Search in sources :

Example 1 with DefaultSyncContext

use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.

the class DefaultSyncHandlerTest method testCreateContext.

@Test
public void testCreateContext() throws Exception {
    SyncContext ctx = syncHandler.createContext(idp, userManager, getValueFactory());
    assertTrue(ctx instanceof DefaultSyncContext);
}
Also used : DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) SyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext) DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) Test(org.junit.Test)

Example 2 with DefaultSyncContext

use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.

the class DynamicSyncContextTest method testSyncUserIdExistingGroups.

@Test
public void testSyncUserIdExistingGroups() throws Exception {
    ExternalUser externalUser = idp.getUser(USER_ID);
    DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
    ctx.sync(externalUser);
    ctx.close();
    Authorizable user = userManager.getAuthorizable(externalUser.getId());
    for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) {
        Group gr = userManager.getAuthorizable(ref.getId(), Group.class);
        assertTrue(gr.isMember(user));
    }
    syncContext.setForceUserSync(true);
    syncContext.sync(externalUser.getId());
    Authorizable a = userManager.getAuthorizable(USER_ID);
    Tree t = r.getTree(a.getPath());
    assertFalse(t.hasProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES));
    assertSyncedMembership(userManager, a, externalUser);
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) Tree(org.apache.jackrabbit.oak.api.Tree) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 3 with DefaultSyncContext

use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.

the class DynamicSyncContextTest method testSyncExternalUserExistingGroups.

@Test
public void testSyncExternalUserExistingGroups() throws Exception {
    syncConfig.user().setMembershipNestingDepth(1);
    ExternalUser externalUser = idp.getUser(USER_ID);
    DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
    ctx.sync(externalUser);
    ctx.close();
    Authorizable a = userManager.getAuthorizable(USER_ID);
    assertSyncedMembership(userManager, a, externalUser);
    syncContext.setForceUserSync(true);
    syncConfig.user().setMembershipExpirationTime(-1);
    syncContext.sync(externalUser);
    Tree t = r.getTree(a.getPath());
    assertFalse(t.hasProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES));
    assertSyncedMembership(userManager, a, externalUser);
}
Also used : DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) Tree(org.apache.jackrabbit.oak.api.Tree) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 4 with DefaultSyncContext

use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.

the class AbstractPrincipalTest method before.

@Override
public void before() throws Exception {
    super.before();
    // sync external users into the system using the 2 different sync-context implementations
    Root systemRoot = getSystemRoot();
    SyncContext syncContext = new DynamicSyncContext(syncConfig, idp, getUserManager(systemRoot), getValueFactory(systemRoot));
    syncContext.sync(idp.getUser(USER_ID));
    syncContext.close();
    syncContext = new DefaultSyncContext(syncConfig, idp, getUserManager(systemRoot), getValueFactory(systemRoot));
    syncContext.sync(idp.getUser(TestIdentityProvider.ID_SECOND_USER));
    syncContext.close();
    systemRoot.commit();
    root.refresh();
    principalProvider = createPrincipalProvider();
}
Also used : DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) Root(org.apache.jackrabbit.oak.api.Root) DynamicSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DynamicSyncContext) SyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext) DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) DynamicSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DynamicSyncContext)

Example 5 with DefaultSyncContext

use of org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext in project jackrabbit-oak by apache.

the class PreAuthDefaultExternalLoginModuleTest method testForeign.

@Test
public void testForeign() throws Exception {
    // sync foreign user into the repository
    // NOTE: that should be considered a bug by the tool that does the sync
    // as it uses an IDP that is not configured with the login-chain!
    ExternalIdentityProvider foreign = new TestIdentityProvider("foreign");
    SyncContext syncContext = new DefaultSyncContext(syncConfig, foreign, getUserManager(root), getValueFactory(root));
    SyncResult result = syncContext.sync(foreign.getUser(TestIdentityProvider.ID_TEST_USER));
    long lastSynced = result.getIdentity().lastSynced();
    root.commit();
    PreAuthCredentials creds = new PreAuthCredentials(TestIdentityProvider.ID_TEST_USER);
    ContentSession cs = null;
    try {
        // login should succeed due the fact that the  _LoginModuleImpl_ succeeds for
        // an existing authorizable if _pre_auth_ is enabled.
        cs = login(creds);
        assertEquals(PreAuthCredentials.PRE_AUTH_DONE, creds.getMessage());
        // foreign user _must_ not have been touched by the _ExternalLoginModule_
        root.refresh();
        User u = getUserManager(root).getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class);
        assertNotNull(u);
        assertEquals(lastSynced, DefaultSyncContext.createSyncedIdentity(u).lastSynced());
    } finally {
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) User(org.apache.jackrabbit.api.security.user.User) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) Test(org.junit.Test)

Aggregations

DefaultSyncContext (org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext)11 Test (org.junit.Test)9 AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)5 SyncContext (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext)5 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)4 User (org.apache.jackrabbit.api.security.user.User)3 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)3 ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)3 ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)3 Tree (org.apache.jackrabbit.oak.api.Tree)2 ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)2 SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)2 Group (org.apache.jackrabbit.api.security.user.Group)1 UserManager (org.apache.jackrabbit.api.security.user.UserManager)1 Root (org.apache.jackrabbit.oak.api.Root)1 DynamicSyncContext (org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DynamicSyncContext)1