Search in sources :

Example 6 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method createClient.

private BaseClientDetails createClient(List<String> authorities) throws Exception {
    String clientId = generator.generate().toLowerCase();
    List<String> scopes = Arrays.asList("foo", "bar", "oauth.approvals");
    ClientDetailsModification client = createBaseClient(clientId, SECRET, Collections.singleton("client_credentials"), authorities, scopes);
    MockHttpServletRequestBuilder createClientPost = post("/oauth/clients").header("Authorization", "Bearer " + adminUserToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(client));
    ResultActions createResult = mockMvc.perform(createClientPost).andExpect(status().isCreated());
    return JsonUtils.readValue(createResult.andReturn().getResponse().getContentAsString(), BaseClientDetails.class);
}
Also used : MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ResultActions(org.springframework.test.web.servlet.ResultActions) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)

Example 7 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testCreateAsReadPermissions.

@Test
void testCreateAsReadPermissions() throws Exception {
    ClientDetails adminsClient = createReadWriteClient(adminToken);
    // create clients
    ClientDetailsModification[] clients = createBaseClients(1, SECRET, Arrays.asList("client_credentials", "refresh_token"));
    for (ClientDetailsModification c : clients) {
        c.setScope(Collections.singletonList("oauth.approvals"));
        c.setAction(ClientDetailsModification.ADD);
    }
    String token = testClient.getClientCredentialsOAuthAccessToken(adminsClient.getClientId(), "secret", "clients.read");
    MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients").header("Authorization", "Bearer " + token).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients[0]));
    ResultActions result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isForbidden());
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ResultActions(org.springframework.test.web.servlet.ResultActions) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Example 8 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method createBaseClient.

private ClientDetailsModification createBaseClient(String id, String clientSecret, Collection<String> grantTypes, List<String> authorities, List<String> scopes) {
    if (id == null) {
        id = new RandomValueStringGenerator().generate();
    }
    if (grantTypes == null) {
        grantTypes = Collections.singleton("client_credentials");
    }
    ClientDetailsModification client = new ClientDetailsModification();
    client.setClientId(id);
    client.setScope(scopes);
    client.setAuthorizedGrantTypes(grantTypes);
    if (authorities != null) {
        client.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList(String.join(",", authorities)));
    }
    client.setClientSecret(clientSecret);
    Map<String, Object> additionalInformation = new HashMap<>();
    additionalInformation.put("foo", "bar");
    additionalInformation.put("name", "Client " + id);
    client.setAdditionalInformation(additionalInformation);
    client.setRegisteredRedirectUri(Collections.singleton("http://some.redirect.url.com"));
    return client;
}
Also used : HashMap(java.util.HashMap) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)

Example 9 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testSecretChangeTxApprovalsNotDeleted.

@Test
void testSecretChangeTxApprovalsNotDeleted() throws Exception {
    int count = 3;
    // create clients
    ClientDetailsModification[] clients = createBaseClients(count, SECRET, Arrays.asList("client_credentials", "password"));
    for (ClientDetailsModification c : clients) {
        c.setAction(ClientDetailsModification.ADD);
    }
    MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients));
    ResultActions result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isOk());
    // add approvals to the client
    for (ClientDetailsModification c : clients) {
        String userToken = testClient.getUserOAuthAccessToken(c.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
        addApprovals(userToken, c.getClientId());
    }
    // verify approvals to the client
    for (ClientDetailsModification c : clients) {
        String userToken = testClient.getUserOAuthAccessToken(c.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
        assertEquals(3, getApprovals(c.getClientId()).length);
    }
    // change the secret, and we know the old secret
    SecretChangeRequest[] srs = new SecretChangeRequest[clients.length];
    for (int i = 0; i < srs.length; i++) {
        srs[i] = new SecretChangeRequest();
        srs[i].setClientId(clients[i].getClientId());
        srs[i].setOldSecret(clients[i].getClientSecret());
        srs[i].setSecret("secret2");
    }
    modifyClientsPost = post("/oauth/clients/tx/secret").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(srs));
    result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isOk());
    clients = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
    // check that we still have approvals for each client
    ClientDetails approvalsClient = createApprovalsLoginClient(adminToken);
    for (ClientDetailsModification c : clients) {
        String loginToken = testClient.getUserOAuthAccessToken(approvalsClient.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
        assertEquals(3, getApprovals(c.getClientId()).length);
        assertFalse(c.isApprovalsDeleted());
    }
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ResultActions(org.springframework.test.web.servlet.ResultActions) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) SecretChangeRequest(org.cloudfoundry.identity.uaa.oauth.client.SecretChangeRequest) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Example 10 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testAddUpdateDeleteClientsTxSuccess.

@Test
void testAddUpdateDeleteClientsTxSuccess() throws Exception {
    int count = 5;
    ClientDetailsModification[] details = new ClientDetailsModification[count * 3];
    for (int i = 0; i < count; i++) {
        details[i] = (ClientDetailsModification) createClient(adminToken, null, SECRET, null);
        details[i].setRefreshTokenValiditySeconds(120);
        details[i].setAction(ClientDetailsModification.UPDATE);
    }
    for (int i = count; i < (count * 2); i++) {
        details[i] = (ClientDetailsModification) createClient(adminToken, null, SECRET, null);
        details[i].setAction(ClientDetailsModification.DELETE);
    }
    for (int i = (count * 2); i < (count * 3); i++) {
        details[i] = createBaseClient(null, SECRET, null);
        details[i].setAction(ClientDetailsModification.ADD);
    }
    MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(details));
    ResultActions result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isOk());
    for (int i = 0; i < count; i++) {
        ClientDetails c = getClient(details[i].getClientId());
        assertNotNull(c);
        assertEquals(Integer.valueOf(120), c.getRefreshTokenValiditySeconds());
    }
    for (int i = count; i < (count * 2); i++) {
        ClientDetails c = getClient(details[i].getClientId());
        assertNull(c);
    }
    for (int i = (count * 2); i < (count * 3); i++) {
        ClientDetails c = getClient(details[i].getClientId());
        assertNotNull(c);
        assertNull(c.getRefreshTokenValiditySeconds());
    }
    verify(mockApplicationEventPublisher, times(count * 5)).publishEvent(abstractUaaEventCaptor.capture());
    int index = 0;
    for (AbstractUaaEvent event : abstractUaaEventCaptor.getAllValues()) {
        int swit = index / count;
        switch(swit) {
            case 0:
            case 1:
            case 4:
                {
                    // 1-10 and 21-25 events are create
                    assertEquals(AuditEventType.ClientCreateSuccess, event.getAuditEvent().getType());
                    assertEquals(ClientCreateEvent.class, event.getClass());
                    assertEquals(details[index < 10 ? index : (index - count * 2)].getClientId(), event.getAuditEvent().getPrincipalId());
                    break;
                }
            case 2:
                {
                    // the 11-15 events are update
                    assertEquals(AuditEventType.ClientUpdateSuccess, event.getAuditEvent().getType());
                    assertEquals(ClientUpdateEvent.class, event.getClass());
                    assertEquals(details[index - (count * 2)].getClientId(), event.getAuditEvent().getPrincipalId());
                    break;
                }
            case 3:
                {
                    // the 16-20 events are deletes
                    assertEquals(AuditEventType.ClientDeleteSuccess, event.getAuditEvent().getType());
                    assertEquals(ClientDeleteEvent.class, event.getClass());
                    assertEquals(details[index - count * 2].getClientId(), event.getAuditEvent().getPrincipalId());
                    break;
                }
        }
        index++;
    }
}
Also used : ClientUpdateEvent(org.cloudfoundry.identity.uaa.client.event.ClientUpdateEvent) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) AbstractUaaEvent(org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent) ClientCreateEvent(org.cloudfoundry.identity.uaa.client.event.ClientCreateEvent) ResultActions(org.springframework.test.web.servlet.ResultActions) ClientDeleteEvent(org.cloudfoundry.identity.uaa.client.event.ClientDeleteEvent) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Aggregations

ClientDetailsModification (org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)31 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)20 Test (org.junit.jupiter.api.Test)16 ClientDetailsHelper.clientFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString)15 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)15 ResultActions (org.springframework.test.web.servlet.ResultActions)15 ClientDetailsHelper.arrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)14 ClientDetailsHelper.clientArrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString)14 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)14 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)8 Approval (org.cloudfoundry.identity.uaa.approval.Approval)4 HashMap (java.util.HashMap)3 AbstractUaaEvent (org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent)2 Test (org.junit.Test)2 Transactional (org.springframework.transaction.annotation.Transactional)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)2 HashSet (java.util.HashSet)1 ApprovalStore (org.cloudfoundry.identity.uaa.approval.ApprovalStore)1