use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method createAndApprove.
@Test
public void createAndApprove() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
// self-create user with membership: goes 'createApproval' with resources and membership but no propagation
UserTO userTO = UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org");
userTO.getMemberships().add(new MembershipTO.Builder().group("29f96485-729e-4d31-88a1-6fc60e4677f3").build());
userTO.getResources().add(RESOURCE_NAME_TESTDB);
SyncopeClient anonClient = clientFactory.create();
userTO = anonClient.getService(UserSelfService.class).create(userTO, true).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(userTO);
assertEquals("createApproval", userTO.getStatus());
assertFalse(userTO.getMemberships().isEmpty());
assertFalse(userTO.getResources().isEmpty());
try {
resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey());
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
// now approve and verify that propagation has happened
WorkflowFormTO form = userWorkflowService.getFormForUser(userTO.getKey());
form = userWorkflowService.claimForm(form.getTaskId());
form.getProperty("approveCreate").get().setValue(Boolean.TRUE.toString());
userTO = userWorkflowService.submitForm(form);
assertNotNull(userTO);
assertEquals("active", userTO.getStatus());
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey()));
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method updateWithoutApproval.
@Test
public void updateWithoutApproval() {
// 1. create user as admin
UserTO created = createUser(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org")).getEntity();
assertNotNull(created);
assertFalse(created.getUsername().endsWith("XX"));
// 2. self-update (username) - works
UserPatch userPatch = new UserPatch();
userPatch.setKey(created.getKey());
userPatch.setUsername(new StringReplacePatchItem.Builder().value(created.getUsername() + "XX").build());
SyncopeClient authClient = clientFactory.create(created.getUsername(), "password123");
UserTO updated = authClient.getService(UserSelfService.class).update(userPatch).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(updated);
assertEquals(FlowableDetector.isFlowableEnabledForUsers(syncopeService) ? "active" : "created", updated.getStatus());
assertTrue(updated.getUsername().endsWith("XX"));
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method create.
@Test
public void create() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
// 1. self-registration as admin: failure
try {
userSelfService.create(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org"), true);
fail("This should not happen");
} catch (ForbiddenException e) {
assertNotNull(e);
}
// 2. self-registration as anonymous: works
SyncopeClient anonClient = clientFactory.create();
UserTO self = anonClient.getService(UserSelfService.class).create(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org"), true).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(self);
assertEquals("createApproval", self.getStatus());
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method passwordReset.
@Test
public void passwordReset() {
// 0. ensure that password request DOES require security question
configurationService.set(attrTO("passwordReset.securityQuestion", "true"));
// 1. create an user with security question and answer
UserTO user = UserITCase.getUniqueSampleTO("pwdReset@syncope.apache.org");
user.setSecurityQuestion("887028ea-66fc-41e7-b397-620d7ea6dfbb");
user.setSecurityAnswer("Rossi");
user.getResources().add(RESOURCE_NAME_TESTDB);
createUser(user);
// verify propagation (including password) on external db
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
String pwdOnResource = queryForObject(jdbcTemplate, 50, "SELECT password FROM test WHERE id=?", String.class, user.getUsername());
assertTrue(StringUtils.isNotBlank(pwdOnResource));
// 2. verify that new user is able to authenticate
SyncopeClient authClient = clientFactory.create(user.getUsername(), "password123");
UserTO read = authClient.self().getRight();
assertNotNull(read);
// 3. request password reset (as anonymous) providing the expected security answer
SyncopeClient anonClient = clientFactory.create();
try {
anonClient.getService(UserSelfService.class).requestPasswordReset(user.getUsername(), "WRONG");
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidSecurityAnswer, e.getType());
}
anonClient.getService(UserSelfService.class).requestPasswordReset(user.getUsername(), "Rossi");
// 4. get token (normally sent via e-mail, now reading as admin)
String token = userService.read(read.getKey()).getToken();
assertNotNull(token);
// 5. confirm password reset
try {
anonClient.getService(UserSelfService.class).confirmPasswordReset("WRONG TOKEN", "newPassword");
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
assertTrue(e.getMessage().contains("WRONG TOKEN"));
}
anonClient.getService(UserSelfService.class).confirmPasswordReset(token, "newPassword123");
// 6. verify that password was reset and token removed
authClient = clientFactory.create(user.getUsername(), "newPassword123");
read = authClient.self().getRight();
assertNotNull(read);
assertNull(read.getToken());
// 7. verify that password was changed on external resource
String newPwdOnResource = queryForObject(jdbcTemplate, 50, "SELECT password FROM test WHERE id=?", String.class, user.getUsername());
assertTrue(StringUtils.isNotBlank(newPwdOnResource));
assertNotEquals(pwdOnResource, newPwdOnResource);
}
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method delete.
@Test
public void delete() {
UserTO created = createUser(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org")).getEntity();
assertNotNull(created);
SyncopeClient authClient = clientFactory.create(created.getUsername(), "password123");
UserTO deleted = authClient.getService(UserSelfService.class).delete().readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(deleted);
assertEquals(FlowableDetector.isFlowableEnabledForUsers(syncopeService) ? "deleteApproval" : null, deleted.getStatus());
}
Aggregations