
        Assert.assertNotNull(userAsyncResult.result());
    });
    assertTrue(latch.await(10, TimeUnit.SECONDS));
    verify(userAuthenticationManager, times(1)).connect(any());
    verify(eventManager).publishEvent(argThat(evt -> evt == AuthenticationEvent.SUCCESS), any());
}
Also used : Client(io.gravitee.am.model.oidc.Client) Mock(org.mockito.Mock) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) Single(io.reactivex.Single) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) Map(java.util.Map) JsonObject(io.vertx.core.json.JsonObject) User(io.gravitee.am.model.User) InjectMocks(org.mockito.InjectMocks) EventManager(io.gravitee.am.common.event.EventManager) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) TimeUnit(java.util.concurrent.TimeUnit) Matchers.any(org.mockito.Matchers.any) CountDownLatch(java.util.concurrent.CountDownLatch) Mockito(org.mockito.Mockito) AuthenticationEvent(io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) HttpMethod(io.vertx.core.http.HttpMethod) Assert(org.junit.Assert) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) Collections(java.util.Collections) User(io.gravitee.am.model.User) JsonObject(io.vertx.core.json.JsonObject) CountDownLatch(java.util.concurrent.CountDownLatch) Client(io.gravitee.am.model.oidc.Client) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) Test(org.junit.Test)

Example 4 with UserAuthenticationManager

use of io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager in project gravitee-access-management by gravitee-io.

the class SocialAuthenticationProviderTest method shouldNotAuthenticateUser_noUser.

@Test
public void shouldNotAuthenticateUser_noUser() throws Exception {
    JsonObject credentials = new JsonObject();
    credentials.put("username", "my-user-id");
    credentials.put("password", "my-user-password");
    credentials.put("provider", "idp");
    Client client = new Client();
    when(authenticationProvider.loadUserByUsername(any(EndUserAuthentication.class))).thenReturn(Maybe.empty());
    when(routingContext.get("client")).thenReturn(client);
    when(routingContext.get("provider")).thenReturn(authenticationProvider);
    when(routingContext.request()).thenReturn(httpServerRequest);
    final io.vertx.core.http.HttpServerRequest delegateRequest = mock(io.vertx.core.http.HttpServerRequest.class);
    when(httpServerRequest.getDelegate()).thenReturn(delegateRequest);
    when(delegateRequest.method()).thenReturn(HttpMethod.POST);
    CountDownLatch latch = new CountDownLatch(1);
    authProvider.authenticate(routingContext, credentials, userAsyncResult -> {
        latch.countDown();
        Assert.assertNotNull(userAsyncResult);
        Assert.assertTrue(userAsyncResult.failed());
        Assert.assertTrue(userAsyncResult.cause() instanceof BadCredentialsException);
    });
    assertTrue(latch.await(10, TimeUnit.SECONDS));
    verify(userAuthenticationManager, never()).connect(any());
    verify(eventManager).publishEvent(argThat(evt -> evt == AuthenticationEvent.FAILURE), any());
}
Also used : Client(io.gravitee.am.model.oidc.Client) Mock(org.mockito.Mock) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) Single(io.reactivex.Single) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) Map(java.util.Map) JsonObject(io.vertx.core.json.JsonObject) User(io.gravitee.am.model.User) InjectMocks(org.mockito.InjectMocks) EventManager(io.gravitee.am.common.event.EventManager) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) TimeUnit(java.util.concurrent.TimeUnit) Matchers.any(org.mockito.Matchers.any) CountDownLatch(java.util.concurrent.CountDownLatch) Mockito(org.mockito.Mockito) AuthenticationEvent(io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) HttpMethod(io.vertx.core.http.HttpMethod) Assert(org.junit.Assert) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) Collections(java.util.Collections) JsonObject(io.vertx.core.json.JsonObject) Client(io.gravitee.am.model.oidc.Client) CountDownLatch(java.util.concurrent.CountDownLatch) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) Test(org.junit.Test)

Example 5 with UserAuthenticationManager

use of io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager in project gravitee-access-management by gravitee-io.

the class SocialAuthenticationProviderTest method shouldNotAuthenticateUser_badCredentials.

@Test
public void shouldNotAuthenticateUser_badCredentials() throws Exception {
    JsonObject credentials = new JsonObject();
    credentials.put("username", "my-user-id");
    credentials.put("password", "my-user-password");
    credentials.put("provider", "idp");
    Client client = new Client();
    when(authenticationProvider.loadUserByUsername(any(EndUserAuthentication.class))).thenReturn(Maybe.error(BadCredentialsException::new));
    when(routingContext.get("client")).thenReturn(client);
    when(routingContext.get("provider")).thenReturn(authenticationProvider);
    when(routingContext.request()).thenReturn(httpServerRequest);
    final io.vertx.core.http.HttpServerRequest delegateRequest = mock(io.vertx.core.http.HttpServerRequest.class);
    when(httpServerRequest.getDelegate()).thenReturn(delegateRequest);
    when(delegateRequest.method()).thenReturn(HttpMethod.POST);
    CountDownLatch latch = new CountDownLatch(1);
    authProvider.authenticate(routingContext, credentials, userAsyncResult -> {
        latch.countDown();
        Assert.assertNotNull(userAsyncResult);
        Assert.assertTrue(userAsyncResult.failed());
        Assert.assertTrue(userAsyncResult.cause() instanceof BadCredentialsException);
    });
    assertTrue(latch.await(10, TimeUnit.SECONDS));
    verify(userAuthenticationManager, never()).connect(any());
    verify(eventManager).publishEvent(argThat(evt -> evt == AuthenticationEvent.FAILURE), any());
}
Also used : Client(io.gravitee.am.model.oidc.Client) Mock(org.mockito.Mock) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) Single(io.reactivex.Single) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) Map(java.util.Map) JsonObject(io.vertx.core.json.JsonObject) User(io.gravitee.am.model.User) InjectMocks(org.mockito.InjectMocks) EventManager(io.gravitee.am.common.event.EventManager) HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) RoutingContext(io.vertx.reactivex.ext.web.RoutingContext) TimeUnit(java.util.concurrent.TimeUnit) Matchers.any(org.mockito.Matchers.any) CountDownLatch(java.util.concurrent.CountDownLatch) Mockito(org.mockito.Mockito) AuthenticationEvent(io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) HttpMethod(io.vertx.core.http.HttpMethod) Assert(org.junit.Assert) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) Collections(java.util.Collections) JsonObject(io.vertx.core.json.JsonObject) Client(io.gravitee.am.model.oidc.Client) CountDownLatch(java.util.concurrent.CountDownLatch) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) Test(org.junit.Test)

Aggregations

EventManager (io.gravitee.am.common.event.EventManager)6 BadCredentialsException (io.gravitee.am.common.exception.authentication.BadCredentialsException)6 AuthenticationEvent (io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent)6 EndUserAuthentication (io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication)6 UserAuthenticationManager (io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager)6 AuthenticationProvider (io.gravitee.am.identityprovider.api.AuthenticationProvider)6 User (io.gravitee.am.model.User)6 Client (io.gravitee.am.model.oidc.Client)6 Maybe (io.reactivex.Maybe)6 Single (io.reactivex.Single)6 HttpMethod (io.vertx.core.http.HttpMethod)6 JsonObject (io.vertx.core.json.JsonObject)6 HttpServerRequest (io.vertx.reactivex.core.http.HttpServerRequest)6 RoutingContext (io.vertx.reactivex.ext.web.RoutingContext)6 Collections (java.util.Collections)6 Map (java.util.Map)6 CountDownLatch (java.util.concurrent.CountDownLatch)6 TimeUnit (java.util.concurrent.TimeUnit)6 Assert (org.junit.Assert)6 Assert.assertTrue (org.junit.Assert.assertTrue)6