use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class ClientSyncServiceTest method addDynamicClientRegistred_ok.
@Test
public void addDynamicClientRegistred_ok() {
// Template should not added
Client existingClient = new Client();
existingClient.setId("aa");
existingClient.setDomain("domainA");
existingClient.setClientId("domainAClientA");
clientSyncService.addDynamicClientRegistred(existingClient);
TestObserver<Client> test = clientSyncService.findByClientId("domainAClientA").test();
test.assertComplete().assertNoErrors();
test.assertValue(client -> client.getClientId().equals("domainAClientA"));
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class ClientSyncServiceTest method addDynamicClientRegistred_ShouldRejectTemplate.
@Test
public void addDynamicClientRegistred_ShouldRejectTemplate() {
// Template should not added
Client template = new Client();
template.setDomain("domainA");
template.setClientId("template");
template.setTemplate(true);
doNothing().when(clientManager).deploy(template);
clientSyncService.addDynamicClientRegistred(template);
verify(clientManager, times(1)).deploy(template);
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class FlowManagerTest method shouldFindByExtensionPoint_twoFlows_inherit_false.
@Test
public void shouldFindByExtensionPoint_twoFlows_inherit_false() {
Step domainStep = mock(Step.class);
when(domainStep.isEnabled()).thenReturn(true);
when(domainStep.getPolicy()).thenReturn("step-policy");
when(domainStep.getConfiguration()).thenReturn("domain-step-configuration");
Step appStep = mock(Step.class);
when(appStep.isEnabled()).thenReturn(true);
when(appStep.getPolicy()).thenReturn("step-policy");
when(appStep.getConfiguration()).thenReturn("app-step-configuration");
Flow domainFlow = mock(Flow.class);
when(domainFlow.getId()).thenReturn("domain-flow-id");
when(domainFlow.getType()).thenReturn(Type.CONSENT);
when(domainFlow.isEnabled()).thenReturn(true);
when(domainFlow.getPre()).thenReturn(Collections.singletonList(domainStep));
Flow appFlow = mock(Flow.class);
when(appFlow.getId()).thenReturn("app-flow-id");
when(appFlow.getType()).thenReturn(Type.CONSENT);
when(appFlow.isEnabled()).thenReturn(true);
when(appFlow.getPre()).thenReturn(Collections.singletonList(appStep));
when(appFlow.getApplication()).thenReturn("app-id");
Policy domainPolicy = mock(Policy.class);
Policy appPolicy = mock(Policy.class);
when(appPolicy.id()).thenReturn("app-policy");
Client client = mock(Client.class);
when(client.getId()).thenReturn("app-id");
when(domain.getId()).thenReturn("domain-id");
when(policyPluginManager.create(domainStep.getPolicy(), domainStep.getCondition(), domainStep.getConfiguration())).thenReturn(domainPolicy);
when(policyPluginManager.create(appStep.getPolicy(), appStep.getCondition(), appStep.getConfiguration())).thenReturn(appPolicy);
when(flowService.findAll(ReferenceType.DOMAIN, domain.getId())).thenReturn(Flowable.just(domainFlow, appFlow));
flowManager.afterPropertiesSet();
TestObserver<List<Policy>> obs = flowManager.findByExtensionPoint(ExtensionPoint.PRE_CONSENT, client, null).test();
obs.awaitTerminalEvent();
obs.assertValue(policies -> {
Assert.assertTrue(policies.size() == 1);
Assert.assertTrue(policies.get(0).id().equals(appPolicy.id()));
return true;
});
verify(policyPluginManager, times(2)).create(anyString(), eq(null), anyString());
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class FlowManagerTest method shouldFindByExtensionPoint_twoFlows_inherit_true.
@Test
public void shouldFindByExtensionPoint_twoFlows_inherit_true() {
Step domainStep = mock(Step.class);
when(domainStep.isEnabled()).thenReturn(true);
when(domainStep.getPolicy()).thenReturn("step-policy");
when(domainStep.getConfiguration()).thenReturn("domain-step-configuration");
Step appStep = mock(Step.class);
when(appStep.isEnabled()).thenReturn(true);
when(appStep.getPolicy()).thenReturn("step-policy");
when(appStep.getConfiguration()).thenReturn("app-step-configuration");
Flow domainFlow = mock(Flow.class);
when(domainFlow.getId()).thenReturn("domain-flow-id");
when(domainFlow.getType()).thenReturn(Type.CONSENT);
when(domainFlow.isEnabled()).thenReturn(true);
when(domainFlow.getPre()).thenReturn(Collections.singletonList(domainStep));
Flow appFlow = mock(Flow.class);
when(appFlow.getId()).thenReturn("app-flow-id");
when(appFlow.getType()).thenReturn(Type.CONSENT);
when(appFlow.isEnabled()).thenReturn(true);
when(appFlow.getPre()).thenReturn(Collections.singletonList(appStep));
when(appFlow.getApplication()).thenReturn("app-id");
Policy domainPolicy = mock(Policy.class);
when(domainPolicy.id()).thenReturn("domain-policy");
Policy appPolicy = mock(Policy.class);
when(appPolicy.id()).thenReturn("app-policy");
Client client = mock(Client.class);
when(client.getId()).thenReturn("app-id");
when(client.isFlowsInherited()).thenReturn(true);
when(domain.getId()).thenReturn("domain-id");
when(policyPluginManager.create(domainStep.getPolicy(), domainStep.getCondition(), domainStep.getConfiguration())).thenReturn(domainPolicy);
when(policyPluginManager.create(appStep.getPolicy(), appStep.getCondition(), appStep.getConfiguration())).thenReturn(appPolicy);
when(flowService.findAll(ReferenceType.DOMAIN, domain.getId())).thenReturn(Flowable.just(domainFlow, appFlow));
flowManager.afterPropertiesSet();
TestObserver<List<Policy>> obs = flowManager.findByExtensionPoint(ExtensionPoint.PRE_CONSENT, client, ExecutionPredicate.alwaysTrue()).test();
obs.awaitTerminalEvent();
obs.assertValue(policies -> {
Assert.assertTrue(policies.size() == 2);
Assert.assertTrue(policies.get(0).id().equals(domainPolicy.id()));
Assert.assertTrue(policies.get(1).id().equals(appPolicy.id()));
return true;
});
verify(policyPluginManager, times(2)).create(anyString(), eq(null), anyString());
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class UserAuthProviderImpl method authenticate.
@Override
public void authenticate(RoutingContext context, JsonObject authInfo, Handler<AsyncResult<User>> handler) {
String username = authInfo.getString(USERNAME_PARAMETER);
String password = authInfo.getString(PASSWORD_PARAMETER);
String clientId = authInfo.getString(Parameters.CLIENT_ID);
String ipAddress = authInfo.getString(Claims.ip_address);
String userAgent = authInfo.getString(Claims.user_agent);
parseClient(clientId, parseClientHandler -> {
if (parseClientHandler.failed()) {
logger.error("Authentication failure: unable to retrieve client " + clientId, parseClientHandler.cause());
handler.handle(Future.failedFuture(parseClientHandler.cause()));
return;
}
// retrieve the client (application)
final Client client = parseClientHandler.result();
// end user authentication
SimpleAuthenticationContext authenticationContext = new SimpleAuthenticationContext(new VertxHttpServerRequest(context.request().getDelegate()));
final Authentication authentication = new EndUserAuthentication(username, password, authenticationContext);
authenticationContext.set(Claims.ip_address, ipAddress);
authenticationContext.set(Claims.user_agent, userAgent);
authenticationContext.set(Claims.domain, client.getDomain());
userAuthenticationManager.authenticate(client, authentication).subscribe(user -> handler.handle(Future.succeededFuture(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(user))), error -> handler.handle(Future.failedFuture(error)));
});
}
Aggregations