Examples with ExternalIdentity org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity used on opensource projects

Example 21 with ExternalIdentity

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity in project jackrabbit-oak by apache.

the class CustomExternalIdentityProvider method getIdentity.

@Override
public ExternalIdentity getIdentity(@Nonnull ExternalIdentityRef ref) throws ExternalIdentityException {
    if (getName().equals(ref.getProviderName())) {
        String id = ref.getId();
        ExternalIdentity ei = getUser(id);
        if (ei == null) {
            ei = getGroup(id);
        }
        return ei;
    } else {
        return null;
    }
}

Example 22 with ExternalIdentity

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testIsExpiredSyncedGroup.

@Test
public void testIsExpiredSyncedGroup() throws Exception {
    ExternalIdentity externalGroup = idp.listGroups().next();
    sync(externalGroup);
    Authorizable a = userManager.getAuthorizable(externalGroup.getId());
    assertFalse(syncCtx.isExpired(a, syncConfig.group().getExpirationTime(), "any"));
    assertTrue(syncCtx.isExpired(a, -1, "any"));
    // create a ctx with a newer 'now'
    DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
    long expTime = ctx.now - syncCtx.now - 1;
    assertTrue(ctx.isExpired(a, expTime, "any"));
    // remove last-sync property
    a.removeProperty(DefaultSyncContext.REP_LAST_SYNCED);
    assertTrue(syncCtx.isExpired(a, syncConfig.group().getExpirationTime(), "any"));
}

Example 23 with ExternalIdentity

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testGetIdentityRefSyncGroup.

@Test
public void testGetIdentityRefSyncGroup() throws Exception {
    ExternalIdentity externalGroup = idp.listGroups().next();
    sync(externalGroup);
    ExternalIdentityRef ref = DefaultSyncContext.getIdentityRef(userManager.getAuthorizable(externalGroup.getId()));
    assertNotNull(ref);
    assertEquals(externalGroup.getExternalId(), ref);
}

Example 24 with ExternalIdentity

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testSyncForeignExternalGroup.

@Test
public void testSyncForeignExternalGroup() throws Exception {
    ExternalIdentity foreign = new TestIdentityProvider.ForeignExternalGroup();
    SyncResult res = syncCtx.sync(foreign);
    assertNotNull(res);
    assertSame(SyncResult.Status.FOREIGN, res.getStatus());
    // expect {@code SyncedIdentity} in accordance with {@code sync(String userId)},
    // where the authorizable is found to be linked to a different IDP.
    SyncedIdentity si = res.getIdentity();
    assertNotNull(si);
    assertEquals(foreign.getId(), si.getId());
    ExternalIdentityRef ref = si.getExternalIdRef();
    assertNotNull(ref);
    assertEquals(foreign.getExternalId(), ref);
    assertTrue(si.isGroup());
    assertEquals(-1, si.lastSynced());
    assertFalse(root.hasPendingChanges());
}

Example 25 with ExternalIdentity

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testSyncGroupById.

@Test
public void testSyncGroupById() throws Exception {
    ExternalIdentity externalId = idp.listGroups().next();
    // no initial sync -> sync-by-id doesn't succeed
    SyncResult result = syncCtx.sync(externalId.getId());
    assertEquals(SyncResult.Status.NO_SUCH_AUTHORIZABLE, result.getStatus());
    // force sync
    syncCtx.sync(externalId);
    // try again
    syncCtx.setForceGroupSync(true);
    result = syncCtx.sync(externalId.getId());
    assertEquals(SyncResult.Status.UPDATE, result.getStatus());
}