Search in sources :

Example 11 with AccessPolicy

use of io.gravitee.am.model.uma.policy.AccessPolicy in project gravitee-access-management by gravitee-io.

the class ResourceServiceTest method create_success.

@Test
public void create_success() {
    NewResource newResource = new JsonObject("{\"resource_scopes\":[\"scope\"]}").mapTo(NewResource.class);
    when(repository.create(any())).thenReturn(Single.just(new Resource()));
    when(accessPolicyRepository.create(any())).thenReturn(Single.just(new AccessPolicy()));
    TestObserver<Resource> testObserver = service.create(newResource, DOMAIN_ID, CLIENT_ID, USER_ID).test();
    testObserver.assertComplete().assertNoErrors();
    ArgumentCaptor<Resource> rsCaptor = ArgumentCaptor.forClass(Resource.class);
    verify(repository, times(1)).create(rsCaptor.capture());
    verify(accessPolicyRepository, times(1)).create(any());
    Assert.assertTrue(this.assertResourceValues(rsCaptor.getValue()));
}
Also used : NewResource(io.gravitee.am.service.model.NewResource) Resource(io.gravitee.am.model.uma.Resource) NewResource(io.gravitee.am.service.model.NewResource) JsonObject(io.vertx.core.json.JsonObject) AccessPolicy(io.gravitee.am.model.uma.policy.AccessPolicy) Test(org.junit.Test)

Example 12 with AccessPolicy

use of io.gravitee.am.model.uma.policy.AccessPolicy in project gravitee-access-management by gravitee-io.

the class UmaTokenGranterTest method grant_user_nominalCase_accessPolicy_grant.

@Test
public void grant_user_nominalCase_accessPolicy_grant() {
    AccessPolicy policy = mock(AccessPolicy.class);
    when(policy.getType()).thenReturn(AccessPolicyType.GROOVY);
    ExecutionContext executionContext = mock(ExecutionContext.class);
    when(resourceService.findAccessPoliciesByResources(anyList())).thenReturn(Flowable.just(policy));
    when(executionContextFactory.create(any())).thenReturn(executionContext);
    when(rulesEngine.fire(any(), any())).thenReturn(Completable.complete());
    TestObserver<Token> testObserver = umaTokenGranter.grant(tokenRequest, client).test();
    testObserver.assertComplete().assertNoErrors().assertValue(token -> "success".equals(token.getValue()));
    OAuth2Request result = oauth2RequestCaptor.getValue();
    assertTrue(USER_ID.equals(result.getSubject()));
    assertTrue(assertNominalPermissions(result.getPermissions()));
    assertTrue(result.isSupportRefreshToken());
}
Also used : OAuth2Request(io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request) ExecutionContext(io.gravitee.gateway.api.ExecutionContext) Token(io.gravitee.am.gateway.handler.oauth2.service.token.Token) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) AccessPolicy(io.gravitee.am.model.uma.policy.AccessPolicy) Test(org.junit.Test)

Example 13 with AccessPolicy

use of io.gravitee.am.model.uma.policy.AccessPolicy in project gravitee-access-management by gravitee-io.

the class UmaTokenGranterTest method grant_nominalCase_accessPolicy_deny.

@Test
public void grant_nominalCase_accessPolicy_deny() {
    AccessPolicy policy = mock(AccessPolicy.class);
    when(policy.getType()).thenReturn(AccessPolicyType.GROOVY);
    ExecutionContext executionContext = mock(ExecutionContext.class);
    when(resourceService.findAccessPoliciesByResources(anyList())).thenReturn(Flowable.just(policy));
    when(executionContextFactory.create(any())).thenReturn(executionContext);
    when(rulesEngine.fire(any(), any())).thenReturn(Completable.error(new PolicyChainException("Policy requirements have failed")));
    TestObserver<Token> testObserver = umaTokenGranter.grant(tokenRequest, client).test();
    testObserver.assertNotComplete().assertError(InvalidGrantException.class);
}
Also used : ExecutionContext(io.gravitee.gateway.api.ExecutionContext) Token(io.gravitee.am.gateway.handler.oauth2.service.token.Token) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) PolicyChainException(io.gravitee.am.gateway.policy.PolicyChainException) AccessPolicy(io.gravitee.am.model.uma.policy.AccessPolicy) Test(org.junit.Test)

Example 14 with AccessPolicy

use of io.gravitee.am.model.uma.policy.AccessPolicy in project gravitee-access-management by gravitee-io.

the class ResourceServiceTest method findAccessPolicy.

@Test
public void findAccessPolicy() {
    AccessPolicy accessPolicy = new AccessPolicy();
    accessPolicy.setId(POLICY_ID);
    accessPolicy.setResource(RESOURCE_ID);
    accessPolicy.setDomain(DOMAIN_ID);
    when(accessPolicyRepository.findById(POLICY_ID)).thenReturn(Maybe.just(accessPolicy));
    TestObserver<AccessPolicy> testObserver = service.findAccessPolicy(DOMAIN_ID, CLIENT_ID, USER_ID, RESOURCE_ID, POLICY_ID).test();
    testObserver.assertComplete().assertNoErrors();
    testObserver.assertValue(accessPolicy1 -> accessPolicy1.getId().equals(POLICY_ID));
    verify(repository, times(1)).findByDomainAndClientAndUserAndResource(DOMAIN_ID, CLIENT_ID, USER_ID, RESOURCE_ID);
    verify(accessPolicyRepository, times(1)).findById(POLICY_ID);
}
Also used : AccessPolicy(io.gravitee.am.model.uma.policy.AccessPolicy) Test(org.junit.Test)

Example 15 with AccessPolicy

use of io.gravitee.am.model.uma.policy.AccessPolicy in project gravitee-access-management by gravitee-io.

the class ResourceServiceTest method findAccessPolicies.

@Test
public void findAccessPolicies() {
    AccessPolicy accessPolicy = new AccessPolicy();
    accessPolicy.setId("policy-id");
    accessPolicy.setResource(RESOURCE_ID);
    accessPolicy.setDomain(DOMAIN_ID);
    when(accessPolicyRepository.findByDomainAndResource(DOMAIN_ID, RESOURCE_ID)).thenReturn(Flowable.just(accessPolicy));
    TestObserver<List<AccessPolicy>> testObserver = service.findAccessPolicies(DOMAIN_ID, CLIENT_ID, USER_ID, RESOURCE_ID).toList().test();
    testObserver.assertComplete().assertNoErrors();
    testObserver.assertValue(accessPolicies -> accessPolicies.size() == 1);
    verify(repository, times(1)).findByDomainAndClientAndUserAndResource(DOMAIN_ID, CLIENT_ID, USER_ID, RESOURCE_ID);
    verify(accessPolicyRepository, times(1)).findByDomainAndResource(DOMAIN_ID, RESOURCE_ID);
}
Also used : AccessPolicy(io.gravitee.am.model.uma.policy.AccessPolicy) Test(org.junit.Test)

Aggregations

AccessPolicy (io.gravitee.am.model.uma.policy.AccessPolicy)25 Test (org.junit.Test)19 AbstractManagementTest (io.gravitee.am.repository.management.AbstractManagementTest)7 JWT (io.gravitee.am.common.jwt.JWT)3 Client (io.gravitee.am.model.oidc.Client)3 List (java.util.List)3 Token (io.gravitee.am.gateway.handler.oauth2.service.token.Token)2 AccessToken (io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)2 Page (io.gravitee.am.model.common.Page)2 Resource (io.gravitee.am.model.uma.Resource)2 AccessPolicyType (io.gravitee.am.model.uma.policy.AccessPolicyType)2 NewResource (io.gravitee.am.service.model.NewResource)2 ExecutionContext (io.gravitee.gateway.api.ExecutionContext)2 JsonObject (io.vertx.core.json.JsonObject)2 Date (java.util.Date)2 InvalidRequestException (io.gravitee.am.common.exception.oauth2.InvalidRequestException)1 OAuth2Request (io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request)1 PolicyChainException (io.gravitee.am.gateway.policy.PolicyChainException)1 AccessPolicyCondition (io.gravitee.am.model.uma.policy.AccessPolicyCondition)1 TechnicalException (io.gravitee.am.repository.exceptions.TechnicalException)1