Example 6 with Token
use of io.gravitee.repository.management.model.Token in project gravitee-management-rest-api by gravitee-io.
the class TokenAuthenticationFilterTest method shouldRejectRequest_UnknownUser.
@Test
public void shouldRejectRequest_UnknownUser() throws Exception {
final String USER_ID = "SomeId";
final String TOKEN = "b4c6102e-6c95-464f-8610-2e6c95064f02";
final String BEARER = "Bearer " + TOKEN;
TokenAuthenticationFilter filter = new TokenAuthenticationFilter("JWT_SECRET_TOEKN_TEST", cookieGenerator, userService, tokenService, authoritiesProvider);
when(request.getHeader(HttpHeaders.AUTHORIZATION)).thenReturn(BEARER);
final Token token = mock(Token.class);
when(token.getReferenceId()).thenReturn(USER_ID);
when(tokenService.findByToken(TOKEN)).thenReturn(token);
when(userService.findById(USER_ID)).thenThrow(new UserNotFoundException(USER_ID));
filter.doFilter(request, response, filterChain);
verify(response).sendError(HttpStatusCode.UNAUTHORIZED_401);
verify(authoritiesProvider, never()).retrieveAuthorities(USER_ID);
}
Also used :
UserNotFoundException(io.gravitee.rest.api.service.exceptions.UserNotFoundException)
Token(io.gravitee.repository.management.model.Token)
Test(org.junit.Test)
Example 7 with Token
use of io.gravitee.repository.management.model.Token in project gravitee-management-rest-api by gravitee-io.
the class TokenServiceImpl method create.
@Override
public TokenEntity create(NewTokenEntity newToken) {
try {
final String username = getAuthenticatedUsername();
// check if name already exists
final List<TokenEntity> tokens = findByUser(username);
final boolean nameAlreadyExists = tokens.stream().anyMatch(token -> newToken.getName().equalsIgnoreCase(token.getName()));
if (nameAlreadyExists) {
throw new TokenNameAlreadyExistsException(newToken.getName());
}
final String decodedToken = UUID.toString(UUID.random());
final Token token = convert(newToken, TokenReferenceType.USER, username, passwordEncoder.encode(decodedToken));
auditService.createEnvironmentAuditLog(Collections.singletonMap(TOKEN, token.getId()), TOKEN_CREATED, token.getCreatedAt(), null, token);
return convert(tokenRepository.create(token), decodedToken);
} catch (TechnicalException e) {
final String error = "An error occurs while trying to create a token " + newToken;
LOGGER.error(error, e);
throw new TechnicalManagementException(error, e);
}
}
Also used :
TechnicalException(io.gravitee.repository.exceptions.TechnicalException)
TokenEntity(io.gravitee.rest.api.model.TokenEntity)
NewTokenEntity(io.gravitee.rest.api.model.NewTokenEntity)
Token(io.gravitee.repository.management.model.Token)
TechnicalManagementException(io.gravitee.rest.api.service.exceptions.TechnicalManagementException)
TokenNameAlreadyExistsException(io.gravitee.rest.api.service.exceptions.TokenNameAlreadyExistsException)
Example 8 with Token
use of io.gravitee.repository.management.model.Token in project gravitee-management-rest-api by gravitee-io.
the class TokenServiceTest method shouldFindByUser.
@Test
public void shouldFindByUser() throws TechnicalException {
final Token token2 = new Token();
token2.setId("2");
when(tokenRepository.findByReference(eq(USER.name()), eq(USER_ID))).thenReturn(asList(token, token2));
final List<TokenEntity> tokens = tokenService.findByUser(USER_ID);
assertEquals(TOKEN_ID, tokens.get(0).getId());
assertEquals("name", tokens.get(0).getName());
assertNull("Token cannot be read after creation", tokens.get(0).getToken());
assertEquals(new Date(1486771200000L), tokens.get(0).getCreatedAt());
assertEquals(new Date(1486772200000L), tokens.get(0).getExpiresAt());
assertEquals(new Date(1486773200000L), tokens.get(0).getLastUseAt());
assertEquals("2", tokens.get(1).getId());
}
Also used :
TokenEntity(io.gravitee.rest.api.model.TokenEntity)
NewTokenEntity(io.gravitee.rest.api.model.NewTokenEntity)
Token(io.gravitee.repository.management.model.Token)
Date(java.util.Date)
Test(org.junit.Test)
Example 9 with Token
use of io.gravitee.repository.management.model.Token in project gravitee-management-rest-api by gravitee-io.
the class TokenServiceTest method shouldFindByToken.
@Test
public void shouldFindByToken() throws TechnicalException {
when(tokenRepository.findAll()).thenReturn(newHashSet(token));
when(tokenRepository.update(token)).thenReturn(token);
final Token t = tokenService.findByToken("token");
assertEquals(TOKEN_ID, t.getId());
assertEquals("name", t.getName());
assertEquals("token", t.getToken());
assertEquals(new Date(1486771200000L), t.getCreatedAt());
assertEquals(new Date(1486772200000L), t.getExpiresAt());
assertEquals(new Date(1486773200000L), t.getLastUseAt());
}Aggregations
Token (io.gravitee.repository.management.model.Token)9
TechnicalException (io.gravitee.repository.exceptions.TechnicalException)3
NewTokenEntity (io.gravitee.rest.api.model.NewTokenEntity)3
TokenEntity (io.gravitee.rest.api.model.TokenEntity)3
TechnicalManagementException (io.gravitee.rest.api.service.exceptions.TechnicalManagementException)3
Test (org.junit.Test)3
UserEntity (io.gravitee.rest.api.model.UserEntity)2
TokenService (io.gravitee.rest.api.service.TokenService)2
TokenNameAlreadyExistsException (io.gravitee.rest.api.service.exceptions.TokenNameAlreadyExistsException)2
Date (java.util.Date)2
Logger (org.slf4j.Logger)2
LoggerFactory (org.slf4j.LoggerFactory)2
JWT (com.auth0.jwt.JWT)1
JWTVerifier (com.auth0.jwt.JWTVerifier)1
Algorithm (com.auth0.jwt.algorithms.Algorithm)1
JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)1
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)1
HttpHeaders (io.gravitee.common.http.HttpHeaders)1
HttpStatusCode (io.gravitee.common.http.HttpStatusCode)1
UUID (io.gravitee.common.utils.UUID)1
