Search in sources :

Example 1 with UserGoogleMfaCredentials

use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.

the class ScimUserEndpointsMockMvcTests method testDeleteMfaUserCredentials.

@Test
void testDeleteMfaUserCredentials() throws Exception {
    ScimUser user = createUser(uaaAdminToken);
    MfaProvider provider = createMfaProvider(IdentityZoneHolder.get().getId());
    IdentityZoneHolder.get().getConfig().setMfaConfig(new MfaConfig().setEnabled(true).setProviderName("mfaProvider"));
    UserGoogleMfaCredentials creds = new UserGoogleMfaCredentials(user.getId(), "ABCDEFGHIJKLMNOP", 1234, Collections.singletonList(123456)).setMfaProviderId(provider.getId());
    mfaCredentialsProvisioning.save(creds, IdentityZoneHolder.get().getId());
    assertNotNull(mfaCredentialsProvisioning.retrieve(user.getId(), provider.getId()));
    MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId() + "/mfa").header("Authorization", "Bearer " + uaaAdminToken).contentType(APPLICATION_JSON);
    mockMvc.perform(delete).andExpect(status().isOk());
    assertMfaCredentialsNotExisting(user, provider);
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) MfaProvider(org.cloudfoundry.identity.uaa.mfa.MfaProvider) MfaConfig(org.cloudfoundry.identity.uaa.zone.MfaConfig) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) Test(org.junit.jupiter.api.Test)

Example 2 with UserGoogleMfaCredentials

use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.

the class TotpMfaEndpointMockMvcTests method testQRCodeRedirectIfCodeValidated.

@Test
void testQRCodeRedirectIfCodeValidated() throws Exception {
    redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
    performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
    int code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
    MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    UserGoogleMfaCredentials activeCreds = jdbcUserGoogleMfaCredentialsProvisioning.retrieve(scimUser.getId(), mfaProvider.getId());
    assertNotNull(activeCreds);
    assertEquals(mfaProvider.getId(), activeCreds.getMfaProviderId());
    mockMvc.perform(get("/logout.do")).andReturn();
    mockHttpSession = new MockHttpSession();
    performLoginWithSession(mockMvc, mockHttpSession, scimUser, password);
    performGetMfaRegister(mockMvc, mockHttpSession).andExpect(redirectedUrl("/login/mfa/verify"));
}
Also used : UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) MockHttpSession(org.springframework.mock.web.MockHttpSession) MockMvcResultHandlers.print(org.springframework.test.web.servlet.result.MockMvcResultHandlers.print) Test(org.junit.jupiter.api.Test)

Example 3 with UserGoogleMfaCredentials

use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.

the class TotpMfaEndpointMockMvcTests method testQRCodeRedirectIfCodeNotValidated.

@Test
void testQRCodeRedirectIfCodeNotValidated() throws Exception {
    redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
    performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
    UserGoogleMfaCredentials inActiveCreds = (UserGoogleMfaCredentials) mockHttpSession.getAttribute("uaaMfaCredentials");
    assertNotNull(inActiveCreds);
    performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
}
Also used : UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) Test(org.junit.jupiter.api.Test)

Example 4 with UserGoogleMfaCredentials

use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.

the class TotpMfaEndpointMockMvcTests method testRegisterFlowWithMfaProviderSwitch.

@Test
void testRegisterFlowWithMfaProviderSwitch() throws Exception {
    redirectToMFARegistration(mockMvc, mockHttpSession, scimUser, password);
    performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
    int code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
    String location = MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    location = mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isFound()).andReturn().getResponse().getRedirectedUrl();
    mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isOk()).andExpect(view().name("home"));
    UserGoogleMfaCredentials activeCreds = jdbcUserGoogleMfaCredentialsProvisioning.retrieve(scimUser.getId(), mfaProvider.getId());
    assertNotNull(activeCreds);
    assertEquals(mfaProvider.getId(), activeCreds.getMfaProviderId());
    mockMvc.perform(get("/logout.do")).andReturn();
    uaaZoneConfig = MockMvcUtils.getZoneConfiguration(webApplicationContext, "uaa");
    uaaZoneConfig.getMfaConfig().setProviderName(otherMfaProvider.getName());
    MockMvcUtils.setZoneConfiguration(webApplicationContext, "uaa", uaaZoneConfig);
    mockHttpSession = new MockHttpSession();
    performLoginWithSession(mockMvc, mockHttpSession, scimUser, password);
    performGetMfaRegister(mockMvc, mockHttpSession).andExpect(view().name("mfa/qr_code"));
    code = MockMvcUtils.getMFACodeFromSession(mockHttpSession);
    location = MockMvcUtils.performMfaPostVerifyWithCode(code, mockMvc, mockHttpSession);
    location = mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isFound()).andReturn().getResponse().getRedirectedUrl();
    mockMvc.perform(get(location).session(mockHttpSession)).andExpect(status().isOk()).andExpect(view().name("home"));
}
Also used : UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) MockHttpSession(org.springframework.mock.web.MockHttpSession) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) MockMvcResultHandlers.print(org.springframework.test.web.servlet.result.MockMvcResultHandlers.print) Test(org.junit.jupiter.api.Test)

Example 5 with UserGoogleMfaCredentials

use of org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials in project uaa by cloudfoundry.

the class TotpMfaEndpoint method getUaaMfaCredentials.

@ModelAttribute("uaaMfaCredentials")
public UserGoogleMfaCredentials getUaaMfaCredentials() throws UaaPrincipalIsNotInSession {
    UaaPrincipal principal = getSessionAuthPrincipal();
    UserGoogleMfaCredentials result = mfaCredentialsProvisioning.getUserGoogleMfaCredentials(principal.getId());
    if (result == null) {
        result = mfaCredentialsProvisioning.createUserCredentials(principal.getId());
        result.setMfaProviderId(getMfaProvider().getId());
    }
    return result;
}
Also used : UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials)

Aggregations

UserGoogleMfaCredentials (org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials)7 Test (org.junit.jupiter.api.Test)6 MfaProvider (org.cloudfoundry.identity.uaa.mfa.MfaProvider)3 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)3 MfaConfig (org.cloudfoundry.identity.uaa.zone.MfaConfig)3 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)3 MockHttpSession (org.springframework.mock.web.MockHttpSession)2 MockMvcResultHandlers.print (org.springframework.test.web.servlet.result.MockMvcResultHandlers.print)2 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)1 IdentityZone (org.cloudfoundry.identity.uaa.zone.IdentityZone)1 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)1