Example 36 with SyncopeClient
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method createAndApprove.
@Test
public void createAndApprove() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
// self-create user with membership: goes 'createApproval' with resources and membership but no propagation
UserTO userTO = UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org");
userTO.getMemberships().add(new MembershipTO.Builder().group("29f96485-729e-4d31-88a1-6fc60e4677f3").build());
userTO.getResources().add(RESOURCE_NAME_TESTDB);
SyncopeClient anonClient = clientFactory.create();
userTO = anonClient.getService(UserSelfService.class).create(userTO, true).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(userTO);
assertEquals("createApproval", userTO.getStatus());
assertFalse(userTO.getMemberships().isEmpty());
assertFalse(userTO.getResources().isEmpty());
try {
resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey());
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
// now approve and verify that propagation has happened
WorkflowFormTO form = userWorkflowService.getFormForUser(userTO.getKey());
form = userWorkflowService.claimForm(form.getTaskId());
form.getProperty("approveCreate").get().setValue(Boolean.TRUE.toString());
userTO = userWorkflowService.submitForm(form);
assertNotNull(userTO);
assertEquals("active", userTO.getStatus());
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey()));
}
Also used :
UserTO(org.apache.syncope.common.lib.to.UserTO)
MembershipTO(org.apache.syncope.common.lib.to.MembershipTO)
ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
SyncopeClient(org.apache.syncope.client.lib.SyncopeClient)
WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO)
Test(org.junit.jupiter.api.Test)
Example 37 with SyncopeClient
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method updateWithoutApproval.
@Test
public void updateWithoutApproval() {
// 1. create user as admin
UserTO created = createUser(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org")).getEntity();
assertNotNull(created);
assertFalse(created.getUsername().endsWith("XX"));
// 2. self-update (username) - works
UserPatch userPatch = new UserPatch();
userPatch.setKey(created.getKey());
userPatch.setUsername(new StringReplacePatchItem.Builder().value(created.getUsername() + "XX").build());
SyncopeClient authClient = clientFactory.create(created.getUsername(), "password123");
UserTO updated = authClient.getService(UserSelfService.class).update(userPatch).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(updated);
assertEquals(FlowableDetector.isFlowableEnabledForUsers(syncopeService) ? "active" : "created", updated.getStatus());
assertTrue(updated.getUsername().endsWith("XX"));
}
Also used :
GenericType(javax.ws.rs.core.GenericType)
StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem)
UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
UserPatch(org.apache.syncope.common.lib.patch.UserPatch)
SyncopeClient(org.apache.syncope.client.lib.SyncopeClient)
Test(org.junit.jupiter.api.Test)
Example 38 with SyncopeClient
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method create.
@Test
public void create() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
// 1. self-registration as admin: failure
try {
userSelfService.create(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org"), true);
fail("This should not happen");
} catch (ForbiddenException e) {
assertNotNull(e);
}
// 2. self-registration as anonymous: works
SyncopeClient anonClient = clientFactory.create();
UserTO self = anonClient.getService(UserSelfService.class).create(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org"), true).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(self);
assertEquals("createApproval", self.getStatus());
}
Also used :
ForbiddenException(javax.ws.rs.ForbiddenException)
GenericType(javax.ws.rs.core.GenericType)
UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
SyncopeClient(org.apache.syncope.client.lib.SyncopeClient)
Test(org.junit.jupiter.api.Test)
Example 39 with SyncopeClient
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method passwordReset.
@Test
public void passwordReset() {
// 0. ensure that password request DOES require security question
configurationService.set(attrTO("passwordReset.securityQuestion", "true"));
// 1. create an user with security question and answer
UserTO user = UserITCase.getUniqueSampleTO("pwdReset@syncope.apache.org");
user.setSecurityQuestion("887028ea-66fc-41e7-b397-620d7ea6dfbb");
user.setSecurityAnswer("Rossi");
user.getResources().add(RESOURCE_NAME_TESTDB);
createUser(user);
// verify propagation (including password) on external db
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
String pwdOnResource = queryForObject(jdbcTemplate, 50, "SELECT password FROM test WHERE id=?", String.class, user.getUsername());
assertTrue(StringUtils.isNotBlank(pwdOnResource));
// 2. verify that new user is able to authenticate
SyncopeClient authClient = clientFactory.create(user.getUsername(), "password123");
UserTO read = authClient.self().getRight();
assertNotNull(read);
// 3. request password reset (as anonymous) providing the expected security answer
SyncopeClient anonClient = clientFactory.create();
try {
anonClient.getService(UserSelfService.class).requestPasswordReset(user.getUsername(), "WRONG");
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidSecurityAnswer, e.getType());
}
anonClient.getService(UserSelfService.class).requestPasswordReset(user.getUsername(), "Rossi");
// 4. get token (normally sent via e-mail, now reading as admin)
String token = userService.read(read.getKey()).getToken();
assertNotNull(token);
// 5. confirm password reset
try {
anonClient.getService(UserSelfService.class).confirmPasswordReset("WRONG TOKEN", "newPassword");
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
assertTrue(e.getMessage().contains("WRONG TOKEN"));
}
anonClient.getService(UserSelfService.class).confirmPasswordReset(token, "newPassword123");
// 6. verify that password was reset and token removed
authClient = clientFactory.create(user.getUsername(), "newPassword123");
read = authClient.self().getRight();
assertNotNull(read);
assertNull(read.getToken());
// 7. verify that password was changed on external resource
String newPwdOnResource = queryForObject(jdbcTemplate, 50, "SELECT password FROM test WHERE id=?", String.class, user.getUsername());
assertTrue(StringUtils.isNotBlank(newPwdOnResource));
assertNotEquals(pwdOnResource, newPwdOnResource);
}
Also used :
UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate)
SyncopeClient(org.apache.syncope.client.lib.SyncopeClient)
Test(org.junit.jupiter.api.Test)
Example 40 with SyncopeClient
use of org.apache.syncope.client.lib.SyncopeClient in project syncope by apache.
the class UserSelfITCase method delete.
@Test
public void delete() {
UserTO created = createUser(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org")).getEntity();
assertNotNull(created);
SyncopeClient authClient = clientFactory.create(created.getUsername(), "password123");
UserTO deleted = authClient.getService(UserSelfService.class).delete().readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(deleted);
assertEquals(FlowableDetector.isFlowableEnabledForUsers(syncopeService) ? "deleteApproval" : null, deleted.getStatus());
}
Also used :
GenericType(javax.ws.rs.core.GenericType)
UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
SyncopeClient(org.apache.syncope.client.lib.SyncopeClient)
Test(org.junit.jupiter.api.Test)
Aggregations
SyncopeClient (org.apache.syncope.client.lib.SyncopeClient)40
Test (org.junit.jupiter.api.Test)31
Response (javax.ws.rs.core.Response)15
UserTO (org.apache.syncope.common.lib.to.UserTO)15
UserSelfService (org.apache.syncope.common.rest.api.service.UserSelfService)15
AccessControlException (java.security.AccessControlException)12
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)11
Date (java.util.Date)10
HmacJwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider)10
JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)10
JwsJwtCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer)10
JwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)10
NoneJwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider)10
JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)10
Calendar (java.util.Calendar)9
IOException (java.io.IOException)8
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)8
AccessTokenService (org.apache.syncope.common.rest.api.service.AccessTokenService)8
JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)7
SyncopeClientFactoryBean (org.apache.syncope.client.lib.SyncopeClientFactoryBean)7
