use of org.cloudfoundry.identity.uaa.authentication.UaaPrincipal in project uaa by cloudfoundry.
the class TotpMfaEndpointTest method testGenerateQrUrlAfterMfaProviderSwitch.
@Test
public void testGenerateQrUrlAfterMfaProviderSwitch() throws Exception {
when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, null, null, null), null, null);
when(userGoogleMfaCredentialsProvisioning.activeUserCredentialExists(userId, mfaProvider.getId())).thenReturn(true);
when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
when(mfaProviderProvisioning.retrieveByName(otherMfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(otherMfaProvider);
IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(otherMfaProvider.getName());
String returnView = endpoint.generateQrUrl(mock(Model.class), null);
assertEquals("mfa/qr_code", returnView);
}
use of org.cloudfoundry.identity.uaa.authentication.UaaPrincipal in project uaa by cloudfoundry.
the class TotpMfaEndpointTest method testEmptyOTP.
@Test
public void testEmptyOTP() throws Exception {
when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
SessionStatus sessionStatus = mock(SessionStatus.class);
ModelAndView returnView = endpoint.validateCode(mock(Model.class), "", mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
assertEquals("mfa/enter_code", returnView.getViewName());
verifyZeroInteractions(sessionStatus);
verifyMfaEvent(MfaAuthenticationFailureEvent.class);
}
use of org.cloudfoundry.identity.uaa.authentication.UaaPrincipal in project uaa by cloudfoundry.
the class TotpMfaEndpointTest method testValidOTPActivatesUser.
@Test
public void testValidOTPActivatesUser() throws Exception {
int code = 1234;
when(userGoogleMfaCredentialsProvisioning.isValidCode(ArgumentMatchers.any(UserGoogleMfaCredentials.class), eq(code))).thenReturn(true);
when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
SessionStatus sessionStatus = mock(SessionStatus.class);
endpoint.validateCode(mock(Model.class), Integer.toString(code), mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
verify(userGoogleMfaCredentialsProvisioning).saveUserCredentials(ArgumentMatchers.any(UserGoogleMfaCredentials.class));
verify(sessionStatus).setComplete();
verifyMfaEvent(MfaAuthenticationSuccessEvent.class);
}
use of org.cloudfoundry.identity.uaa.authentication.UaaPrincipal in project uaa by cloudfoundry.
the class TotpMfaEndpointTest method testValidOTPReturnsErrorWhenLockedOut.
@Test
public void testValidOTPReturnsErrorWhenLockedOut() throws Exception {
exception.expect(AuthenticationPolicyRejectionException.class);
int code = 1234;
when(mockMfaPolicy.isAllowed(anyString())).thenReturn(new LoginPolicy.Result(false, 0));
when(userGoogleMfaCredentialsProvisioning.isValidCode(ArgumentMatchers.any(UserGoogleMfaCredentials.class), eq(code))).thenReturn(true);
when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
SessionStatus sessionStatus = mock(SessionStatus.class);
endpoint.validateCode(mock(Model.class), Integer.toString(code), mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
verifyZeroInteractions(sessionStatus);
verifyMfaEvent(MfaAuthenticationFailureEvent.class);
}
use of org.cloudfoundry.identity.uaa.authentication.UaaPrincipal in project uaa by cloudfoundry.
the class TotpMfaEndpointTest method testManualRegistrationExistingCredential.
@Test
public void testManualRegistrationExistingCredential() throws Exception {
when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, null, null, null), null, null);
when(userGoogleMfaCredentialsProvisioning.activeUserCredentialExists(userId, mfaProvider.getId())).thenReturn(true);
when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
String returnValue = endpoint.manualRegistration(mock(Model.class), mock(UserGoogleMfaCredentials.class));
assertEquals("redirect:/login/mfa/verify", returnValue);
}
Aggregations