use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.
the class ScimUserEndpointsMockMvcTests method testDeleteMfaUserCredentials.
@Test
void testDeleteMfaUserCredentials() throws Exception {
ScimUser user = createUser(uaaAdminToken);
MfaProvider provider = createMfaProvider(IdentityZoneHolder.get().getId());
IdentityZoneHolder.get().getConfig().setMfaConfig(new MfaConfig().setEnabled(true).setProviderName("mfaProvider"));
UserGoogleMfaCredentials creds = new UserGoogleMfaCredentials(user.getId(), "ABCDEFGHIJKLMNOP", 1234, Collections.singletonList(123456)).setMfaProviderId(provider.getId());
mfaCredentialsProvisioning.save(creds, IdentityZoneHolder.get().getId());
assertNotNull(mfaCredentialsProvisioning.retrieve(user.getId(), provider.getId()));
MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId() + "/mfa").header("Authorization", "Bearer " + uaaAdminToken).contentType(APPLICATION_JSON);
mockMvc.perform(delete).andExpect(status().isOk());
assertMfaCredentialsNotExisting(user, provider);
}
use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.
the class TotpMfaEndpointMockMvcTests method testQRCodeRedirectIfCodeValidated.
@Test
void testQRCodeRedirectIfCodeValidated() throws Exception {
redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
int code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
UserGoogleMfaCredentials activeCreds = jdbcUserGoogleMfaCredentialsProvisioning.retrieve(scimUser.getId(), mfaProvider.getId());
assertNotNull(activeCreds);
assertEquals(mfaProvider.getId(), activeCreds.getMfaProviderId());
mockMvc.perform(get("/logout.do")).andReturn();
mockHttpSession = new MockHttpSession();
performLoginWithSession(mockMvc, mockHttpSession, scimUser, password);
performGetMfaRegister(mockMvc, mockHttpSession).andExpect(redirectedUrl("/login/mfa/verify"));
}
use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.
the class TotpMfaEndpointMockMvcTests method testQRCodeRedirectIfCodeNotValidated.
@Test
void testQRCodeRedirectIfCodeNotValidated() throws Exception {
redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
UserGoogleMfaCredentials inActiveCreds = (UserGoogleMfaCredentials) mockHttpSession.getAttribute("uaaMfaCredentials");
assertNotNull(inActiveCreds);
performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
}
use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.
the class TotpMfaEndpointMockMvcTests method testRegisterFlowWithMfaProviderSwitch.
@Test
void testRegisterFlowWithMfaProviderSwitch() throws Exception {
redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
int code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
String location = MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
location = mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isFound()).andReturn().getResponse().getRedirectedUrl();
mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isOk()).andExpect(view().name("home"));
UserGoogleMfaCredentials activeCreds = jdbcUserGoogleMfaCredentialsProvisioning.retrieve(scimUser.getId(), mfaProvider.getId());
assertNotNull(activeCreds);
assertEquals(mfaProvider.getId(), activeCreds.getMfaProviderId());
mockMvc.perform(get("/logout.do")).andReturn();
uaaZoneConfig = MockMvcUtils.getZoneConfiguration(webApplicationContext, "uaa");
uaaZoneConfig.getMfaConfig().setProviderName(otherMfaProvider.getName());
MockMvcUtils.setZoneConfiguration(webApplicationContext, "uaa", uaaZoneConfig);
mockHttpSession = new MockHttpSession();
performLoginWithSession(mockMvc, mockHttpSession, scimUser, password);
performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
location = MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
location = mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isFound()).andReturn().getResponse().getRedirectedUrl();
mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isOk()).andExpect(view().name("home"));
}
use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.
the class TotpMfaEndpoint method getUaaMfaCredentials.
@ModelAttribute("uaaMfaCredentials")
public UserGoogleMfaCredentials getUaaMfaCredentials() throws UaaPrincipalIsNotInSession {
UaaPrincipal principal = getSessionAuthPrincipal();
UserGoogleMfaCredentials result = mfaCredentialsProvisioning.getUserGoogleMfaCredentials(principal.getId());
if (result == null) {
result = mfaCredentialsProvisioning.createUserCredentials(principal.getId());
result.setMfaProviderId(getMfaProvider().getId());
}
return result;
}
Aggregations