Examples with Approval org.cloudfoundry.identity.uaa.approval.Approval used on opensource projects

Example 56 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class ClientAdminEndpointsIntegrationTests method testClientApprovalsDeleted.

@Test
public void testClientApprovalsDeleted() throws Exception {
    // create client
    BaseClientDetails client = createClient("client_credentials", "password");
    assertNotNull(getClient(client.getClientId()));
    // issue a user token for this client
    OAuth2AccessToken userToken = getUserAccessToken(client.getClientId(), "secret", testAccounts.getUserName(), testAccounts.getPassword(), "oauth.approvals");
    // make sure we don't have any approvals
    Approval[] approvals = getApprovals(userToken.getValue(), client.getClientId());
    Assert.assertEquals(0, approvals.length);
    // create three approvals
    addApprovals(userToken.getValue(), client.getClientId());
    approvals = getApprovals(userToken.getValue(), client.getClientId());
    Assert.assertEquals(3, approvals.length);
    // delete the client
    ResponseEntity<Void> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients/{client}"), HttpMethod.DELETE, new HttpEntity<BaseClientDetails>(client, getAuthenticatedHeaders(token)), Void.class, client.getClientId());
    assertEquals(HttpStatus.OK, result.getStatusCode());
    // create a client that can read another clients approvals
    String deletedClientId = client.getClientId();
    client = createApprovalsClient("password");
    userToken = getUserAccessToken(client.getClientId(), "secret", testAccounts.getUserName(), testAccounts.getPassword(), "oauth.approvals");
    // make sure we don't have any approvals
    approvals = getApprovals(userToken.getValue(), deletedClientId);
    Assert.assertEquals(0, approvals.length);
    assertNull(getClient(deletedClientId));
}

Example 57 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class ClientAdminEndpointsIntegrationTests method getApprovals.

private Approval[] getApprovals(String token, String clientId) {
    String filter = "client_id eq \"" + clientId + "\"";
    HttpHeaders headers = getAuthenticatedHeaders(token);
    ResponseEntity<Approval[]> approvals = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/approvals"), HttpMethod.GET, new HttpEntity<>(headers), Approval[].class, filter);
    assertEquals(HttpStatus.OK, approvals.getStatusCode());
    return Arrays.stream(approvals.getBody()).filter(a -> clientId.equals(a.getClientId())).toArray(Approval[]::new);
}

Example 58 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class ProfileControllerMockMvcTests method setUp.

@BeforeEach
void setUp() {
    currentIdentityZoneId = "currentIdentityZoneId-" + UUID.randomUUID().toString();
    when(identityZoneManager.getCurrentIdentityZoneId()).thenReturn(currentIdentityZoneId);
    SecurityContextHolder.clearContext();
    mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).build();
    Mockito.reset(approvalStore);
    Mockito.reset(clientDetailsService);
    DescribedApproval otherApproval = new DescribedApproval();
    otherApproval.setUserId(USER_ID);
    otherApproval.setClientId("other-client");
    otherApproval.setScope("thing.read");
    otherApproval.setStatus(APPROVED);
    otherApproval.setDescription("Read your thing resources");
    DescribedApproval readApproval = new DescribedApproval();
    readApproval.setUserId(USER_ID);
    readApproval.setClientId("app");
    readApproval.setScope("thing.read");
    readApproval.setStatus(APPROVED);
    readApproval.setDescription("Read your thing resources");
    DescribedApproval writeApproval = new DescribedApproval();
    writeApproval.setUserId(USER_ID);
    writeApproval.setClientId("app");
    writeApproval.setScope("thing.write");
    writeApproval.setStatus(APPROVED);
    writeApproval.setDescription("Write to your thing resources");
    List<DescribedApproval> allDescApprovals = Arrays.asList(otherApproval, readApproval, writeApproval);
    List<Approval> allApprovals = new LinkedList<>(allDescApprovals);
    when(approvalStore.getApprovalsForUser(anyString(), eq(currentIdentityZoneId))).thenReturn(allApprovals);
    BaseClientDetails appClient = new BaseClientDetails("app", "thing", "thing.read,thing.write", GRANT_TYPE_AUTHORIZATION_CODE, "");
    appClient.addAdditionalInformation(ClientConstants.CLIENT_NAME, THE_ULTIMATE_APP);
    when(clientDetailsService.loadClientByClientId("app", currentIdentityZoneId)).thenReturn(appClient);
    BaseClientDetails otherClient = new BaseClientDetails("other-client", "thing", "thing.read,thing.write", GRANT_TYPE_AUTHORIZATION_CODE, "");
    otherClient.addAdditionalInformation(ClientConstants.CLIENT_NAME, THE_ULTIMATE_APP);
    when(clientDetailsService.loadClientByClientId("other-client", currentIdentityZoneId)).thenReturn(otherClient);
}

Example 59 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testApprovalsAreDeleted.

@Test
void testApprovalsAreDeleted() throws Exception {
    ClientDetails details = createClient(adminToken, new RandomValueStringGenerator().generate(), SECRET, Collections.singleton("password"));
    String userToken = testClient.getUserOAuthAccessToken(details.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
    Approval[] approvals = getApprovals(details.getClientId());
    assertEquals(0, approvals.length);
    addApprovals(userToken, details.getClientId());
    approvals = getApprovals(details.getClientId());
    assertEquals(3, approvals.length);
    MockHttpServletRequestBuilder deleteClientsPost = post("/oauth/clients/tx/delete").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(new ClientDetails[] { details }));
    ResultActions result = mockMvc.perform(deleteClientsPost);
    result.andExpect(status().isOk());
    ClientDetailsModification[] deleted = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
    assertTrue(deleted[0].isApprovalsDeleted());
    verify(mockApplicationEventPublisher, times(2)).publishEvent(abstractUaaEventCaptor.capture());
    approvals = getApprovals(details.getClientId());
    assertEquals(0, approvals.length);
}

Example 60 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class AuditCheckMockMvcTests method testUserApprovalAdded.

@Test
void testUserApprovalAdded() throws Exception {
    clientRegistrationService.updateClientDetails(new BaseClientDetails("login", "oauth", "oauth.approvals", "password", "oauth.login"));
    String marissaToken = testClient.getUserOAuthAccessToken("login", "loginsecret", testUser.getUserName(), testPassword, "oauth.approvals");
    Approval[] approvals = { new Approval().setUserId(null).setClientId("app").setScope("cloud_controller.read").setExpiresAt(Approval.timeFromNow(1000)).setStatus(Approval.ApprovalStatus.APPROVED) };
    MockHttpServletRequestBuilder approvalsPut = put("/approvals").accept(APPLICATION_JSON_VALUE).contentType(MediaType.APPLICATION_JSON).session(new MockHttpSession()).header("Authorization", "Bearer " + marissaToken).content(JsonUtils.writeValueAsBytes(approvals));
    resetAuditTestReceivers();
    mockMvc.perform(approvalsPut).andExpect(status().isOk());
    assertNumberOfAuditEventsReceived(1);
    ApprovalModifiedEvent approvalModifiedEvent = (ApprovalModifiedEvent) testListener.getLatestEvent();
    assertEquals(testUser.getUserName(), approvalModifiedEvent.getAuthentication().getName());
    assertTrue(approvalModifiedEvent.getAuditEvent().getOrigin().contains("sessionId=<SESSION>"));
    String latestMessage = testLogger.getLatestMessage();
    assertThat(latestMessage, containsString(" user=" + testUser.getUserName()));
    assertLogMessageWithSession(latestMessage, ApprovalModifiedEvent, testUser.getId(), "{\"scope\":\"cloud_controller.read\",\"status\":\"APPROVED\"}");
}