Search in sources :

Example 1 with CibaAuthRequest

use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.

the class AuthenticationRequestAcknowledgeHandlerTest method shouldGenerateAuthReqId.

@Test
public void shouldGenerateAuthReqId() throws Exception {
    CibaAuthenticationRequest cibaRequest = new CibaAuthenticationRequest();
    cibaRequest.setLoginHint("username");
    cibaRequest.setSubject("usernameuuid");
    router.route().order(-1).handler(routingContext -> {
        routingContext.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
        routingContext.put(ConstantKeys.CIBA_AUTH_REQUEST_KEY, cibaRequest);
        routingContext.next();
    });
    when(jwtService.encode(any(JWT.class), any(Client.class))).thenReturn(Single.just("signed_jwt"));
    final CibaAuthRequest req = new CibaAuthRequest();
    req.setCreatedAt(new Date());
    req.setExpireAt(new Date());
    when(authReqService.register(any(), any())).thenReturn(Single.just(req));
    when(authReqService.updateAuthDeviceInformation(any())).thenReturn(Single.just(req));
    when(authReqService.notify(any())).thenReturn(Single.just(new ADNotificationResponse("jit")));
    testRequest(HttpMethod.POST, CIBAProvider.CIBA_PATH + CIBAProvider.AUTHENTICATION_ENDPOINT + "?request=fakejwt", null, HttpStatusCode.OK_200, "OK", null);
    verify(authReqService).register(any(), any());
    verify(authReqService).updateAuthDeviceInformation(any());
    verify(authReqService).notify(any());
}
Also used : CibaAuthRequest(io.gravitee.am.repository.oidc.model.CibaAuthRequest) JWT(io.gravitee.am.common.jwt.JWT) CibaAuthenticationRequest(io.gravitee.am.gateway.handler.ciba.service.request.CibaAuthenticationRequest) Client(io.gravitee.am.model.oidc.Client) Date(java.util.Date) ADNotificationResponse(io.gravitee.am.authdevice.notifier.api.model.ADNotificationResponse) Test(org.junit.Test)

Example 2 with CibaAuthRequest

use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.

the class AuthenticationRequestServiceTest method shouldNotUpdateStatus_UnknownRequestId.

@Test
public void shouldNotUpdateStatus_UnknownRequestId() {
    final String STATE = "state";
    final String EXTERNAL_ID = "externalId";
    final String AUTH_REQ_ID = "auth_red_id";
    final boolean requestValidated = new Random().nextBoolean();
    AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
    when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
    when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse(EXTERNAL_ID, STATE, requestValidated))));
    final JWT stateJwt = new JWT();
    stateJwt.setJti(EXTERNAL_ID);
    when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
    when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
    when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.just(stateJwt));
    final CibaAuthRequest cibaRequest = new CibaAuthRequest();
    cibaRequest.setId(AUTH_REQ_ID);
    when(this.requestRepository.findByExternalId(EXTERNAL_ID)).thenReturn(Maybe.empty());
    final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
    final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
    observer.awaitTerminalEvent();
    observer.assertError(InvalidRequestException.class);
    verify(clientService).findByClientId(any());
    verify(jwtService).decodeAndVerify(anyString(), any(Client.class));
    verify(requestRepository, never()).updateStatus(any(), any());
}
Also used : CibaAuthRequest(io.gravitee.am.repository.oidc.model.CibaAuthRequest) ADCallbackContext(io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext) ADUserResponse(io.gravitee.am.authdevice.notifier.api.model.ADUserResponse) JWT(io.gravitee.am.common.jwt.JWT) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Client(io.gravitee.am.model.oidc.Client) AuthenticationDeviceNotifierProvider(io.gravitee.am.authdevice.notifier.api.AuthenticationDeviceNotifierProvider) Test(org.junit.Test)

Example 3 with CibaAuthRequest

use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.

the class AuthenticationRequestServiceTest method shouldNotUpdate.

@Test
public void shouldNotUpdate() {
    CibaAuthRequest request = mock(CibaAuthRequest.class);
    when(requestRepository.findById(any())).thenReturn(Maybe.empty());
    final TestObserver<CibaAuthRequest> observer = service.updateAuthDeviceInformation(request).test();
    observer.awaitTerminalEvent();
    observer.assertError(AuthenticationRequestNotFoundException.class);
    verify(requestRepository, never()).update(any());
}
Also used : CibaAuthRequest(io.gravitee.am.repository.oidc.model.CibaAuthRequest) Test(org.junit.Test)

Example 4 with CibaAuthRequest

use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.

the class AuthenticationRequestServiceTest method shouldRetrieve_SlowDown.

@Test
public void shouldRetrieve_SlowDown() {
    CibaAuthRequest request = new CibaAuthRequest();
    request.setLastAccessAt(new Date(Instant.now().minusSeconds(1).toEpochMilli()));
    request.setStatus(AuthenticationRequestStatus.ONGOING.name());
    request.setExpireAt(new Date(Instant.now().plusSeconds(RETENTION_PERIOD).toEpochMilli()));
    when(requestRepository.findById(anyString())).thenReturn(Maybe.just(request));
    final TestObserver<CibaAuthRequest> observer = service.retrieve(domain, "reqid").test();
    observer.awaitTerminalEvent();
    observer.assertError(SlowDownException.class);
}
Also used : CibaAuthRequest(io.gravitee.am.repository.oidc.model.CibaAuthRequest) Test(org.junit.Test)

Example 5 with CibaAuthRequest

use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.

the class AuthenticationRequestServiceTest method shouldUpdateAuthReqStatus.

@Test
public void shouldUpdateAuthReqStatus() {
    final String STATE = "state";
    final String EXTERNAL_ID = "externalId";
    final String AUTH_REQ_ID = "auth_red_id";
    final boolean requestValidated = new Random().nextBoolean();
    AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
    when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
    when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse(EXTERNAL_ID, STATE, requestValidated))));
    final JWT stateJwt = new JWT();
    stateJwt.setJti(EXTERNAL_ID);
    when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
    when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
    when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.just(stateJwt));
    final CibaAuthRequest cibaRequest = new CibaAuthRequest();
    cibaRequest.setId(AUTH_REQ_ID);
    when(this.requestRepository.findByExternalId(EXTERNAL_ID)).thenReturn(Maybe.just(cibaRequest));
    final String status = requestValidated ? AuthenticationRequestStatus.SUCCESS.name() : AuthenticationRequestStatus.REJECTED.name();
    when(this.requestRepository.updateStatus(AUTH_REQ_ID, status)).thenReturn(Single.just(cibaRequest));
    final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
    final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
    observer.awaitTerminalEvent();
    observer.assertNoErrors();
    verify(requestRepository).updateStatus(AUTH_REQ_ID, status);
}
Also used : CibaAuthRequest(io.gravitee.am.repository.oidc.model.CibaAuthRequest) ADCallbackContext(io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext) ADUserResponse(io.gravitee.am.authdevice.notifier.api.model.ADUserResponse) JWT(io.gravitee.am.common.jwt.JWT) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Client(io.gravitee.am.model.oidc.Client) AuthenticationDeviceNotifierProvider(io.gravitee.am.authdevice.notifier.api.AuthenticationDeviceNotifierProvider) Test(org.junit.Test)

Aggregations

CibaAuthRequest (io.gravitee.am.repository.oidc.model.CibaAuthRequest)21 Test (org.junit.Test)16 AbstractOAuthTest (io.gravitee.am.repository.oauth2.AbstractOAuthTest)6 RandomString (io.gravitee.am.common.utils.RandomString)5 JWT (io.gravitee.am.common.jwt.JWT)4 Client (io.gravitee.am.model.oidc.Client)4 Date (java.util.Date)4 AuthenticationDeviceNotifierProvider (io.gravitee.am.authdevice.notifier.api.AuthenticationDeviceNotifierProvider)2 ADCallbackContext (io.gravitee.am.authdevice.notifier.api.model.ADCallbackContext)2 ADUserResponse (io.gravitee.am.authdevice.notifier.api.model.ADUserResponse)2 SecureRandomString (io.gravitee.am.common.utils.SecureRandomString)2 CibaAuthenticationRequest (io.gravitee.am.gateway.handler.ciba.service.request.CibaAuthenticationRequest)2 AbstractJdbcRepository (io.gravitee.am.repository.jdbc.management.AbstractJdbcRepository)2 JdbcCibaAuthRequest (io.gravitee.am.repository.jdbc.oauth2.oidc.model.JdbcCibaAuthRequest)2 JdbcRequestObject (io.gravitee.am.repository.jdbc.oauth2.oidc.model.JdbcRequestObject)2 CibaAuthRequestRepository (io.gravitee.am.repository.oidc.api.CibaAuthRequestRepository)2 Completable (io.reactivex.Completable)2 Maybe (io.reactivex.Maybe)2 Single (io.reactivex.Single)2 Instant (java.time.Instant)2