Search in sources :

Example 16 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class ApprovalsAdminEndpointsTests method canUpdateApprovals.

@Test
void canUpdateApprovals() {
    addApproval(marissa.getId(), "uaa.user", 6000, APPROVED);
    addApproval(marissa.getId(), "uaa.admin", 12000, DENIED);
    addApproval(marissa.getId(), "openid", 6000, APPROVED);
    Approval[] app = new Approval[] { new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("uaa.user").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED), new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("dash.user").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED), new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("openid").setExpiresAt(Approval.timeFromNow(2000)).setStatus(DENIED), new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("cloud_controller.read").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED) };
    List<Approval> response = endpoints.updateApprovals(app);
    assertEquals(4, response.size());
    assertTrue(response.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("uaa.user").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED)));
    assertTrue(response.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("dash.user").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED)));
    assertTrue(response.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("openid").setExpiresAt(Approval.timeFromNow(2000)).setStatus(DENIED)));
    assertTrue(response.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("cloud_controller.read").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED)));
    List<Approval> updatedApprovals = endpoints.getApprovals(userIdFilter(marissa.getId()), 1, 100);
    assertEquals(4, updatedApprovals.size());
    assertTrue(updatedApprovals.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("dash.user").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED)));
    assertTrue(updatedApprovals.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("openid").setExpiresAt(Approval.timeFromNow(2000)).setStatus(DENIED)));
    assertTrue(updatedApprovals.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("cloud_controller.read").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED)));
    assertTrue(updatedApprovals.contains(new Approval().setUserId(marissa.getId()).setClientId("c1").setScope("uaa.user").setExpiresAt(Approval.timeFromNow(2000)).setStatus(APPROVED)));
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Test(org.junit.jupiter.api.Test)

Example 17 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class JdbcApprovalStoreTests method canAddApproval.

@Test
void canAddApproval() {
    assertTrue(jdbcApprovalStore.addApproval(new Approval().setUserId("u2").setClientId("c2").setScope("dash.user").setExpiresAt(Approval.timeFromNow(12000)).setStatus(APPROVED), defaultZoneId));
    List<Approval> apps = jdbcApprovalStore.getApprovals("u2", "c2", defaultZoneId);
    assertEquals(1, apps.size());
    Approval app = apps.iterator().next();
    assertEquals("dash.user", app.getScope());
    assertTrue(app.getExpiresAt().after(new Date()));
    assertEquals(APPROVED, app.getStatus());
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 18 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class JdbcApprovalStoreTests method addSameApprovalRepeatedlyUpdatesExpiry.

@Test
void addSameApprovalRepeatedlyUpdatesExpiry() {
    Date timeFromNow = Approval.timeFromNow(6000);
    assertTrue(jdbcApprovalStore.addApproval(new Approval().setUserId("u2").setClientId("c2").setScope("dash.user").setExpiresAt(timeFromNow).setStatus(APPROVED), defaultZoneId));
    Approval app = jdbcApprovalStore.getApprovals("u2", "c2", defaultZoneId).iterator().next();
    // time comparison - we're satisfied if it is within 2 seconds
    assertThat((int) Math.abs(timeFromNow.getTime() / 1000d - app.getExpiresAt().getTime() / 1000d), lessThan(2));
    timeFromNow = Approval.timeFromNow(8000);
    assertTrue(jdbcApprovalStore.addApproval(new Approval().setUserId("u2").setClientId("c2").setScope("dash.user").setExpiresAt(timeFromNow).setStatus(APPROVED), defaultZoneId));
    app = jdbcApprovalStore.getApprovals("u2", "c2", defaultZoneId).iterator().next();
    assertThat((int) Math.abs(timeFromNow.getTime() / 1000d - app.getExpiresAt().getTime() / 1000d), lessThan(2));
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 19 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class JdbcApprovalStoreTests method addAndGetApproval.

@Test
void addAndGetApproval() {
    String userId = "user";
    String clientId = "client";
    String scope = "uaa.user";
    long expiresIn = 1000L;
    Date lastUpdatedAt = new Date();
    ApprovalStatus status = APPROVED;
    testAccounts.addUser(jdbcTemplate, userId, IdentityZoneHolder.get().getId());
    Date expiresAt = new Timestamp(new Date().getTime() + expiresIn);
    Approval newApproval = new Approval().setUserId(userId).setClientId(clientId).setScope(scope).setExpiresAt(expiresAt).setStatus(status).setLastUpdatedAt(lastUpdatedAt);
    jdbcApprovalStore.addApproval(newApproval, defaultZoneId);
    List<Approval> approvals = jdbcApprovalStore.getApprovals(userId, clientId, defaultZoneId);
    assertEquals(clientId, approvals.get(0).getClientId());
    assertEquals(userId, approvals.get(0).getUserId());
    // time comparison - we're satisfied if it is within 2 seconds
    assertThat((int) Math.abs(expiresAt.getTime() / 1000d - approvals.get(0).getExpiresAt().getTime() / 1000d), lessThan(2));
    assertThat((int) Math.abs(lastUpdatedAt.getTime() / 1000d - approvals.get(0).getLastUpdatedAt().getTime() / 1000d), lessThan(2));
    assertEquals(scope, approvals.get(0).getScope());
    assertEquals(status, approvals.get(0).getStatus());
}
Also used : Approval(org.cloudfoundry.identity.uaa.approval.Approval) Timestamp(java.sql.Timestamp) Date(java.util.Date) ApprovalStatus(org.cloudfoundry.identity.uaa.approval.Approval.ApprovalStatus) Test(org.junit.jupiter.api.Test)

Example 20 with Approval

use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testModifyApprovalsAreDeleted.

@Test
void testModifyApprovalsAreDeleted() throws Exception {
    ClientDetails details = createClient(adminToken, new RandomValueStringGenerator().generate(), SECRET, Collections.singleton("password"));
    ((ClientDetailsModification) details).setAction(ClientDetailsModification.DELETE);
    String userToken = testClient.getUserOAuthAccessToken(details.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
    Approval[] approvals = getApprovals(details.getClientId());
    assertEquals(0, approvals.length);
    addApprovals(userToken, details.getClientId());
    approvals = getApprovals(details.getClientId());
    assertEquals(3, approvals.length);
    MockHttpServletRequestBuilder deleteClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(new ClientDetails[] { details }));
    ResultActions result = mockMvc.perform(deleteClientsPost);
    result.andExpect(status().isOk());
    ClientDetailsModification[] deleted = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
    assertTrue(deleted[0].isApprovalsDeleted());
    verify(mockApplicationEventPublisher, times(2)).publishEvent(abstractUaaEventCaptor.capture());
    ClientDetails approvalsClient = createApprovalsLoginClient(adminToken);
    String loginToken = testClient.getUserOAuthAccessToken(approvalsClient.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
    approvals = getApprovals(details.getClientId());
    assertEquals(0, approvals.length);
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ResultActions(org.springframework.test.web.servlet.ResultActions) Approval(org.cloudfoundry.identity.uaa.approval.Approval) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Aggregations

Approval (org.cloudfoundry.identity.uaa.approval.Approval)80 Test (org.junit.jupiter.api.Test)34 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)29 Date (java.util.Date)26 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)21 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)19 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)18 Authentication (org.springframework.security.core.Authentication)17 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)17 IsEmptyString.isEmptyString (org.hamcrest.text.IsEmptyString.isEmptyString)16 Test (org.junit.Test)16 ApprovalStore (org.cloudfoundry.identity.uaa.approval.ApprovalStore)7 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)6 ClientDetailsModification (org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)5 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)5 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5 ArrayList (java.util.ArrayList)4 ClientDetailsHelper.arrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)4 ClientDetailsHelper.clientArrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString)4 ClientDetailsHelper.clientFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString)4