Search in sources :

Example 1 with AuthenticationProvider

use of io.gravitee.am.identityprovider.api.AuthenticationProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationServiceTest method shouldLoadPreAuthenticatedUser_subjectRequest_enhance_defer.

@Test
public void shouldLoadPreAuthenticatedUser_subjectRequest_enhance_defer() {
    final User existingUser = new User();
    existingUser.setId(UUID.randomUUID().toString());
    existingUser.setUsername("username");
    existingUser.setAccountNonLocked(true);
    var request = mock(Request.class);
    when(userService.findById(existingUser.getId())).thenReturn(Maybe.just(existingUser));
    when(identityProviderManager.get(any())).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.empty();
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    when(userService.enhance(existingUser)).thenReturn(Single.just(existingUser));
    TestObserver<User> testObserver = userAuthenticationService.loadPreAuthenticatedUser(existingUser.getId(), request).test();
    testObserver.awaitTerminalEvent();
    testObserver.assertComplete();
    testObserver.assertValue(user1 -> user1.equals(existingUser));
}
Also used : User(io.gravitee.am.model.User) Authentication(io.gravitee.am.identityprovider.api.Authentication) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) Test(org.junit.Test)

Example 2 with AuthenticationProvider

use of io.gravitee.am.identityprovider.api.AuthenticationProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_singleIdentityProvider.

@Test
public void shouldAuthenticateUser_singleIdentityProvider() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(false);
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username"));
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 3 with AuthenticationProvider

use of io.gravitee.am.identityprovider.api.AuthenticationProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_multipleIdentityProvider.

@Test
public void shouldAuthenticateUser_multipleIdentityProvider() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1", "idp-2"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    IdentityProvider identityProvider2 = new IdentityProvider();
    identityProvider2.setId("idp-2");
    when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(false);
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            throw new BadCredentialsException();
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    when(identityProviderManager.getIdentityProvider("idp-2")).thenReturn(identityProvider2);
    when(identityProviderManager.get("idp-2")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username"));
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 4 with AuthenticationProvider

use of io.gravitee.am.identityprovider.api.AuthenticationProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_singleIdentityProvider_PasswordExipry.

@Test
public void shouldAuthenticateUser_singleIdentityProvider_PasswordExipry() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(true);
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.awaitTerminalEvent();
    observer.assertError(AccountPasswordExpiredException.class);
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.FAILURE), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 5 with AuthenticationProvider

use of io.gravitee.am.identityprovider.api.AuthenticationProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_multipleIDPs_firstPriorityIdentityProvider.

@Test
public void shouldAuthenticateUser_multipleIDPs_firstPriorityIdentityProvider() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1", "idp-2"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    IdentityProvider identityProvider2 = new IdentityProvider();
    identityProvider2.setId("idp-2");
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username1"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    when(identityProviderManager.getIdentityProvider("idp-2")).thenReturn(identityProvider2);
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username1"));
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
    client.setIdentityProviders(getApplicationIdentityProviders(false, "idp-1", "idp-2"));
    when(identityProviderManager.get("idp-2")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username2"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username2"));
    verify(eventManager, times(2)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationContext(io.gravitee.am.identityprovider.api.AuthenticationContext) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Aggregations

AuthenticationProvider (io.gravitee.am.identityprovider.api.AuthenticationProvider)31 Test (org.junit.Test)23 User (io.gravitee.am.model.User)16 Client (io.gravitee.am.model.oidc.Client)16 IdentityProvider (io.gravitee.am.model.IdentityProvider)14 DefaultUser (io.gravitee.am.identityprovider.api.DefaultUser)13 Authentication (io.gravitee.am.identityprovider.api.Authentication)10 BadCredentialsException (io.gravitee.am.common.exception.authentication.BadCredentialsException)9 ApplicationIdentityProvider (io.gravitee.am.model.idp.ApplicationIdentityProvider)8 AuthenticationEvent (io.gravitee.am.gateway.handler.common.auth.event.AuthenticationEvent)7 EndUserAuthentication (io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication)7 UserAuthenticationManager (io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager)7 Maybe (io.reactivex.Maybe)7 JsonObject (io.vertx.core.json.JsonObject)7 RoutingContext (io.vertx.reactivex.ext.web.RoutingContext)7 Map (java.util.Map)7 EventManager (io.gravitee.am.common.event.EventManager)6 Single (io.reactivex.Single)6 HttpMethod (io.vertx.core.http.HttpMethod)6 HttpServerRequest (io.vertx.reactivex.core.http.HttpServerRequest)6