use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.
the class DefaultSyncHandlerTest method testCreateContext.
@Test
public void testCreateContext() throws Exception {
SyncContext ctx = syncHandler.createContext(idp, userManager, getValueFactory());
assertTrue(ctx instanceof DefaultSyncContext);
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.
the class DynamicSyncContextTest method testSyncUserIdExistingGroups.
@Test
public void testSyncUserIdExistingGroups() throws Exception {
ExternalUser externalUser = idp.getUser(USER_ID);
DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
ctx.sync(externalUser);
ctx.close();
Authorizable user = userManager.getAuthorizable(externalUser.getId());
for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) {
Group gr = userManager.getAuthorizable(ref.getId(), Group.class);
assertTrue(gr.isMember(user));
}
syncContext.setForceUserSync(true);
syncContext.sync(externalUser.getId());
Authorizable a = userManager.getAuthorizable(USER_ID);
Tree t = r.getTree(a.getPath());
assertFalse(t.hasProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES));
assertSyncedMembership(userManager, a, externalUser);
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.
the class DynamicSyncContextTest method testSyncExternalUserExistingGroups.
@Test
public void testSyncExternalUserExistingGroups() throws Exception {
syncConfig.user().setMembershipNestingDepth(1);
ExternalUser externalUser = idp.getUser(USER_ID);
DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
ctx.sync(externalUser);
ctx.close();
Authorizable a = userManager.getAuthorizable(USER_ID);
assertSyncedMembership(userManager, a, externalUser);
syncContext.setForceUserSync(true);
syncConfig.user().setMembershipExpirationTime(-1);
syncContext.sync(externalUser);
Tree t = r.getTree(a.getPath());
assertFalse(t.hasProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES));
assertSyncedMembership(userManager, a, externalUser);
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.
the class AbstractPrincipalTest method before.
@Override
public void before() throws Exception {
super.before();
// sync external users into the system using the 2 different sync-context implementations
Root systemRoot = getSystemRoot();
SyncContext syncContext = new DynamicSyncContext(syncConfig, idp, getUserManager(systemRoot), getValueFactory(systemRoot));
syncContext.sync(idp.getUser(USER_ID));
syncContext.close();
syncContext = new DefaultSyncContext(syncConfig, idp, getUserManager(systemRoot), getValueFactory(systemRoot));
syncContext.sync(idp.getUser(TestIdentityProvider.ID_SECOND_USER));
syncContext.close();
systemRoot.commit();
root.refresh();
principalProvider = createPrincipalProvider();
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.
the class PreAuthDefaultExternalLoginModuleTest method testForeign.
@Test
public void testForeign() throws Exception {
// sync foreign user into the repository
// NOTE: that should be considered a bug by the tool that does the sync
// as it uses an IDP that is not configured with the login-chain!
ExternalIdentityProvider foreign = new TestIdentityProvider("foreign");
SyncContext syncContext = new DefaultSyncContext(syncConfig, foreign, getUserManager(root), getValueFactory(root));
SyncResult result = syncContext.sync(foreign.getUser(TestIdentityProvider.ID_TEST_USER));
long lastSynced = result.getIdentity().lastSynced();
root.commit();
PreAuthCredentials creds = new PreAuthCredentials(TestIdentityProvider.ID_TEST_USER);
ContentSession cs = null;
try {
// login should succeed due the fact that the _LoginModuleImpl_ succeeds for
// an existing authorizable if _pre_auth_ is enabled.
cs = login(creds);
assertEquals(PreAuthCredentials.PRE_AUTH_DONE, creds.getMessage());
// foreign user _must_ not have been touched by the _ExternalLoginModule_
root.refresh();
User u = getUserManager(root).getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class);
assertNotNull(u);
assertEquals(lastSynced, DefaultSyncContext.createSyncedIdentity(u).lastSynced());
} finally {
if (cs != null) {
cs.close();
}
}
}
Aggregations