use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.
the class AuthenticationFlowHandlerTest method shouldContinue_adaptiveMFA_with_step_up_false_strong_auth_true_device_known.
@Test
public void shouldContinue_adaptiveMFA_with_step_up_false_strong_auth_true_device_known() throws Exception {
router.route().order(-1).handler(rc -> {
// set client
Client client = new Client();
client.setFactors(Collections.singleton("factor-1"));
rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
MFASettings mfaSettings = new MFASettings();
final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
rememberDevice.setActive(true);
mfaSettings.setRememberDevice(rememberDevice);
rc.session().put(DEVICE_ALREADY_EXISTS_KEY, true);
mfaSettings.setStepUpAuthenticationRule("{#request.params['scope'][0].contains('write')}");
mfaSettings.setAdaptiveAuthenticationRule("{#context.attributes['geoip']['country_iso_code'] == 'FR'}");
rc.put(ConstantKeys.GEOIP_KEY, new JsonObject().put("country_iso_code", "FR").getMap());
client.setMfaSettings(mfaSettings);
// set user
EnrolledFactor enrolledFactor = new EnrolledFactor();
enrolledFactor.setFactorId("factor-1");
io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
endUser.setFactors(Collections.singletonList(enrolledFactor));
rc.getDelegate().setUser(new User(endUser));
rc.session().put(ConstantKeys.STRONG_AUTH_COMPLETED_KEY, true);
rc.next();
});
testRequest(HttpMethod.GET, "/login?scope=read", HttpStatusCode.OK_200, "OK");
}
use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.
the class AuthenticationFlowHandlerTest method shouldRedirectToMFAChallengePage_adaptiveMFA_with_step_up_true_strong_auth_true.
@Test
public void shouldRedirectToMFAChallengePage_adaptiveMFA_with_step_up_true_strong_auth_true() throws Exception {
router.route().order(-1).handler(rc -> {
// set client
Client client = new Client();
client.setFactors(Collections.singleton("factor-1"));
rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
MFASettings mfaSettings = new MFASettings();
final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
rememberDevice.setActive(true);
mfaSettings.setRememberDevice(rememberDevice);
rc.session().put(DEVICE_ALREADY_EXISTS_KEY, true);
mfaSettings.setStepUpAuthenticationRule("{#request.params['scope'][0].contains('write')}");
mfaSettings.setAdaptiveAuthenticationRule("{#context.attributes['geoip']['country_iso_code'] == 'FR'}");
rc.put(ConstantKeys.GEOIP_KEY, new JsonObject().put("country_iso_code", "FR").getMap());
client.setMfaSettings(mfaSettings);
// set user
EnrolledFactor enrolledFactor = new EnrolledFactor();
enrolledFactor.setFactorId("factor-1");
io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
endUser.setFactors(Collections.singletonList(enrolledFactor));
rc.getDelegate().setUser(new User(endUser));
rc.session().put(ConstantKeys.STRONG_AUTH_COMPLETED_KEY, true);
rc.next();
});
testRequest(HttpMethod.GET, "/login?scope=write", null, resp -> {
String location = resp.headers().get("location");
assertNotNull(location);
assertTrue(location.endsWith("/mfa/challenge?scope=write"));
}, HttpStatusCode.FOUND_302, "Found", null);
}
use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.
the class AuthenticationFlowHandlerTest method shouldRedirectToMFAChallengePage_rememberDevice.
@Test
public void shouldRedirectToMFAChallengePage_rememberDevice() throws Exception {
router.route().order(-1).handler(rc -> {
// set client
Client client = new Client();
client.setFactors(Collections.singleton("factor-1"));
rc.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
MFASettings mfaSettings = new MFASettings();
final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
rememberDevice.setActive(true);
mfaSettings.setRememberDevice(rememberDevice);
rc.session().put(DEVICE_ALREADY_EXISTS_KEY, false);
client.setMfaSettings(mfaSettings);
// set user
EnrolledFactor enrolledFactor = new EnrolledFactor();
enrolledFactor.setFactorId("factor-1");
io.gravitee.am.model.User endUser = new io.gravitee.am.model.User();
endUser.setFactors(Collections.singletonList(enrolledFactor));
rc.getDelegate().setUser(new User(endUser));
rc.next();
});
testRequest(HttpMethod.GET, "/login", null, resp -> {
String location = resp.headers().get("location");
assertNotNull(location);
assertTrue(location.endsWith("/mfa/challenge"));
}, HttpStatusCode.FOUND_302, "Found", null);
}
use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.
the class DeviceIdentifierManagerTest method mustAdd_RememberDeviceIsNotActive_RememberDeviceSettings_notEnabled.
@Test
public void mustAdd_RememberDeviceIsNotActive_RememberDeviceSettings_notEnabled() {
var client = new Client();
final MFASettings mfaSettings = new MFASettings();
mfaSettings.setRememberDevice(new RememberDeviceSettings());
client.setMfaSettings(mfaSettings);
var map = cut.getTemplateVariables(client);
assertFalse((boolean) map.get(REMEMBER_DEVICE_IS_ACTIVE));
verify(deviceIdentifierProvider, times(0)).addConfigurationVariables(any(), anyString());
}
use of io.gravitee.am.model.RememberDeviceSettings in project gravitee-access-management by gravitee-io.
the class DeviceIdentifierManagerTest method mustAdd_RememberDeviceActiveAndCallProvider.
@Test
public void mustAdd_RememberDeviceActiveAndCallProvider() {
var client = new Client();
final MFASettings mfaSettings = new MFASettings();
final RememberDeviceSettings rememberDevice = new RememberDeviceSettings();
rememberDevice.setActive(true);
rememberDevice.setDeviceIdentifierId(REMEMBER_DEVICE_ID);
mfaSettings.setRememberDevice(rememberDevice);
client.setMfaSettings(mfaSettings);
var map = cut.getTemplateVariables(client);
assertTrue((boolean) map.get(REMEMBER_DEVICE_IS_ACTIVE));
verify(deviceIdentifierProvider, times(1)).addConfigurationVariables(any(), any());
}
Aggregations