Search in sources :

Example 1 with IdentityProvider

use of io.gravitee.am.model.IdentityProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_singleIdentityProvider.

@Test
public void shouldAuthenticateUser_singleIdentityProvider() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(false);
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username"));
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 2 with IdentityProvider

use of io.gravitee.am.model.IdentityProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_multipleIdentityProvider.

@Test
public void shouldAuthenticateUser_multipleIdentityProvider() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1", "idp-2"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    IdentityProvider identityProvider2 = new IdentityProvider();
    identityProvider2.setId("idp-2");
    when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(false);
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            throw new BadCredentialsException();
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    when(identityProviderManager.getIdentityProvider("idp-2")).thenReturn(identityProvider2);
    when(identityProviderManager.get("idp-2")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username"));
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 3 with IdentityProvider

use of io.gravitee.am.model.IdentityProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_singleIdentityProvider_PasswordExipry.

@Test
public void shouldAuthenticateUser_singleIdentityProvider_PasswordExipry() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(passwordService.checkAccountPasswordExpiry(any(), any(), any())).thenReturn(true);
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.awaitTerminalEvent();
    observer.assertError(AccountPasswordExpiredException.class);
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.FAILURE), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 4 with IdentityProvider

use of io.gravitee.am.model.IdentityProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldAuthenticateUser_multipleIDPs_firstPriorityIdentityProvider.

@Test
public void shouldAuthenticateUser_multipleIDPs_firstPriorityIdentityProvider() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1", "idp-2"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    IdentityProvider identityProvider2 = new IdentityProvider();
    identityProvider2.setId("idp-2");
    when(userAuthenticationService.connect(any(), eq(true))).then(invocation -> {
        io.gravitee.am.identityprovider.api.User idpUser = invocation.getArgument(0);
        User user = new User();
        user.setUsername(idpUser.getUsername());
        return Single.just(user);
    });
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    when(identityProviderManager.get("idp-1")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username1"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    when(identityProviderManager.getIdentityProvider("idp-2")).thenReturn(identityProvider2);
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username1"));
    verify(eventManager, times(1)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
    client.setIdentityProviders(getApplicationIdentityProviders(false, "idp-1", "idp-2"));
    when(identityProviderManager.get("idp-2")).thenReturn(Maybe.just(new AuthenticationProvider() {

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(Authentication authentication) {
            return Maybe.just(new DefaultUser("username2"));
        }

        @Override
        public Maybe<io.gravitee.am.identityprovider.api.User> loadUserByUsername(String username) {
            return Maybe.empty();
        }
    }));
    observer = userAuthenticationManager.authenticate(client, new Authentication() {

        @Override
        public Object getCredentials() {
            return null;
        }

        @Override
        public Object getPrincipal() {
            return "username";
        }

        @Override
        public AuthenticationContext getContext() {
            return null;
        }
    }).test();
    observer.assertNoErrors();
    observer.assertComplete();
    observer.assertValue(user -> user.getUsername().equals("username2"));
    verify(eventManager, times(2)).publishEvent(eq(AuthenticationEvent.SUCCESS), any());
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) AuthenticationContext(io.gravitee.am.identityprovider.api.AuthenticationContext) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) Authentication(io.gravitee.am.identityprovider.api.Authentication) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 5 with IdentityProvider

use of io.gravitee.am.model.IdentityProvider in project gravitee-access-management by gravitee-io.

the class UserAuthenticationManagerTest method shouldNotAuthenticateUser_onlyExternalProvider.

@Test
public void shouldNotAuthenticateUser_onlyExternalProvider() {
    Client client = new Client();
    client.setClientId("client-id");
    client.setIdentityProviders(getApplicationIdentityProviders(true, "idp-1"));
    IdentityProvider identityProvider = new IdentityProvider();
    identityProvider.setId("idp-1");
    identityProvider.setExternal(true);
    when(identityProviderManager.getIdentityProvider("idp-1")).thenReturn(identityProvider);
    TestObserver<User> observer = userAuthenticationManager.authenticate(client, null).test();
    observer.assertNotComplete();
    observer.assertError(InternalAuthenticationServiceException.class);
    verifyZeroInteractions(userAuthenticationService);
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) IdentityProvider(io.gravitee.am.model.IdentityProvider) ApplicationIdentityProvider(io.gravitee.am.model.idp.ApplicationIdentityProvider) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Aggregations

IdentityProvider (io.gravitee.am.model.IdentityProvider)72 Test (org.junit.Test)48 NewIdentityProvider (io.gravitee.am.service.model.NewIdentityProvider)23 Client (io.gravitee.am.model.oidc.Client)20 UpdateIdentityProvider (io.gravitee.am.service.model.UpdateIdentityProvider)16 Maybe (io.reactivex.Maybe)16 DefaultUser (io.gravitee.am.identityprovider.api.DefaultUser)15 AuthenticationProvider (io.gravitee.am.identityprovider.api.AuthenticationProvider)14 Domain (io.gravitee.am.model.Domain)14 ApplicationIdentityProvider (io.gravitee.am.model.idp.ApplicationIdentityProvider)13 TestObserver (io.reactivex.observers.TestObserver)12 User (io.gravitee.am.model.User)11 Authentication (io.gravitee.am.identityprovider.api.Authentication)10 List (java.util.List)10 RunWith (org.junit.runner.RunWith)8 Mock (org.mockito.Mock)8 Mockito (org.mockito.Mockito)8 MockitoJUnitRunner (org.mockito.junit.MockitoJUnitRunner)8 Map (java.util.Map)7 Completable (io.reactivex.Completable)6