Search in sources :

Example 36 with SyncopeClient

use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.

the class UserSelfITCase method createAndApprove.

@Test
public void createAndApprove() {
    assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
    // self-create user with membership: goes 'createApproval' with resources and membership but no propagation
    UserTO userTO = UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org");
    userTO.getMemberships().add(new MembershipTO.Builder().group("29f96485-729e-4d31-88a1-6fc60e4677f3").build());
    userTO.getResources().add(RESOURCE_NAME_TESTDB);
    SyncopeClient anonClient = clientFactory.create();
    userTO = anonClient.getService(UserSelfService.class).create(userTO, true).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
    }).getEntity();
    assertNotNull(userTO);
    assertEquals("createApproval", userTO.getStatus());
    assertFalse(userTO.getMemberships().isEmpty());
    assertFalse(userTO.getResources().isEmpty());
    try {
        resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey());
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.NotFound, e.getType());
    }
    // now approve and verify that propagation has happened
    WorkflowFormTO form = userWorkflowService.getFormForUser(userTO.getKey());
    form = userWorkflowService.claimForm(form.getTaskId());
    form.getProperty("approveCreate").get().setValue(Boolean.TRUE.toString());
    userTO = userWorkflowService.submitForm(form);
    assertNotNull(userTO);
    assertEquals("active", userTO.getStatus());
    assertNotNull(resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey()));
}
Also used : UserTO(org.apache.syncope.common.lib.to.UserTO) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO) Test(org.junit.jupiter.api.Test)

Example 37 with SyncopeClient

use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.

the class UserSelfITCase method updateWithoutApproval.

@Test
public void updateWithoutApproval() {
    // 1. create user as admin
    UserTO created = createUser(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org")).getEntity();
    assertNotNull(created);
    assertFalse(created.getUsername().endsWith("XX"));
    // 2. self-update (username) - works
    UserPatch userPatch = new UserPatch();
    userPatch.setKey(created.getKey());
    userPatch.setUsername(new StringReplacePatchItem.Builder().value(created.getUsername() + "XX").build());
    SyncopeClient authClient = clientFactory.create(created.getUsername(), "password123");
    UserTO updated = authClient.getService(UserSelfService.class).update(userPatch).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
    }).getEntity();
    assertNotNull(updated);
    assertEquals(FlowableDetector.isFlowableEnabledForUsers(syncopeService) ? "active" : "created", updated.getStatus());
    assertTrue(updated.getUsername().endsWith("XX"));
}
Also used : GenericType(javax.ws.rs.core.GenericType) StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem) UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService) UserTO(org.apache.syncope.common.lib.to.UserTO) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Test(org.junit.jupiter.api.Test)

Example 38 with SyncopeClient

use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.

the class UserSelfITCase method create.

@Test
public void create() {
    assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
    // 1. self-registration as admin: failure
    try {
        userSelfService.create(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org"), true);
        fail("This should not happen");
    } catch (ForbiddenException e) {
        assertNotNull(e);
    }
    // 2. self-registration as anonymous: works
    SyncopeClient anonClient = clientFactory.create();
    UserTO self = anonClient.getService(UserSelfService.class).create(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org"), true).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
    }).getEntity();
    assertNotNull(self);
    assertEquals("createApproval", self.getStatus());
}
Also used : ForbiddenException(javax.ws.rs.ForbiddenException) GenericType(javax.ws.rs.core.GenericType) UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService) UserTO(org.apache.syncope.common.lib.to.UserTO) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Test(org.junit.jupiter.api.Test)

Example 39 with SyncopeClient

use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.

the class UserSelfITCase method passwordReset.

@Test
public void passwordReset() {
    // 0. ensure that password request DOES require security question
    configurationService.set(attrTO("passwordReset.securityQuestion", "true"));
    // 1. create an user with security question and answer
    UserTO user = UserITCase.getUniqueSampleTO("pwdReset@syncope.apache.org");
    user.setSecurityQuestion("887028ea-66fc-41e7-b397-620d7ea6dfbb");
    user.setSecurityAnswer("Rossi");
    user.getResources().add(RESOURCE_NAME_TESTDB);
    createUser(user);
    // verify propagation (including password) on external db
    JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
    String pwdOnResource = queryForObject(jdbcTemplate, 50, "SELECT password FROM test WHERE id=?", String.class, user.getUsername());
    assertTrue(StringUtils.isNotBlank(pwdOnResource));
    // 2. verify that new user is able to authenticate
    SyncopeClient authClient = clientFactory.create(user.getUsername(), "password123");
    UserTO read = authClient.self().getRight();
    assertNotNull(read);
    // 3. request password reset (as anonymous) providing the expected security answer
    SyncopeClient anonClient = clientFactory.create();
    try {
        anonClient.getService(UserSelfService.class).requestPasswordReset(user.getUsername(), "WRONG");
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.InvalidSecurityAnswer, e.getType());
    }
    anonClient.getService(UserSelfService.class).requestPasswordReset(user.getUsername(), "Rossi");
    // 4. get token (normally sent via e-mail, now reading as admin)
    String token = userService.read(read.getKey()).getToken();
    assertNotNull(token);
    // 5. confirm password reset
    try {
        anonClient.getService(UserSelfService.class).confirmPasswordReset("WRONG TOKEN", "newPassword");
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.NotFound, e.getType());
        assertTrue(e.getMessage().contains("WRONG TOKEN"));
    }
    anonClient.getService(UserSelfService.class).confirmPasswordReset(token, "newPassword123");
    // 6. verify that password was reset and token removed
    authClient = clientFactory.create(user.getUsername(), "newPassword123");
    read = authClient.self().getRight();
    assertNotNull(read);
    assertNull(read.getToken());
    // 7. verify that password was changed on external resource
    String newPwdOnResource = queryForObject(jdbcTemplate, 50, "SELECT password FROM test WHERE id=?", String.class, user.getUsername());
    assertTrue(StringUtils.isNotBlank(newPwdOnResource));
    assertNotEquals(pwdOnResource, newPwdOnResource);
}
Also used : UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService) UserTO(org.apache.syncope.common.lib.to.UserTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Test(org.junit.jupiter.api.Test)

Example 40 with SyncopeClient

use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.

the class UserSelfITCase method delete.

@Test
public void delete() {
    UserTO created = createUser(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org")).getEntity();
    assertNotNull(created);
    SyncopeClient authClient = clientFactory.create(created.getUsername(), "password123");
    UserTO deleted = authClient.getService(UserSelfService.class).delete().readEntity(new GenericType<ProvisioningResult<UserTO>>() {
    }).getEntity();
    assertNotNull(deleted);
    assertEquals(FlowableDetector.isFlowableEnabledForUsers(syncopeService) ? "deleteApproval" : null, deleted.getStatus());
}
Also used : GenericType(javax.ws.rs.core.GenericType) UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService) UserTO(org.apache.syncope.common.lib.to.UserTO) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Test(org.junit.jupiter.api.Test)

Aggregations

SyncopeClient (org.apache.syncope.client.lib.SyncopeClient)40 Test (org.junit.jupiter.api.Test)31 Response (javax.ws.rs.core.Response)15 UserTO (org.apache.syncope.common.lib.to.UserTO)15 UserSelfService (org.apache.syncope.common.rest.api.service.UserSelfService)15 AccessControlException (java.security.AccessControlException)12 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)11 Date (java.util.Date)10 HmacJwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider)10 JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)10 JwsJwtCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer)10 JwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)10 NoneJwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider)10 JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)10 Calendar (java.util.Calendar)9 IOException (java.io.IOException)8 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)8 AccessTokenService (org.apache.syncope.common.rest.api.service.AccessTokenService)8 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)7 SyncopeClientFactoryBean (org.apache.syncope.client.lib.SyncopeClientFactoryBean)7