Examples with UaaAuthentication org.cloudfoundry.identity.uaa.authentication.UaaAuthentication used on opensource projects

Search in sources :

Example 6 with UaaAuthentication

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthentication in project uaa by cloudfoundry.

the class ExternalLoginAuthenticationManagerTest method testPopulateAttributesStoresCustomAttributesAndRoles.

@Test
public void testPopulateAttributesStoresCustomAttributesAndRoles() {
    manager = new LdapLoginAuthenticationManager(null);
    setupManager();
    manager.setOrigin(origin);
    IdentityProvider provider = mock(IdentityProvider.class);
    ExternalIdentityProviderDefinition providerDefinition = new ExternalIdentityProviderDefinition();
    when(provider.getConfig()).thenReturn(providerDefinition);
    when(providerProvisioning.retrieveByOrigin(eq(origin), anyString())).thenReturn(provider);
    UaaAuthentication uaaAuthentication = mock(UaaAuthentication.class);
    UaaPrincipal uaaPrincipal = mock(UaaPrincipal.class);
    when(uaaPrincipal.getId()).thenReturn("id");
    when(uaaAuthentication.getPrincipal()).thenReturn(uaaPrincipal);
    when(uaaAuthentication.getUserAttributes()).thenReturn(userAttributes);
    HashSet<String> externalGroupsOnAuthentication = new HashSet<>(externalGroups);
    when(uaaAuthentication.getExternalGroups()).thenReturn(externalGroupsOnAuthentication);
    providerDefinition.setStoreCustomAttributes(false);
    manager.populateAuthenticationAttributes(uaaAuthentication, mock(Authentication.class), null);
    verify(manager.getUserDatabase(), never()).storeUserInfo(anyString(), any());
    // when there are both attributes and groups, store them
    providerDefinition.setStoreCustomAttributes(true);
    manager.populateAuthenticationAttributes(uaaAuthentication, mock(Authentication.class), null);
    UserInfo userInfo = new UserInfo().setUserAttributes(userAttributes).setRoles(externalGroups);
    verify(manager.getUserDatabase(), times(1)).storeUserInfo(eq("id"), eq(userInfo));
    // when provider is null do not store anything
    reset(manager.getUserDatabase());
    manager.setProviderProvisioning(null);
    manager.populateAuthenticationAttributes(uaaAuthentication, mock(Authentication.class), null);
    verify(manager.getUserDatabase(), never()).storeUserInfo(anyString(), any());
    manager.setProviderProvisioning(providerProvisioning);
    // when attributes is empty but roles have contents, store it
    reset(manager.getUserDatabase());
    userAttributes.clear();
    manager.populateAuthenticationAttributes(uaaAuthentication, mock(Authentication.class), null);
    userInfo = new UserInfo().setUserAttributes(userAttributes).setRoles(externalGroups);
    verify(manager.getUserDatabase(), times(1)).storeUserInfo(eq("id"), eq(userInfo));
    // when attributes and roles are both empty, do not store anything
    reset(manager.getUserDatabase());
    userAttributes.clear();
    externalGroupsOnAuthentication.clear();
    manager.populateAuthenticationAttributes(uaaAuthentication, mock(Authentication.class), null);
    verify(manager.getUserDatabase(), never()).storeUserInfo(anyString(), any());
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) IdentityProvider(org.cloudfoundry.identity.uaa.provider.IdentityProvider) UserInfo(org.cloudfoundry.identity.uaa.user.UserInfo) ExternalIdentityProviderDefinition(org.cloudfoundry.identity.uaa.provider.ExternalIdentityProviderDefinition) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.Test)

Example 7 with UaaAuthentication

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthentication in project uaa by cloudfoundry.

the class ExternalLoginAuthenticationManagerTest method testNoUsernameOnlyEmail.

@Test
public void testNoUsernameOnlyEmail() {
    String email = "joe@test.org";
    userDetails = mock(UserDetails.class, withSettings().extraInterfaces(Mailable.class));
    when(((Mailable) userDetails).getEmailAddress()).thenReturn(email);
    mockUserDetails(userDetails);
    mockUaaWithUser();
    UaaAuthenticationDetails uaaAuthenticationDetails = mock(UaaAuthenticationDetails.class);
    when(uaaAuthenticationDetails.getOrigin()).thenReturn(origin);
    when(uaaAuthenticationDetails.getClientId()).thenReturn(null);
    when(uaaAuthenticationDetails.getSessionId()).thenReturn(new RandomValueStringGenerator().generate());
    when(inputAuth.getDetails()).thenReturn(uaaAuthenticationDetails);
    when(user.getUsername()).thenReturn(email);
    when(uaaUserDatabase.retrieveUserByName(email, origin)).thenReturn(user);
    when(userDetails.getUsername()).thenReturn(null);
    Authentication result = manager.authenticate(inputAuth);
    assertNotNull(result);
    assertEquals(UaaAuthentication.class, result.getClass());
    UaaAuthentication uaaAuthentication = (UaaAuthentication) result;
    assertEquals(email, uaaAuthentication.getPrincipal().getName());
    assertEquals(origin, uaaAuthentication.getPrincipal().getOrigin());
    assertEquals(userId, uaaAuthentication.getPrincipal().getId());
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Mailable(org.cloudfoundry.identity.uaa.user.Mailable) LdapUserDetails(org.springframework.security.ldap.userdetails.LdapUserDetails) UserDetails(org.springframework.security.core.userdetails.UserDetails) ExtendedLdapUserDetails(org.cloudfoundry.identity.uaa.provider.ldap.ExtendedLdapUserDetails) UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) Test(org.junit.Test)

Example 8 with UaaAuthentication

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthentication in project uaa by cloudfoundry.

the class LdapLoginAuthenticationManagerTests method test_authentication_attributes.

void test_authentication_attributes(boolean storeUserInfo) {
    UaaUser user = getUaaUser();
    ExtendedLdapUserImpl authDetails = getAuthDetails(user.getEmail(), user.getGivenName(), user.getFamilyName(), user.getPhoneNumber(), new AttributeInfo(UAA_MANAGER, new String[] { KARI_THE_ANT_EATER, JOHN_THE_SLOTH }), new AttributeInfo(COST_CENTER, new String[] { DENVER_CO }));
    Map<String, String[]> role1 = new HashMap<>();
    role1.put("cn", new String[] { "ldap.role.1.a", "ldap.role.1.b", "ldap.role.1" });
    Map<String, String[]> role2 = new HashMap<>();
    role2.put("cn", new String[] { "ldap.role.2.a", "ldap.role.2.b", "ldap.role.2" });
    authDetails.setAuthorities(Arrays.asList(new LdapAuthority("role1", "cn=role1,ou=test,ou=com", role1), new LdapAuthority("role2", "cn=role2,ou=test,ou=com", role2)));
    definition.setExternalGroupsWhitelist(Collections.singletonList("*"));
    when(auth.getPrincipal()).thenReturn(authDetails);
    UaaUserDatabase db = mock(UaaUserDatabase.class);
    when(db.retrieveUserByName(anyString(), eq(OriginKeys.LDAP))).thenReturn(user);
    when(db.retrieveUserById(anyString())).thenReturn(user);
    am.setOrigin(OriginKeys.LDAP);
    am.setUserDatabase(db);
    // set the config flag
    definition.setStoreCustomAttributes(storeUserInfo);
    UaaAuthentication authentication = (UaaAuthentication) am.authenticate(auth);
    UserInfo info = new UserInfo().setUserAttributes(authentication.getUserAttributes()).setRoles(Arrays.asList("ldap.role.1.a", "ldap.role.1.b", "ldap.role.1", "ldap.role.2.a", "ldap.role.2.b", "ldap.role.2"));
    if (storeUserInfo) {
        verify(db, times(1)).storeUserInfo(anyString(), eq(info));
    } else {
        verify(db, never()).storeUserInfo(anyString(), eq(info));
    }
    assertEquals("Expected two user attributes", 2, authentication.getUserAttributes().size());
    assertNotNull("Expected cost center attribute", authentication.getUserAttributes().get(COST_CENTERS));
    assertEquals(DENVER_CO, authentication.getUserAttributes().getFirst(COST_CENTERS));
    assertNotNull("Expected manager attribute", authentication.getUserAttributes().get(MANAGERS));
    assertEquals("Expected 2 manager attribute values", 2, authentication.getUserAttributes().get(MANAGERS).size());
    assertThat(authentication.getUserAttributes().get(MANAGERS), containsInAnyOrder(JOHN_THE_SLOTH, KARI_THE_ANT_EATER));
    assertThat(authentication.getAuthenticationMethods(), containsInAnyOrder("ext", "pwd"));
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) ExtendedLdapUserImpl(org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl) LdapAuthority(org.cloudfoundry.identity.uaa.provider.ldap.extension.LdapAuthority) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) UserInfo(org.cloudfoundry.identity.uaa.user.UserInfo) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) UaaUserDatabase(org.cloudfoundry.identity.uaa.user.UaaUserDatabase)

Example 9 with UaaAuthentication

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthentication in project uaa by cloudfoundry.

the class AuthenticationSuccessListenerTests method previousLoginIsSetOnTheAuthentication.

@Test
void previousLoginIsSetOnTheAuthentication() {
    userPrototype.withLastLogonSuccess(123456789L);
    UserAuthenticationSuccessEvent event = getEvent();
    final String zoneId = event.getIdentityZoneId();
    when(mockScimUserProvisioning.retrieve(this.id, zoneId)).thenReturn(getScimUser(event.getUser()));
    UaaAuthentication authentication = (UaaAuthentication) event.getAuthentication();
    listener.onApplicationEvent(event);
    verify(authentication).setLastLoginSuccessTime(123456789L);
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UserAuthenticationSuccessEvent(org.cloudfoundry.identity.uaa.authentication.event.UserAuthenticationSuccessEvent) Test(org.junit.jupiter.api.Test)

Example 10 with UaaAuthentication

use of org.cloudfoundry.identity.uaa.authentication.UaaAuthentication in project uaa by cloudfoundry.

the class ExternalLoginAuthenticationManagerTest method testAuthenticateUsernamePasswordToken.

@Test
public void testAuthenticateUsernamePasswordToken() {
    UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(userName, password);
    Authentication result = manager.authenticate(auth);
    assertNotNull(result);
    assertEquals(UaaAuthentication.class, result.getClass());
    UaaAuthentication uaaAuthentication = (UaaAuthentication) result;
    assertEquals(userName, uaaAuthentication.getPrincipal().getName());
    assertEquals(origin, uaaAuthentication.getPrincipal().getOrigin());
    assertEquals(userId, uaaAuthentication.getPrincipal().getId());
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Test(org.junit.Test)

Aggregations

UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)117 Test (org.junit.jupiter.api.Test)51 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)45 Authentication (org.springframework.security.core.Authentication)35 UaaUser (org.cloudfoundry.identity.uaa.user.UaaUser)29 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)25 UaaAuthenticationDetails (org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails)23 Test (org.junit.Test)18 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)14 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)13 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)12 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)11 HashMap (java.util.HashMap)10 MockHttpSession (org.springframework.mock.web.MockHttpSession)10 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)9 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)9 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)9 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)9 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)8 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial