Search in sources :

Example 11 with ExternalUser

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.

the class ExternalGroupPrincipalProviderTest method testGetPrincipalGroupsWithQueryWildCard.

@Test
public void testGetPrincipalGroupsWithQueryWildCard() throws Exception {
    ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_WILDCARD_USER);
    sync(externalUser);
    for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) {
        String pName = idp.getIdentity(ref).getPrincipalName();
        Principal p = principalProvider.getPrincipal(pName);
        assertNotNull(p);
        assertEquals(pName, p.getName());
    }
}
Also used : ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) Principal(java.security.Principal) Test(org.junit.Test)

Example 12 with ExternalUser

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.

the class SyncMBeanImplTest method getExpectedUserResult.

private Map<String, String> getExpectedUserResult(String expectedOp, boolean includeGroups) throws ExternalIdentityException {
    Map<String, String> expected = new HashMap<>();
    Iterator<ExternalUser> it = idp.listUsers();
    while (it.hasNext()) {
        ExternalUser eu = it.next();
        expected.put(eu.getId(), expectedOp);
        if (includeGroups) {
            for (ExternalIdentityRef ref : eu.getDeclaredGroups()) {
                expected.put(ref.getId(), expectedOp);
            }
        }
    }
    return expected;
}
Also used : HashMap(java.util.HashMap) ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)

Example 13 with ExternalUser

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.

the class SyncMBeanImplTest method testSyncExternalUsersLastSyncedProperty.

@Test
public void testSyncExternalUsersLastSyncedProperty() throws Exception {
    ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_TEST_USER);
    String[] externalId = new String[] { externalUser.getExternalId().getString() };
    syncMBean.syncExternalUsers(externalId);
    UserManager userManager = getUserManager();
    User testUser = userManager.getAuthorizable(externalUser.getId(), User.class);
    long lastSynced = testUser.getProperty(DefaultSyncContext.REP_LAST_SYNCED)[0].getLong();
    for (ExternalIdentityRef groupRef : externalUser.getDeclaredGroups()) {
        Group gr = userManager.getAuthorizable(groupRef.getId(), Group.class);
        long groupLastSynced = gr.getProperty(DefaultSyncContext.REP_LAST_SYNCED)[0].getLong();
        assertTrue(lastSynced == groupLastSynced);
    }
    while (System.currentTimeMillis() <= lastSynced) {
    // wait for system time to move
    }
    // default value for forceGroup sync is defined to be 'true' => verify result
    syncMBean.syncExternalUsers(externalId);
    userManager = getUserManager();
    testUser = userManager.getAuthorizable(externalUser.getId(), User.class);
    long lastSynced2 = testUser.getProperty(DefaultSyncContext.REP_LAST_SYNCED)[0].getLong();
    assertTrue("lastSynced: " + lastSynced + ", lastSynced2: " + lastSynced2, lastSynced < lastSynced2);
    for (ExternalIdentityRef groupRef : externalUser.getDeclaredGroups()) {
        Group gr = userManager.getAuthorizable(groupRef.getId(), Group.class);
        long groupLastSynced = gr.getProperty(DefaultSyncContext.REP_LAST_SYNCED)[0].getLong();
        assertTrue(lastSynced2 == groupLastSynced);
    }
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) User(org.apache.jackrabbit.api.security.user.User) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Test(org.junit.Test)

Example 14 with ExternalUser

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.

the class SyncMBeanImplTest method testInitialSyncExternalUsersNoNesting.

@Test
public void testInitialSyncExternalUsersNoNesting() throws Exception {
    syncConfig.user().setMembershipNestingDepth(-1);
    ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_TEST_USER);
    String[] externalId = new String[] { externalUser.getExternalId().getString() };
    String[] result = syncMBean.syncExternalUsers(externalId);
    assertResultMessages(result, TestIdentityProvider.ID_TEST_USER, "add");
    UserManager userManager = getUserManager();
    User testUser = userManager.getAuthorizable(externalUser.getId(), User.class);
    assertNotNull(testUser);
    for (ExternalIdentityRef groupRef : externalUser.getDeclaredGroups()) {
        assertNull(userManager.getAuthorizable(groupRef.getId()));
    }
}
Also used : User(org.apache.jackrabbit.api.security.user.User) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Test(org.junit.Test)

Example 15 with ExternalUser

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.

the class SyncMBeanImplTest method testInitialSyncExternalUsers.

@Test
public void testInitialSyncExternalUsers() throws Exception {
    ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_TEST_USER);
    String[] externalId = new String[] { externalUser.getExternalId().getString() };
    String[] result = syncMBean.syncExternalUsers(externalId);
    assertResultMessages(result, TestIdentityProvider.ID_TEST_USER, "add");
    UserManager userManager = getUserManager();
    User testUser = userManager.getAuthorizable(externalUser.getId(), User.class);
    assertNotNull(testUser);
    for (ExternalIdentityRef groupRef : externalUser.getDeclaredGroups()) {
        assertNotNull(userManager.getAuthorizable(groupRef.getId()));
    }
}
Also used : User(org.apache.jackrabbit.api.security.user.User) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) UserManager(org.apache.jackrabbit.api.security.user.UserManager) Test(org.junit.Test)

Aggregations

ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)63 Test (org.junit.Test)56 AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)28 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)23 ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)19 User (org.apache.jackrabbit.api.security.user.User)12 SimpleCredentials (javax.jcr.SimpleCredentials)10 Group (org.apache.jackrabbit.api.security.user.Group)8 ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)8 HashMap (java.util.HashMap)7 ExternalIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)6 SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)6 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)6 Tree (org.apache.jackrabbit.oak.api.Tree)5 Principal (java.security.Principal)4 Nonnull (javax.annotation.Nonnull)4 Value (javax.jcr.Value)4 UserManager (org.apache.jackrabbit.api.security.user.UserManager)4 LdapIdentityProvider (org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider)4 Collection (java.util.Collection)3