Search in sources :

Example 1 with MfaProviderProvisioning

use of org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning in project uaa by cloudfoundry.

the class TotpMfaEndpointTest method setup.

@Before
public void setup() {
    userId = new RandomValueStringGenerator(5).generate();
    userGoogleMfaCredentialsProvisioning = mock(UserGoogleMfaCredentialsProvisioning.class);
    mfaProviderProvisioning = mock(MfaProviderProvisioning.class);
    uaaAuthentication = mock(UaaAuthentication.class);
    mfaProvider = new MfaProvider();
    mfaProvider.setName("provider-name");
    mfaProvider.setId("provider_id1");
    mfaProvider.setConfig(new GoogleMfaProviderConfig());
    mfaProvider.setType(MfaProvider.MfaProviderType.GOOGLE_AUTHENTICATOR);
    otherMfaProvider = new MfaProvider();
    otherMfaProvider.setName("other-provider-name");
    otherMfaProvider.setId("provider_id2");
    otherMfaProvider.setConfig(new GoogleMfaProviderConfig());
    otherMfaProvider.setType(MfaProvider.MfaProviderType.GOOGLE_AUTHENTICATOR);
    mockSuccessHandler = mock(SavedRequestAwareAuthenticationSuccessHandler.class);
    SecurityContextHolder.getContext().setAuthentication(uaaAuthentication);
    publisher = mock(ApplicationEventPublisher.class);
    eventCaptor = ArgumentCaptor.forClass(ApplicationEvent.class);
    doNothing().when(publisher).publishEvent(eventCaptor.capture());
    userDb = mock(UaaUserDatabase.class);
    mockMfaPolicy = mock(CommonLoginPolicy.class);
    when(mockMfaPolicy.isAllowed(anyString())).thenReturn(new LoginPolicy.Result(true, 0));
    endpoint = new TotpMfaEndpoint(userGoogleMfaCredentialsProvisioning, mfaProviderProvisioning, "/login/mfa/completed", userDb, mockMfaPolicy);
    endpoint.setApplicationEventPublisher(publisher);
}
Also used : MfaProvider(org.cloudfoundry.identity.uaa.mfa.MfaProvider) CommonLoginPolicy(org.cloudfoundry.identity.uaa.authentication.manager.CommonLoginPolicy) MfaProviderProvisioning(org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning) ApplicationEvent(org.springframework.context.ApplicationEvent) GoogleMfaProviderConfig(org.cloudfoundry.identity.uaa.mfa.GoogleMfaProviderConfig) UaaUserDatabase(org.cloudfoundry.identity.uaa.user.UaaUserDatabase) UserGoogleMfaCredentialsProvisioning(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentialsProvisioning) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) SavedRequestAwareAuthenticationSuccessHandler(org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) CommonLoginPolicy(org.cloudfoundry.identity.uaa.authentication.manager.CommonLoginPolicy) LoginPolicy(org.cloudfoundry.identity.uaa.authentication.manager.LoginPolicy) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) Before(org.junit.Before)

Example 2 with MfaProviderProvisioning

use of org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning in project uaa by cloudfoundry.

the class MockMvcUtils method createMfaProvider.

public static MfaProvider createMfaProvider(ApplicationContext context, IdentityZone zone) {
    String zoneId = zone.getId();
    MfaProvider provider = new MfaProvider();
    provider.setName(new RandomValueStringGenerator(5).generate().toLowerCase());
    provider.setType(MfaProvider.MfaProviderType.GOOGLE_AUTHENTICATOR);
    provider.setIdentityZoneId(zoneId);
    provider.setConfig(new GoogleMfaProviderConfig());
    provider.getConfig().setIssuer(zone.getName());
    MfaProviderProvisioning provisioning = context.getBean(MfaProviderProvisioning.class);
    try {
        return provisioning.create(provider, zoneId);
    } catch (MfaAlreadyExistsException x) {
        return provisioning.update(provider, zoneId);
    }
}
Also used : MfaProvider(org.cloudfoundry.identity.uaa.mfa.MfaProvider) MfaAlreadyExistsException(org.cloudfoundry.identity.uaa.mfa.exception.MfaAlreadyExistsException) MfaProviderProvisioning(org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning) GoogleMfaProviderConfig(org.cloudfoundry.identity.uaa.mfa.GoogleMfaProviderConfig) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator)

Example 3 with MfaProviderProvisioning

use of org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning in project uaa by cloudfoundry.

the class IdentityZoneConfigurationBootstrapTests method configureProvisioning.

@BeforeEach
public void configureProvisioning(@Autowired JdbcTemplate jdbcTemplate) {
    TestUtils.cleanAndSeedDb(jdbcTemplate);
    provisioning = new JdbcIdentityZoneProvisioning(jdbcTemplate);
    bootstrap = new IdentityZoneConfigurationBootstrap(provisioning);
    GeneralMfaProviderValidator mfaProviderValidator = new GeneralMfaProviderValidator();
    MfaProviderProvisioning mfaProvisoning = new JdbcMfaProviderProvisioning(jdbcTemplate, mfaProviderValidator);
    MfaProvider<GoogleMfaProviderConfig> provider = new MfaProvider<>();
    provider.setName("testProvider");
    provider.setType(MfaProvider.MfaProviderType.GOOGLE_AUTHENTICATOR);
    provider.setConfig(new GoogleMfaProviderConfig());
    provider.setIdentityZoneId("uaa");
    mfaProvisoning.create(provider, "uaa");
    MfaConfigValidator mfaConfigValidator = new MfaConfigValidator(mfaProvisoning);
    GeneralIdentityZoneConfigurationValidator configValidator = new GeneralIdentityZoneConfigurationValidator(mfaConfigValidator);
    validator = new GeneralIdentityZoneValidator(configValidator);
    bootstrap.setValidator(validator);
    // For the SamlTestUtils keys we are using.
    Security.addProvider(new BouncyCastleProvider());
}
Also used : MfaProvider(org.cloudfoundry.identity.uaa.mfa.MfaProvider) JdbcMfaProviderProvisioning(org.cloudfoundry.identity.uaa.mfa.JdbcMfaProviderProvisioning) IdentityZoneConfigurationBootstrap(org.cloudfoundry.identity.uaa.impl.config.IdentityZoneConfigurationBootstrap) GeneralIdentityZoneConfigurationValidator(org.cloudfoundry.identity.uaa.zone.GeneralIdentityZoneConfigurationValidator) MfaProviderProvisioning(org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning) JdbcMfaProviderProvisioning(org.cloudfoundry.identity.uaa.mfa.JdbcMfaProviderProvisioning) GeneralIdentityZoneValidator(org.cloudfoundry.identity.uaa.zone.GeneralIdentityZoneValidator) GoogleMfaProviderConfig(org.cloudfoundry.identity.uaa.mfa.GoogleMfaProviderConfig) JdbcIdentityZoneProvisioning(org.cloudfoundry.identity.uaa.zone.JdbcIdentityZoneProvisioning) MfaConfigValidator(org.cloudfoundry.identity.uaa.zone.MfaConfigValidator) GeneralMfaProviderValidator(org.cloudfoundry.identity.uaa.mfa.GeneralMfaProviderValidator) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 4 with MfaProviderProvisioning

use of org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning in project uaa by cloudfoundry.

the class MfaProviderEndpointsMockMvcTests method testDeleteZoneAlsoDeletesMfaProviderInThatZone.

@Test
void testDeleteZoneAlsoDeletesMfaProviderInThatZone() throws Exception {
    IdentityZone identityZone = MockMvcUtils.createZoneUsingWebRequest(mockMvc, adminToken);
    MfaProvider<GoogleMfaProviderConfig> mfaProvider = constructGoogleMfaProvider();
    MockHttpServletResponse response = mockMvc.perform(post("/mfa-providers").header("Authorization", "Bearer " + adminToken).header("X-Identity-Zone-Id", identityZone.getId()).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(mfaProvider))).andReturn().getResponse();
    mfaProvider = JsonUtils.readValue(response.getContentAsString(), MfaProvider.class);
    MfaProviderProvisioning providerProvisioning = webApplicationContext.getBean(JdbcMfaProviderProvisioning.class);
    providerProvisioning.retrieve(mfaProvider.getId(), identityZone.getId());
    MockMvcUtils.deleteIdentityZone(identityZone.getId(), mockMvc);
    final String mfaProviderId = mfaProvider.getId();
    assertThrows(EmptyResultDataAccessException.class, () -> providerProvisioning.retrieve(mfaProviderId, identityZone.getId()));
}
Also used : MfaProvider(org.cloudfoundry.identity.uaa.mfa.MfaProvider) MockMvcUtils.constructGoogleMfaProvider(org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils.constructGoogleMfaProvider) IdentityZone(org.cloudfoundry.identity.uaa.zone.IdentityZone) MfaProviderProvisioning(org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning) JdbcMfaProviderProvisioning(org.cloudfoundry.identity.uaa.mfa.JdbcMfaProviderProvisioning) GoogleMfaProviderConfig(org.cloudfoundry.identity.uaa.mfa.GoogleMfaProviderConfig) Matchers.containsString(org.hamcrest.Matchers.containsString) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

GoogleMfaProviderConfig (org.cloudfoundry.identity.uaa.mfa.GoogleMfaProviderConfig)4 MfaProvider (org.cloudfoundry.identity.uaa.mfa.MfaProvider)4 MfaProviderProvisioning (org.cloudfoundry.identity.uaa.mfa.MfaProviderProvisioning)4 JdbcMfaProviderProvisioning (org.cloudfoundry.identity.uaa.mfa.JdbcMfaProviderProvisioning)2 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)2 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)1 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)1 CommonLoginPolicy (org.cloudfoundry.identity.uaa.authentication.manager.CommonLoginPolicy)1 LoginPolicy (org.cloudfoundry.identity.uaa.authentication.manager.LoginPolicy)1 IdentityZoneConfigurationBootstrap (org.cloudfoundry.identity.uaa.impl.config.IdentityZoneConfigurationBootstrap)1 GeneralMfaProviderValidator (org.cloudfoundry.identity.uaa.mfa.GeneralMfaProviderValidator)1 UserGoogleMfaCredentialsProvisioning (org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentialsProvisioning)1 MfaAlreadyExistsException (org.cloudfoundry.identity.uaa.mfa.exception.MfaAlreadyExistsException)1 MockMvcUtils.constructGoogleMfaProvider (org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils.constructGoogleMfaProvider)1 UaaUserDatabase (org.cloudfoundry.identity.uaa.user.UaaUserDatabase)1 GeneralIdentityZoneConfigurationValidator (org.cloudfoundry.identity.uaa.zone.GeneralIdentityZoneConfigurationValidator)1 GeneralIdentityZoneValidator (org.cloudfoundry.identity.uaa.zone.GeneralIdentityZoneValidator)1 IdentityZone (org.cloudfoundry.identity.uaa.zone.IdentityZone)1 JdbcIdentityZoneProvisioning (org.cloudfoundry.identity.uaa.zone.JdbcIdentityZoneProvisioning)1 MfaConfigValidator (org.cloudfoundry.identity.uaa.zone.MfaConfigValidator)1