use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestAcknowledgeHandlerTest method shouldGenerateAuthReqId.
@Test
public void shouldGenerateAuthReqId() throws Exception {
CibaAuthenticationRequest cibaRequest = new CibaAuthenticationRequest();
cibaRequest.setLoginHint("username");
cibaRequest.setSubject("usernameuuid");
router.route().order(-1).handler(routingContext -> {
routingContext.put(ConstantKeys.CLIENT_CONTEXT_KEY, client);
routingContext.put(ConstantKeys.CIBA_AUTH_REQUEST_KEY, cibaRequest);
routingContext.next();
});
when(jwtService.encode(any(JWT.class), any(Client.class))).thenReturn(Single.just("signed_jwt"));
final CibaAuthRequest req = new CibaAuthRequest();
req.setCreatedAt(new Date());
req.setExpireAt(new Date());
when(authReqService.register(any(), any())).thenReturn(Single.just(req));
when(authReqService.updateAuthDeviceInformation(any())).thenReturn(Single.just(req));
when(authReqService.notify(any())).thenReturn(Single.just(new ADNotificationResponse("jit")));
testRequest(HttpMethod.POST, CIBAProvider.CIBA_PATH + CIBAProvider.AUTHENTICATION_ENDPOINT + "?request=fakejwt", null, HttpStatusCode.OK_200, "OK", null);
verify(authReqService).register(any(), any());
verify(authReqService).updateAuthDeviceInformation(any());
verify(authReqService).notify(any());
}
use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldNotUpdateStatus_UnknownRequestId.
@Test
public void shouldNotUpdateStatus_UnknownRequestId() {
final String STATE = "state";
final String EXTERNAL_ID = "externalId";
final String AUTH_REQ_ID = "auth_red_id";
final boolean requestValidated = new Random().nextBoolean();
AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse(EXTERNAL_ID, STATE, requestValidated))));
final JWT stateJwt = new JWT();
stateJwt.setJti(EXTERNAL_ID);
when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.just(stateJwt));
final CibaAuthRequest cibaRequest = new CibaAuthRequest();
cibaRequest.setId(AUTH_REQ_ID);
when(this.requestRepository.findByExternalId(EXTERNAL_ID)).thenReturn(Maybe.empty());
final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
observer.awaitTerminalEvent();
observer.assertError(InvalidRequestException.class);
verify(clientService).findByClientId(any());
verify(jwtService).decodeAndVerify(anyString(), any(Client.class));
verify(requestRepository, never()).updateStatus(any(), any());
}
use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldNotUpdate.
@Test
public void shouldNotUpdate() {
CibaAuthRequest request = mock(CibaAuthRequest.class);
when(requestRepository.findById(any())).thenReturn(Maybe.empty());
final TestObserver<CibaAuthRequest> observer = service.updateAuthDeviceInformation(request).test();
observer.awaitTerminalEvent();
observer.assertError(AuthenticationRequestNotFoundException.class);
verify(requestRepository, never()).update(any());
}
use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldRetrieve_SlowDown.
@Test
public void shouldRetrieve_SlowDown() {
CibaAuthRequest request = new CibaAuthRequest();
request.setLastAccessAt(new Date(Instant.now().minusSeconds(1).toEpochMilli()));
request.setStatus(AuthenticationRequestStatus.ONGOING.name());
request.setExpireAt(new Date(Instant.now().plusSeconds(RETENTION_PERIOD).toEpochMilli()));
when(requestRepository.findById(anyString())).thenReturn(Maybe.just(request));
final TestObserver<CibaAuthRequest> observer = service.retrieve(domain, "reqid").test();
observer.awaitTerminalEvent();
observer.assertError(SlowDownException.class);
}
use of io.gravitee.am.repository.oidc.model.CibaAuthRequest in project gravitee-access-management by gravitee-io.
the class AuthenticationRequestServiceTest method shouldUpdateAuthReqStatus.
@Test
public void shouldUpdateAuthReqStatus() {
final String STATE = "state";
final String EXTERNAL_ID = "externalId";
final String AUTH_REQ_ID = "auth_red_id";
final boolean requestValidated = new Random().nextBoolean();
AuthenticationDeviceNotifierProvider provider = mock(AuthenticationDeviceNotifierProvider.class);
when(notifierManager.getAuthDeviceNotifierProviders()).thenReturn(List.of(provider));
when(provider.extractUserResponse(any())).thenReturn(Single.just(Optional.of(new ADUserResponse(EXTERNAL_ID, STATE, requestValidated))));
final JWT stateJwt = new JWT();
stateJwt.setJti(EXTERNAL_ID);
when(this.jwtService.decode(STATE)).thenReturn(Single.just(stateJwt));
when(this.clientService.findByClientId(any())).thenReturn(Maybe.just(new Client()));
when(this.jwtService.decodeAndVerify(anyString(), any(Client.class))).thenReturn(Single.just(stateJwt));
final CibaAuthRequest cibaRequest = new CibaAuthRequest();
cibaRequest.setId(AUTH_REQ_ID);
when(this.requestRepository.findByExternalId(EXTERNAL_ID)).thenReturn(Maybe.just(cibaRequest));
final String status = requestValidated ? AuthenticationRequestStatus.SUCCESS.name() : AuthenticationRequestStatus.REJECTED.name();
when(this.requestRepository.updateStatus(AUTH_REQ_ID, status)).thenReturn(Single.just(cibaRequest));
final ADCallbackContext context = new ADCallbackContext(MultiMap.caseInsensitiveMultiMap(), MultiMap.caseInsensitiveMultiMap());
final TestObserver<Void> observer = this.service.validateUserResponse(context).test();
observer.awaitTerminalEvent();
observer.assertNoErrors();
verify(requestRepository).updateStatus(AUTH_REQ_ID, status);
}
Aggregations