Search in sources :

Example 71 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class ApprovalsAdminEndpointsTests method attemptingToCreateAnApprovalWithADifferentStatusUpdatesApproval.

@Test
void attemptingToCreateAnApprovalWithADifferentStatusUpdatesApproval() {
    addApproval(marissa.getId(), "uaa.user", 6000, APPROVED);
    addApproval(marissa.getId(), "uaa.admin", 12000, DENIED);
    addApproval(marissa.getId(), "openid", 6000, APPROVED);
    addApproval(marissa.getId(), "openid", 18000, DENIED);
    List<Approval> updatedApprovals = endpoints.getApprovals(userIdFilter(marissa.getId()), 1, 100);
    assertEquals(3, updatedApprovals.size());
    assertTrue(updatedApprovals.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("uaa.user").setExpiresAt(Approval.timeFromNow(6000)).setStatus(APPROVED)));
    assertTrue(updatedApprovals.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("uaa.admin").setExpiresAt(Approval.timeFromNow(12000)).setStatus(DENIED)));
    assertTrue(updatedApprovals.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("openid").setExpiresAt(Approval.timeFromNow(18000)).setStatus(DENIED)));
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Test(org.junit.jupiter.api.Test)

Example 72 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class JdbcApprovalStoreTests method canRefreshApproval.

// TODO: Understand this test. Do we need this test?
// @Test
// void refreshApprovalCallsGetZoneId() {
// Approval app = jdbcApprovalStore.getApprovals("u1", "c1", defaultZoneId).iterator().next();
// IdentityZone spy = spy(IdentityZoneHolder.get());
// IdentityZoneHolder.set(spy);
// jdbcApprovalStore.refreshApproval(app, defaultZoneId);
// verify(spy, times(1)).getId();
// }
@Test
void canRefreshApproval() {
    Approval app = jdbcApprovalStore.getApprovals("u1", "c1", defaultZoneId).iterator().next();
    Date now = new Date();
    jdbcApprovalStore.refreshApproval(new Approval().setUserId(app.getUserId()).setClientId(app.getClientId()).setScope(app.getScope()).setExpiresAt(now).setStatus(APPROVED), defaultZoneId);
    app = jdbcApprovalStore.getApprovals("u1", "c1", defaultZoneId).iterator().next();
    assertThat((int) Math.abs(now.getTime() / 1000d - app.getExpiresAt().getTime() / 1000d), lessThan(2));
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 73 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class JdbcApprovalStoreTests method addApproval.

private static void addApproval(final JdbcApprovalStore jdbcApprovalStore, final String userId, final String clientId, final String scope, final long expiresIn, final ApprovalStatus status, final String zoneId) {
    Date expiresAt = new Timestamp(new Date().getTime() + expiresIn);
    Date lastUpdatedAt = new Date();
    Approval newApproval = new Approval().setUserId(userId).setClientId(clientId).setScope(scope).setExpiresAt(expiresAt).setStatus(status).setLastUpdatedAt(lastUpdatedAt);
    jdbcApprovalStore.addApproval(newApproval, zoneId);
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Timestamp(java.sql.Timestamp) Date(java.util.Date)

Example 74 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class JdbcApprovalStoreTests method canRevokeSingleApproval.

@Test
void canRevokeSingleApproval() {
    List<Approval> approvals = jdbcApprovalStore.getApprovalsForUser("u1", defaultZoneId);
    assertEquals(2, approvals.size());
    Approval toRevoke = approvals.get(0);
    assertTrue(jdbcApprovalStore.revokeApproval(toRevoke, defaultZoneId));
    List<Approval> approvalsAfterRevoke = jdbcApprovalStore.getApprovalsForUser("u1", defaultZoneId);
    assertEquals(1, approvalsAfterRevoke.size());
    assertFalse(approvalsAfterRevoke.contains(toRevoke));
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Test(org.junit.jupiter.api.Test)

Example 75 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class JdbcApprovalStoreTests method addingAndUpdatingAnApprovalPublishesEvents.

@Test
void addingAndUpdatingAnApprovalPublishesEvents() {
    UaaTestAccounts testAccounts = UaaTestAccounts.standard(null);
    Approval approval = new Approval().setUserId(testAccounts.getUserName()).setClientId("app").setScope("cloud_controller.read").setExpiresAt(Approval.timeFromNow(1000)).setStatus(ApprovalStatus.APPROVED);
    eventPublisher.clearEvents();
    MockAuthentication authentication = new MockAuthentication();
    SecurityContextHolder.getContext().setAuthentication(authentication);
    jdbcApprovalStore.addApproval(approval, defaultZoneId);
    assertEquals(1, eventPublisher.getEventCount());
    ApprovalModifiedEvent addEvent = eventPublisher.getLatestEvent();
    assertEquals(approval, addEvent.getSource());
    assertEquals(authentication, addEvent.getAuthentication());
    assertEquals("{\"scope\":\"cloud_controller.read\",\"status\":\"APPROVED\"}", addEvent.getAuditEvent().getData());
    approval.setStatus(DENIED);
    eventPublisher.clearEvents();
    jdbcApprovalStore.addApproval(approval, defaultZoneId);
    assertEquals(1, eventPublisher.getEventCount());
    ApprovalModifiedEvent modifyEvent = eventPublisher.getLatestEvent();
    assertEquals(approval, modifyEvent.getSource());
    assertEquals(authentication, modifyEvent.getAuthentication());
    assertEquals("{\"scope\":\"cloud_controller.read\",\"status\":\"DENIED\"}", addEvent.getAuditEvent().getData());
}
Also used : ApprovalModifiedEvent(org.cloudfoundry.identity.uaa.audit.event.ApprovalModifiedEvent) MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication) UaaTestAccounts(org.cloudfoundry.identity.uaa.test.UaaTestAccounts) Approval(org.cloudfoundry.identity.uaa.approval.Approval) Test(org.junit.jupiter.api.Test)

Aggregations

Approval (org.cloudfoundry.identity.uaa.approval.Approval)80 Test (org.junit.jupiter.api.Test)34 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)29 Date (java.util.Date)26 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)21 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)19 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)18 Authentication (org.springframework.security.core.Authentication)17 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)17 IsEmptyString.isEmptyString (org.hamcrest.text.IsEmptyString.isEmptyString)16 Test (org.junit.Test)16 ApprovalStore (org.cloudfoundry.identity.uaa.approval.ApprovalStore)7 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)6 ClientDetailsModification (org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)5 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)5 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5 ArrayList (java.util.ArrayList)4 ClientDetailsHelper.arrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)4 ClientDetailsHelper.clientArrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString)4 ClientDetailsHelper.clientFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString)4