use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method resetPassword_InvalidCodeData.
@Test
void resetPassword_InvalidCodeData() {
ExpiringCode expiringCode = new ExpiringCode("good_code", new Timestamp(System.currentTimeMillis() + UaaResetPasswordService.PASSWORD_RESET_LIFETIME), "user-id", null);
when(codeStore.retrieveCode("good_code", currentZoneId)).thenReturn(expiringCode);
SecurityContext securityContext = mock(SecurityContext.class);
when(securityContext.getAuthentication()).thenReturn(new MockAuthentication());
SecurityContextHolder.setContext(securityContext);
try {
uaaResetPasswordService.resetPassword(expiringCode, "password");
fail();
} catch (InvalidCodeException e) {
assertEquals("Sorry, your reset password link is no longer valid. Please request a new one", e.getMessage());
}
}
use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method forgotPassword_PublishesResetPasswordRequestEvent.
@Test
void forgotPassword_PublishesResetPasswordRequestEvent() {
ApplicationEventPublisher publisher = mock(ApplicationEventPublisher.class);
Authentication authentication = mock(Authentication.class);
uaaResetPasswordService.setApplicationEventPublisher(publisher);
SecurityContextHolder.getContext().setAuthentication(authentication);
ScimUser user = new ScimUser("user-id-001", "exampleUser", "firstName", "lastName");
user.setPrimaryEmail("user@example.com");
String zoneId = currentZoneId;
when(scimUserProvisioning.retrieveByUsernameAndOriginAndZone(anyString(), anyString(), eq(zoneId))).thenReturn(Collections.singletonList(user));
Timestamp expiresAt = new Timestamp(System.currentTimeMillis());
when(codeStore.generateCode(anyString(), any(Timestamp.class), anyString(), anyString())).thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null));
uaaResetPasswordService.forgotPassword("exampleUser", "", "");
ArgumentCaptor<ResetPasswordRequestEvent> captor = ArgumentCaptor.forClass(ResetPasswordRequestEvent.class);
verify(publisher).publishEvent(captor.capture());
ResetPasswordRequestEvent event = captor.getValue();
assertThat(event.getSource(), equalTo("exampleUser"));
assertThat(event.getCode(), equalTo("code"));
assertThat(event.getEmail(), equalTo("user@example.com"));
assertThat(event.getAuthentication(), sameInstance(authentication));
}
use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method forgotPassword_ResetCodeIsReturnedSuccessfully.
@Test
void forgotPassword_ResetCodeIsReturnedSuccessfully() {
ScimUser user = new ScimUser("user-id-001", "exampleUser", "firstName", "lastName");
user.setPasswordLastModified(new Date(1234));
user.setPrimaryEmail("user@example.com");
String zoneID = currentZoneId;
when(scimUserProvisioning.retrieveByUsernameAndOriginAndZone(anyString(), anyString(), eq(zoneID))).thenReturn(Collections.singletonList(user));
Timestamp expiresAt = new Timestamp(System.currentTimeMillis());
ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
when(codeStore.generateCode(eq("{\"user_id\":\"user-id-001\",\"username\":\"exampleUser\",\"passwordModifiedTime\":1234,\"client_id\":\"example\",\"redirect_uri\":\"redirect.example.com\"}"), any(Timestamp.class), anyString(), anyString())).thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null));
ForgotPasswordInfo forgotPasswordInfo = uaaResetPasswordService.forgotPassword("exampleUser", "example", "redirect.example.com");
verify(codeStore).expireByIntent(captor.capture(), anyString());
assertEquals(UaaResetPasswordService.FORGOT_PASSWORD_INTENT_PREFIX + user.getId(), captor.getValue());
assertThat(forgotPasswordInfo.getUserId(), equalTo("user-id-001"));
assertThat(forgotPasswordInfo.getEmail(), equalTo("user@example.com"));
ExpiringCode resetPasswordCode = forgotPasswordInfo.getResetPasswordCode();
assertThat(resetPasswordCode.getCode(), equalTo("code"));
assertThat(resetPasswordCode.getExpiresAt(), equalTo(expiresAt));
assertThat(resetPasswordCode.getData(), equalTo("user-id-001"));
}
use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method resetPassword_WithNoClientId.
@Test
void resetPassword_WithNoClientId() {
ExpiringCode code = setupResetPassword("", "redirect.example.com");
ResetPasswordResponse response = uaaResetPasswordService.resetPassword(code, "new_secret");
assertEquals("home", response.getRedirectUri());
}
use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method resetPassword_WhereWildcardsDoNotMatch.
@Test
void resetPassword_WhereWildcardsDoNotMatch() {
ExpiringCode code = setupResetPassword("example", "redirect.example.com");
BaseClientDetails client = new BaseClientDetails();
client.setRegisteredRedirectUri(Collections.singleton("doesnotmatch.example.com/*"));
when(clientDetailsService.loadClientByClientId("example", currentZoneId)).thenReturn(client);
ResetPasswordResponse response = uaaResetPasswordService.resetPassword(code, "new_secret");
assertEquals("home", response.getRedirectUri());
}
Aggregations