Search in sources :

Example 6 with AbstractUaaEvent

use of org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testDeleteClientsTxSuccess.

@Test
void testDeleteClientsTxSuccess() throws Exception {
    int count = 5;
    BaseClientDetails[] details = new BaseClientDetails[count];
    for (int i = 0; i < details.length; i++) {
        details[i] = (BaseClientDetails) createClient(adminToken, null, SECRET, null);
    }
    MockHttpServletRequestBuilder deleteClientsPost = post("/oauth/clients/tx/delete").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(details));
    ResultActions result = mockMvc.perform(deleteClientsPost);
    result.andExpect(status().isOk());
    for (ClientDetails client : details) {
        assertNull(getClient(client.getClientId()));
    }
    // create and then update events
    verify(mockApplicationEventPublisher, times(count * 2)).publishEvent(abstractUaaEventCaptor.capture());
    int index = 0;
    for (AbstractUaaEvent event : abstractUaaEventCaptor.getAllValues()) {
        if (index < count) {
            assertEquals(AuditEventType.ClientCreateSuccess, event.getAuditEvent().getType());
        } else {
            assertEquals(AuditEventType.ClientDeleteSuccess, event.getAuditEvent().getType());
        }
        index++;
    }
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) AbstractUaaEvent(org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent) ResultActions(org.springframework.test.web.servlet.ResultActions) Test(org.junit.jupiter.api.Test)

Example 7 with AbstractUaaEvent

use of org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testSecretChangeModifyTxApprovalsDeleted.

@Test
void testSecretChangeModifyTxApprovalsDeleted() throws Exception {
    int count = 3;
    // create clients
    ClientDetailsModification[] clients = createBaseClients(count, SECRET, Arrays.asList("client_credentials", "password"));
    for (ClientDetailsModification c : clients) {
        c.setAction(ClientDetailsModification.ADD);
    }
    MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients));
    ResultActions result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isOk());
    clients = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
    // add approvals to the client
    for (ClientDetailsModification c : clients) {
        String userToken = testClient.getUserOAuthAccessToken(c.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
        addApprovals(userToken, c.getClientId());
    }
    // verify approvals to the client
    for (ClientDetailsModification c : clients) {
        String userToken = testClient.getUserOAuthAccessToken(c.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
        assertEquals(3, getApprovals(c.getClientId()).length);
    }
    // change the secret, and we know don't the old secret
    for (ClientDetailsModification c : clients) {
        c.setClientSecret("secret2");
        c.setAction(ClientDetailsModification.UPDATE_SECRET);
    }
    modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients));
    result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isOk());
    clients = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
    // check that we deleted approvals for each client
    for (ClientDetailsModification c : clients) {
        String userToken = testClient.getUserOAuthAccessToken(c.getClientId(), "secret2", testUser.getUserName(), testPassword, "oauth.approvals");
        assertEquals(0, getApprovals(c.getClientId()).length);
        assertTrue(c.isApprovalsDeleted());
    }
    // verify(mockApplicationEventPublisher, times(count*3)).publishEvent(abstractUaaEventCaptor.capture());
    verify(mockApplicationEventPublisher, times(12)).publishEvent(abstractUaaEventCaptor.capture());
    int index = 0;
    for (AbstractUaaEvent event : abstractUaaEventCaptor.getAllValues()) {
        if (index < count) {
            assertEquals(AuditEventType.ClientCreateSuccess, event.getAuditEvent().getType());
        } else {
            int swit = index % 3;
            if (swit == 0) {
                assertEquals(AuditEventType.ClientUpdateSuccess, event.getAuditEvent().getType());
            } else if (swit == 1) {
                assertEquals(AuditEventType.SecretChangeSuccess, event.getAuditEvent().getType());
            } else {
                assertEquals(AuditEventType.ClientApprovalsDeleted, event.getAuditEvent().getType());
                assertEquals(ClientApprovalsDeletedEvent.class, event.getClass());
            }
        }
        index++;
    }
}
Also used : ClientApprovalsDeletedEvent(org.cloudfoundry.identity.uaa.client.event.ClientApprovalsDeletedEvent) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) AbstractUaaEvent(org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent) ResultActions(org.springframework.test.web.servlet.ResultActions) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Example 8 with AbstractUaaEvent

use of org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent in project uaa by cloudfoundry.

the class TotpMfaEndpointMockMvcTests method testGoogleAuthenticatorLoginFlow.

@Test
void testGoogleAuthenticatorLoginFlow() throws Exception {
    redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
    performGetMfaRegister(mockMvc, mockHttpSession).andDo(print()).andExpect(view().name("mfa/qr_code"));
    assertFalse(userGoogleMfaCredentialsProvisioning.activeUserCredentialExists(scimUser.getId(), mfaProvider.getId()));
    int code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
    String location = MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    ArgumentCaptor<AbstractUaaEvent> eventCaptor = ArgumentCaptor.forClass(AbstractUaaEvent.class);
    verify(applicationListener, atLeast(1)).onApplicationEvent(eventCaptor.capture());
    assertEquals(9, eventCaptor.getAllValues().size());
    assertThat(eventCaptor.getAllValues().get(7), instanceOf(MfaAuthenticationSuccessEvent.class));
    mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isFound()).andExpect(redirectedUrl("http://localhost/"));
    mockHttpSession = new MockHttpSession();
    performLoginWithSession(mockMvc, mockHttpSession, scimUser, password);
    MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    eventCaptor = ArgumentCaptor.forClass(AbstractUaaEvent.class);
    verify(applicationListener, atLeast(1)).onApplicationEvent(eventCaptor.capture());
    assertEquals(15, eventCaptor.getAllValues().size());
    assertThat(eventCaptor.getAllValues().get(13), instanceOf(MfaAuthenticationSuccessEvent.class));
}
Also used : AbstractUaaEvent(org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent) MockHttpSession(org.springframework.mock.web.MockHttpSession) MfaAuthenticationSuccessEvent(org.cloudfoundry.identity.uaa.authentication.event.MfaAuthenticationSuccessEvent) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) MockMvcResultHandlers.print(org.springframework.test.web.servlet.result.MockMvcResultHandlers.print) Test(org.junit.jupiter.api.Test)

Example 9 with AbstractUaaEvent

use of org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent in project uaa by cloudfoundry.

the class TotpMfaEndpointMockMvcTests method testOtpValidationFails.

@Test
void testOtpValidationFails() throws Exception {
    redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
    assertFalse(userGoogleMfaCredentialsProvisioning.activeUserCredentialExists(scimUser.getId(), mfaProvider.getId()));
    performGetMfaManualRegister(mockMvc, mockHttpSession).andExpect((view().name("mfa/manual_registration")));
    int code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
    String location = MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    assertEquals("/login/mfa/completed", location);
    ArgumentCaptor<AbstractUaaEvent> eventCaptor = ArgumentCaptor.forClass(AbstractUaaEvent.class);
    verify(applicationListener, atLeast(1)).onApplicationEvent(eventCaptor.capture());
    assertEquals(9, eventCaptor.getAllValues().size());
    assertThat(eventCaptor.getAllValues().get(7), instanceOf(MfaAuthenticationSuccessEvent.class));
    mockMvc.perform(get("/").session(mockHttpSession)).andExpect(status().isOk()).andExpect(view().name("home"));
    mockMvc.perform(get("/logout.do")).andReturn();
    mockHttpSession = new MockHttpSession();
    performLoginWithSession(mockMvc, mockHttpSession, scimUser, password);
    mockMvc.perform(post("/login/mfa/verify.do").param("code", Integer.toString(code + 1)).header("Host", "localhost").session(mockHttpSession).with(cookieCsrf())).andExpect(status().is2xxSuccessful()).andExpect(view().name("mfa/enter_code"));
    eventCaptor = ArgumentCaptor.forClass(AbstractUaaEvent.class);
    verify(applicationListener, atLeast(1)).onApplicationEvent(eventCaptor.capture());
    assertEquals(15, eventCaptor.getAllValues().size());
    assertThat(eventCaptor.getAllValues().get(13), instanceOf(MfaAuthenticationFailureEvent.class));
    mockMvc.perform(post("/login/mfa/verify.do").param("code", "ABCDEF").header("Host", "localhost").session(mockHttpSession).with(cookieCsrf())).andExpect(status().is2xxSuccessful()).andExpect(view().name("mfa/enter_code"));
    eventCaptor = ArgumentCaptor.forClass(AbstractUaaEvent.class);
    verify(applicationListener, atLeast(1)).onApplicationEvent(eventCaptor.capture());
    assertEquals(17, eventCaptor.getAllValues().size());
    assertThat(eventCaptor.getAllValues().get(15), instanceOf(MfaAuthenticationFailureEvent.class));
}
Also used : MfaAuthenticationFailureEvent(org.cloudfoundry.identity.uaa.authentication.event.MfaAuthenticationFailureEvent) AbstractUaaEvent(org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent) MockHttpSession(org.springframework.mock.web.MockHttpSession) MfaAuthenticationSuccessEvent(org.cloudfoundry.identity.uaa.authentication.event.MfaAuthenticationSuccessEvent) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) MockMvcResultHandlers.print(org.springframework.test.web.servlet.result.MockMvcResultHandlers.print) Test(org.junit.jupiter.api.Test)

Example 10 with AbstractUaaEvent

use of org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent in project uaa by cloudfoundry.

the class TotpMfaEndpointMockMvcTests method testManualRegistrationFlow.

@Test
void testManualRegistrationFlow() throws Exception {
    redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
    assertFalse(userGoogleMfaCredentialsProvisioning.activeUserCredentialExists(scimUser.getId(), mfaProvider.getId()));
    performGetMfaManualRegister(mockMvc, mockHttpSession).andExpect((view().name("mfa/manual_registration")));
    int code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
    String location = MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    assertEquals("/login/mfa/completed", location);
    ArgumentCaptor<AbstractUaaEvent> eventCaptor = ArgumentCaptor.forClass(AbstractUaaEvent.class);
    verify(applicationListener, atLeast(1)).onApplicationEvent(eventCaptor.capture());
    assertEquals(9, eventCaptor.getAllValues().size());
    assertThat(eventCaptor.getAllValues().get(7), instanceOf(MfaAuthenticationSuccessEvent.class));
    mockMvc.perform(get("/").session(mockHttpSession)).andExpect(status().isOk()).andExpect(view().name("home"));
    mockMvc.perform(get("/logout.do")).andReturn();
    mockHttpSession = new MockHttpSession();
    performLoginWithSession(mockMvc, mockHttpSession, scimUser, password);
    MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    eventCaptor = ArgumentCaptor.forClass(AbstractUaaEvent.class);
    verify(applicationListener, atLeast(1)).onApplicationEvent(eventCaptor.capture());
    assertEquals(16, eventCaptor.getAllValues().size());
    assertThat(eventCaptor.getAllValues().get(14), instanceOf(MfaAuthenticationSuccessEvent.class));
}
Also used : AbstractUaaEvent(org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent) MockHttpSession(org.springframework.mock.web.MockHttpSession) MfaAuthenticationSuccessEvent(org.cloudfoundry.identity.uaa.authentication.event.MfaAuthenticationSuccessEvent) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) MockMvcResultHandlers.print(org.springframework.test.web.servlet.result.MockMvcResultHandlers.print) Test(org.junit.jupiter.api.Test)

Aggregations

AbstractUaaEvent (org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent)17 Test (org.junit.jupiter.api.Test)14 ResultActions (org.springframework.test.web.servlet.ResultActions)8 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)8 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)6 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)6 MockHttpSession (org.springframework.mock.web.MockHttpSession)5 BeforeEach (org.junit.jupiter.api.BeforeEach)4 MfaAuthenticationSuccessEvent (org.cloudfoundry.identity.uaa.authentication.event.MfaAuthenticationSuccessEvent)3 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)3 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)3 MockMvcResultHandlers.print (org.springframework.test.web.servlet.result.MockMvcResultHandlers.print)3 TypeReference (com.fasterxml.jackson.core.type.TypeReference)2 DefaultTestContext (org.cloudfoundry.identity.uaa.DefaultTestContext)2 Approval (org.cloudfoundry.identity.uaa.approval.Approval)2 AuditEventType (org.cloudfoundry.identity.uaa.audit.AuditEventType)2 IdentityProviderAuthenticationFailureEvent (org.cloudfoundry.identity.uaa.authentication.event.IdentityProviderAuthenticationFailureEvent)2 InterceptingLogger (org.cloudfoundry.identity.uaa.mock.util.InterceptingLogger)2 MockMvcUtils (org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils)2 MockMvcUtils.httpBearer (org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils.httpBearer)2