Search in sources :

Example 1 with RememberDeviceSettings

use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.

the class AuthenticationFlowHandlerTest method shouldContinue_adaptiveMFA_with_step_up_false_strong_auth_true_device_known.

@Test
public void shouldContinue_adaptiveMFA_with_step_up_false_strong_auth_true_device_known() throws Exception {
    router.route().order(-1).handler(rc -> {
        // set client
        Client client = new Client();
        client.setFactors(Collections.singleton("factor-1"));
        rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
        MFASettings mfaSettings = new MFASettings();
        final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
        rememberDevice.setActive(true);
        mfaSettings.setRememberDevice(rememberDevice);
        rc.session().put(DEVICE_ALREADY_EXISTS_KEY, true);
        mfaSettings.setStepUpAuthenticationRule("{#request.params['scope'][0].contains('write')}");
        mfaSettings.setAdaptiveAuthenticationRule("{#context.attributes['geoip']['country_iso_code'] == 'FR'}");
        rc.put(ConstantKeys.GEOIP_KEY, new JsonObject().put("country_iso_code", "FR").getMap());
        client.setMfaSettings(mfaSettings);
        // set user
        EnrolledFactor enrolledFactor = new EnrolledFactor();
        enrolledFactor.setFactorId("factor-1");
        io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
        endUser.setFactors(Collections.singletonList(enrolledFactor));
        rc.getDelegate().setUser(new User(endUser));
        rc.session().put(ConstantKeys.STRONG_AUTH_COMPLETED_KEY, true);
        rc.next();
    });
    testRequest(HttpMethod.GET, "/login?scope=read", HttpStatusCode.OK_200, "OK");
}
Also used : User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) RememberDeviceSettings(io.gravitee.am.model.RememberDeviceSettings) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) MFASettings(io.gravitee.am.model.MFASettings) JsonObject(io.vertx.core.json.JsonObject) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 2 with RememberDeviceSettings

use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.

the class AuthenticationFlowHandlerTest method shouldRedirectToMFAChallengePage_adaptiveMFA_with_step_up_true_strong_auth_true.

@Test
public void shouldRedirectToMFAChallengePage_adaptiveMFA_with_step_up_true_strong_auth_true() throws Exception {
    router.route().order(-1).handler(rc -> {
        // set client
        Client client = new Client();
        client.setFactors(Collections.singleton("factor-1"));
        rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
        MFASettings mfaSettings = new MFASettings();
        final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
        rememberDevice.setActive(true);
        mfaSettings.setRememberDevice(rememberDevice);
        rc.session().put(DEVICE_ALREADY_EXISTS_KEY, true);
        mfaSettings.setStepUpAuthenticationRule("{#request.params['scope'][0].contains('write')}");
        mfaSettings.setAdaptiveAuthenticationRule("{#context.attributes['geoip']['country_iso_code'] == 'FR'}");
        rc.put(ConstantKeys.GEOIP_KEY, new JsonObject().put("country_iso_code", "FR").getMap());
        client.setMfaSettings(mfaSettings);
        // set user
        EnrolledFactor enrolledFactor = new EnrolledFactor();
        enrolledFactor.setFactorId("factor-1");
        io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
        endUser.setFactors(Collections.singletonList(enrolledFactor));
        rc.getDelegate().setUser(new User(endUser));
        rc.session().put(ConstantKeys.STRONG_AUTH_COMPLETED_KEY, true);
        rc.next();
    });
    testRequest(HttpMethod.GET, "/login?scope=write", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertTrue(location.endsWith("/mfa/challenge?scope=write"));
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) RememberDeviceSettings(io.gravitee.am.model.RememberDeviceSettings) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) MFASettings(io.gravitee.am.model.MFASettings) JsonObject(io.vertx.core.json.JsonObject) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 3 with RememberDeviceSettings

use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.

the class AuthenticationFlowHandlerTest method shouldRedirectToMFAChallengePage_rememberDevice.

@Test
public void shouldRedirectToMFAChallengePage_rememberDevice() throws Exception {
    router.route().order(-1).handler(rc -> {
        // set client
        Client client = new Client();
        client.setFactors(Collections.singleton("factor-1"));
        rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
        MFASettings mfaSettings = new MFASettings();
        final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
        rememberDevice.setActive(true);
        mfaSettings.setRememberDevice(rememberDevice);
        rc.session().put(DEVICE_ALREADY_EXISTS_KEY, false);
        client.setMfaSettings(mfaSettings);
        // set user
        EnrolledFactor enrolledFactor = new EnrolledFactor();
        enrolledFactor.setFactorId("factor-1");
        io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
        endUser.setFactors(Collections.singletonList(enrolledFactor));
        rc.getDelegate().setUser(new User(endUser));
        rc.next();
    });
    testRequest(HttpMethod.GET, "/login", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertTrue(location.endsWith("/mfa/challenge"));
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : User(io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) RememberDeviceSettings(io.gravitee.am.model.RememberDeviceSettings) EnrolledFactor(io.gravitee.am.model.factor.EnrolledFactor) MFASettings(io.gravitee.am.model.MFASettings) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 4 with RememberDeviceSettings

use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.

the class DeviceIdentifierManagerTest method mustAdd_RememberDeviceIsNotActive_RememberDeviceSettings_notEnabled.

@Test
public void mustAdd_RememberDeviceIsNotActive_RememberDeviceSettings_notEnabled() {
    var client = new Client();
    final MFASettings mfaSettings = new MFASettings();
    mfaSettings.setRememberDevice(new RememberDeviceSettings());
    client.setMfaSettings(mfaSettings);
    var map = cut.getTemplateVariables(client);
    assertFalse((boolean) map.get(REMEMBER_DEVICE_IS_ACTIVE));
    verify(deviceIdentifierProvider, times(0)).addConfigurationVariables(any(), anyString());
}
Also used : RememberDeviceSettings(io.gravitee.am.model.RememberDeviceSettings) MFASettings(io.gravitee.am.model.MFASettings) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 5 with RememberDeviceSettings

use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.

the class DeviceIdentifierManagerTest method mustAdd_RememberDeviceActiveAndCallProvider.

@Test
public void mustAdd_RememberDeviceActiveAndCallProvider() {
    var client = new Client();
    final MFASettings mfaSettings = new MFASettings();
    final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
    rememberDevice.setActive(true);
    rememberDevice.setDeviceIdentifierId(REMEMBER_DEVICE_ID);
    mfaSettings.setRememberDevice(rememberDevice);
    client.setMfaSettings(mfaSettings);
    var map = cut.getTemplateVariables(client);
    assertTrue((boolean) map.get(REMEMBER_DEVICE_IS_ACTIVE));
    verify(deviceIdentifierProvider, times(1)).addConfigurationVariables(any(), any());
}
Also used : RememberDeviceSettings(io.gravitee.am.model.RememberDeviceSettings) MFASettings(io.gravitee.am.model.MFASettings) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Aggregations

RememberDeviceSettings (io.gravitee.am.model.RememberDeviceSettings)17 MFASettings (io.gravitee.am.model.MFASettings)16 Test (org.junit.Test)16 Client (io.gravitee.am.model.oidc.Client)8 User (io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User)5 User (io.gravitee.am.model.User)4 EnrolledFactor (io.gravitee.am.model.factor.EnrolledFactor)4 JsonObject (io.vertx.core.json.JsonObject)2 Objects (java.util.Objects)1