Search in sources :

Example 1 with ExpiringCode

use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method resetPassword_InvalidCodeData.

@Test
void resetPassword_InvalidCodeData() {
    ExpiringCode expiringCode = new ExpiringCode("good_code", new Timestamp(System.currentTimeMillis() + UaaResetPasswordService.PASSWORD_RESET_LIFETIME), "user-id", null);
    when(codeStore.retrieveCode("good_code", currentZoneId)).thenReturn(expiringCode);
    SecurityContext securityContext = mock(SecurityContext.class);
    when(securityContext.getAuthentication()).thenReturn(new MockAuthentication());
    SecurityContextHolder.setContext(securityContext);
    try {
        uaaResetPasswordService.resetPassword(expiringCode, "password");
        fail();
    } catch (InvalidCodeException e) {
        assertEquals("Sorry, your reset password link is no longer valid. Please request a new one", e.getMessage());
    }
}
Also used : ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication) SecurityContext(org.springframework.security.core.context.SecurityContext) Timestamp(java.sql.Timestamp) InvalidCodeException(org.cloudfoundry.identity.uaa.authentication.InvalidCodeException) Test(org.junit.jupiter.api.Test)

Example 2 with ExpiringCode

use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method forgotPassword_PublishesResetPasswordRequestEvent.

@Test
void forgotPassword_PublishesResetPasswordRequestEvent() {
    ApplicationEventPublisher publisher = mock(ApplicationEventPublisher.class);
    Authentication authentication = mock(Authentication.class);
    uaaResetPasswordService.setApplicationEventPublisher(publisher);
    SecurityContextHolder.getContext().setAuthentication(authentication);
    ScimUser user = new ScimUser("user-id-001", "exampleUser", "firstName", "lastName");
    user.setPrimaryEmail("user@example.com");
    String zoneId = currentZoneId;
    when(scimUserProvisioning.retrieveByUsernameAndOriginAndZone(anyString(), anyString(), eq(zoneId))).thenReturn(Collections.singletonList(user));
    Timestamp expiresAt = new Timestamp(System.currentTimeMillis());
    when(codeStore.generateCode(anyString(), any(Timestamp.class), anyString(), anyString())).thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null));
    uaaResetPasswordService.forgotPassword("exampleUser", "", "");
    ArgumentCaptor<ResetPasswordRequestEvent> captor = ArgumentCaptor.forClass(ResetPasswordRequestEvent.class);
    verify(publisher).publishEvent(captor.capture());
    ResetPasswordRequestEvent event = captor.getValue();
    assertThat(event.getSource(), equalTo("exampleUser"));
    assertThat(event.getCode(), equalTo("code"));
    assertThat(event.getEmail(), equalTo("user@example.com"));
    assertThat(event.getAuthentication(), sameInstance(authentication));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication) Authentication(org.springframework.security.core.Authentication) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) Matchers.containsString(org.hamcrest.Matchers.containsString) Mockito.anyString(org.mockito.Mockito.anyString) Timestamp(java.sql.Timestamp) ResetPasswordRequestEvent(org.cloudfoundry.identity.uaa.account.event.ResetPasswordRequestEvent) Test(org.junit.jupiter.api.Test)

Example 3 with ExpiringCode

use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method forgotPassword_ResetCodeIsReturnedSuccessfully.

@Test
void forgotPassword_ResetCodeIsReturnedSuccessfully() {
    ScimUser user = new ScimUser("user-id-001", "exampleUser", "firstName", "lastName");
    user.setPasswordLastModified(new Date(1234));
    user.setPrimaryEmail("user@example.com");
    String zoneID = currentZoneId;
    when(scimUserProvisioning.retrieveByUsernameAndOriginAndZone(anyString(), anyString(), eq(zoneID))).thenReturn(Collections.singletonList(user));
    Timestamp expiresAt = new Timestamp(System.currentTimeMillis());
    ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
    when(codeStore.generateCode(eq("{\"user_id\":\"user-id-001\",\"username\":\"exampleUser\",\"passwordModifiedTime\":1234,\"client_id\":\"example\",\"redirect_uri\":\"redirect.example.com\"}"), any(Timestamp.class), anyString(), anyString())).thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null));
    ForgotPasswordInfo forgotPasswordInfo = uaaResetPasswordService.forgotPassword("exampleUser", "example", "redirect.example.com");
    verify(codeStore).expireByIntent(captor.capture(), anyString());
    assertEquals(UaaResetPasswordService.FORGOT_PASSWORD_INTENT_PREFIX + user.getId(), captor.getValue());
    assertThat(forgotPasswordInfo.getUserId(), equalTo("user-id-001"));
    assertThat(forgotPasswordInfo.getEmail(), equalTo("user@example.com"));
    ExpiringCode resetPasswordCode = forgotPasswordInfo.getResetPasswordCode();
    assertThat(resetPasswordCode.getCode(), equalTo("code"));
    assertThat(resetPasswordCode.getExpiresAt(), equalTo(expiresAt));
    assertThat(resetPasswordCode.getData(), equalTo("user-id-001"));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) ForgotPasswordInfo(org.cloudfoundry.identity.uaa.account.ForgotPasswordInfo) Matchers.containsString(org.hamcrest.Matchers.containsString) Mockito.anyString(org.mockito.Mockito.anyString) Timestamp(java.sql.Timestamp) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 4 with ExpiringCode

use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method resetPassword_WithNoClientId.

@Test
void resetPassword_WithNoClientId() {
    ExpiringCode code = setupResetPassword("", "redirect.example.com");
    ResetPasswordResponse response = uaaResetPasswordService.resetPassword(code, "new_secret");
    assertEquals("home", response.getRedirectUri());
}
Also used : ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) ResetPasswordResponse(org.cloudfoundry.identity.uaa.account.ResetPasswordService.ResetPasswordResponse) Test(org.junit.jupiter.api.Test)

Example 5 with ExpiringCode

use of org.cloudfoundry.identity.uaa.codestore.ExpiringCode in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method resetPassword_WhereWildcardsDoNotMatch.

@Test
void resetPassword_WhereWildcardsDoNotMatch() {
    ExpiringCode code = setupResetPassword("example", "redirect.example.com");
    BaseClientDetails client = new BaseClientDetails();
    client.setRegisteredRedirectUri(Collections.singleton("doesnotmatch.example.com/*"));
    when(clientDetailsService.loadClientByClientId("example", currentZoneId)).thenReturn(client);
    ResetPasswordResponse response = uaaResetPasswordService.resetPassword(code, "new_secret");
    assertEquals("home", response.getRedirectUri());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) ResetPasswordResponse(org.cloudfoundry.identity.uaa.account.ResetPasswordService.ResetPasswordResponse) Test(org.junit.jupiter.api.Test)

Aggregations

ExpiringCode (org.cloudfoundry.identity.uaa.codestore.ExpiringCode)112 Timestamp (java.sql.Timestamp)89 Test (org.junit.jupiter.api.Test)68 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)55 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)36 Matchers.containsString (org.hamcrest.Matchers.containsString)34 HashMap (java.util.HashMap)25 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)23 Test (org.junit.Test)16 PasswordChange (org.cloudfoundry.identity.uaa.scim.endpoints.PasswordChange)14 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)11 IdentityProvider (org.cloudfoundry.identity.uaa.provider.IdentityProvider)10 Authentication (org.springframework.security.core.Authentication)10 MvcResult (org.springframework.test.web.servlet.MvcResult)10 ScimUserProvisioning (org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning)9 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)9 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)8 InvalidPasswordException (org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException)8 Date (java.util.Date)7 MockAuthentication (org.cloudfoundry.identity.uaa.test.MockAuthentication)7