use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class JWTITCase method queryUsingToken.
@Test
public void queryUsingToken() throws ParseException {
// Get the token
SyncopeClient localClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
AccessTokenService accessTokenService = localClient.getService(AccessTokenService.class);
Response response = accessTokenService.login();
String token = response.getHeaderString(RESTHeaders.TOKEN);
assertNotNull(token);
// Query the UserSelfService using the token
SyncopeClient jwtClient = clientFactory.create(token);
UserSelfService jwtUserSelfService = jwtClient.getService(UserSelfService.class);
jwtUserSelfService.read();
// Test a "bad" token
jwtClient = clientFactory.create(token + "xyz");
jwtUserSelfService = jwtClient.getService(UserSelfService.class);
try {
jwtUserSelfService.read();
fail("Failure expected on a modified token");
} catch (WebServiceException ex) {
// expected
}
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class RESTITCase method noContent.
@Test
public void noContent() throws IOException {
SyncopeClient noContentclient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
GroupService noContentService = noContentclient.prefer(noContentclient.getService(GroupService.class), Preference.RETURN_NO_CONTENT);
GroupTO group = GroupITCase.getSampleTO("noContent");
Response response = noContentService.create(group);
assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatus());
assertEquals(Preference.RETURN_NO_CONTENT.toString(), response.getHeaderString(RESTHeaders.PREFERENCE_APPLIED));
assertEquals(StringUtils.EMPTY, IOUtils.toString((InputStream) response.getEntity(), StandardCharsets.UTF_8));
group = getObject(response.getLocation(), GroupService.class, GroupTO.class);
assertNotNull(group);
GroupPatch groupPatch = new GroupPatch();
groupPatch.setKey(group.getKey());
groupPatch.getPlainAttrs().add(attrAddReplacePatch("badge", "xxxxxxxxxx"));
response = noContentService.update(groupPatch);
assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
assertEquals(Preference.RETURN_NO_CONTENT.toString(), response.getHeaderString(RESTHeaders.PREFERENCE_APPLIED));
assertEquals(StringUtils.EMPTY, IOUtils.toString((InputStream) response.getEntity(), StandardCharsets.UTF_8));
response = noContentService.delete(group.getKey());
assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
assertEquals(Preference.RETURN_NO_CONTENT.toString(), response.getHeaderString(RESTHeaders.PREFERENCE_APPLIED));
assertEquals(StringUtils.EMPTY, IOUtils.toString((InputStream) response.getEntity(), StandardCharsets.UTF_8));
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class ConnectorITCase method authorizations.
@Test
public void authorizations() {
SyncopeClient puccini = clientFactory.create("puccini", ADMIN_PWD);
ConnectorService pcs = puccini.getService(ConnectorService.class);
// 1. list connectors: get only the ones allowed
List<ConnInstanceTO> connInstances = pcs.list(null);
assertEquals(2, connInstances.size());
assertTrue(connInstances.stream().allMatch(connInstance -> "a6d017fd-a705-4507-bb7c-6ab6a6745997".equals(connInstance.getKey()) || "44c02549-19c3-483c-8025-4919c3283c37".equals(connInstance.getKey())));
// 2. attempt to read a connector with a different admin realm: fail
try {
pcs.read("88a7a819-dab5-46b4-9b90-0b9769eabdb8", null);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
}
// 3. read and upate a connector in the realm for which entitlements are owned: succeed
try {
ConnInstanceTO scriptedsql = pcs.read("a6d017fd-a705-4507-bb7c-6ab6a6745997", null);
ConnConfProperty reloadScriptOnExecution = scriptedsql.getConf("reloadScriptOnExecution").get();
assertEquals("true", reloadScriptOnExecution.getValues().get(0).toString());
reloadScriptOnExecution.getValues().set(0, "false");
pcs.update(scriptedsql);
scriptedsql = pcs.read(scriptedsql.getKey(), null);
reloadScriptOnExecution = scriptedsql.getConf("reloadScriptOnExecution").get();
assertEquals("false", reloadScriptOnExecution.getValues().get(0).toString());
} finally {
ConnInstanceTO scriptedsql = connectorService.read("a6d017fd-a705-4507-bb7c-6ab6a6745997", null);
ConnConfProperty reloadScriptOnExecution = scriptedsql.getConf("reloadScriptOnExecution").get();
reloadScriptOnExecution.getValues().set(0, "true");
connectorService.update(scriptedsql);
}
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class AssertionConsumer method doPost.
@Override
protected void doPost(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
SyncopeClient anonymous = (SyncopeClient) request.getServletContext().getAttribute(Constants.SYNCOPE_ANONYMOUS_CLIENT);
try {
SAML2LoginResponseTO responseTO = anonymous.getService(SAML2SPService.class).validateLoginResponse(extract(StringUtils.substringBefore(request.getRequestURL().toString(), "/saml2sp"), "saml2sp", request.getRemoteAddr(), request.getInputStream()));
if (responseTO.isSelfReg()) {
responseTO.getAttrs().add(new AttrTO.Builder().schema("username").values(responseTO.getUsername()).build());
request.getSession(true).setAttribute(Constants.SAML2SP_USER_ATTRS, MAPPER.writeValueAsString(responseTO.getAttrs()));
String selfRegRedirectURL = getServletContext().getInitParameter(Constants.CONTEXT_PARAM_REDIRECT_SELFREG_URL);
if (selfRegRedirectURL == null) {
request.setAttribute("responseTO", responseTO);
request.getRequestDispatcher("loginSuccess.jsp").forward(request, response);
} else {
response.sendRedirect(selfRegRedirectURL);
}
} else {
request.getSession(true).setAttribute(Constants.SAML2SPJWT, responseTO.getAccessToken());
request.getSession(true).setAttribute(Constants.SAML2SPJWT_EXPIRE, responseTO.getAccessTokenExpiryTime());
String successURL = getServletContext().getInitParameter(Constants.CONTEXT_PARAM_LOGIN_SUCCESS_URL);
if (successURL == null) {
request.setAttribute("responseTO", responseTO);
request.getRequestDispatcher("loginSuccess.jsp").forward(request, response);
} else {
response.sendRedirect(successURL + "?sloSupported=" + responseTO.isSloSupported());
}
}
} catch (Exception e) {
LOG.error("While processing authentication response from IdP", e);
String errorURL = getServletContext().getInitParameter(Constants.CONTEXT_PARAM_LOGIN_ERROR_URL);
if (errorURL == null) {
request.setAttribute("exception", e);
request.getRequestDispatcher("loginError.jsp").forward(request, response);
e.printStackTrace(response.getWriter());
} else {
response.sendRedirect(errorURL + "?errorMessage=" + URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8.name()));
}
}
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class Login method doGet.
@Override
protected void doGet(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
String idp = request.getParameter(Constants.PARAM_IDP);
SyncopeClient anonymous = (SyncopeClient) request.getServletContext().getAttribute(Constants.SYNCOPE_ANONYMOUS_CLIENT);
try {
SAML2RequestTO requestTO = anonymous.getService(SAML2SPService.class).createLoginRequest(StringUtils.substringBefore(request.getRequestURL().toString(), "/saml2sp"), idp);
prepare(response, requestTO);
} catch (Exception e) {
LOG.error("While preparing authentication request to IdP", e);
String errorURL = getServletContext().getInitParameter(Constants.CONTEXT_PARAM_LOGIN_ERROR_URL);
if (errorURL == null) {
request.setAttribute("exception", e);
request.getRequestDispatcher("loginError.jsp").forward(request, response);
e.printStackTrace(response.getWriter());
} else {
response.sendRedirect(errorURL + "?errorMessage=" + URLEncoder.encode(e.getMessage(), StandardCharsets.UTF_8.name()));
}
}
}
Aggregations