Search in sources :

Example 16 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsTests method setUp.

@BeforeEach
void setUp() {
    testZone.setId("testzone");
    mockSecurityContextAccessor = Mockito.mock(SecurityContextAccessor.class);
    clientDetailsService = Mockito.mock(NoOpClientDetailsResourceManager.class);
    when(clientDetailsService.create(any(ClientDetails.class), anyString())).thenCallRealMethod();
    clientRegistrationService = Mockito.mock(MultitenantClientServices.class, withSettings().extraInterfaces(SystemDeletable.class));
    mockAuthenticationManager = Mockito.mock(AuthenticationManager.class);
    ApprovalStore approvalStore = mock(ApprovalStore.class);
    clientDetailsValidator = new ClientAdminEndpointsValidator(mockSecurityContextAccessor);
    clientDetailsValidator.setClientDetailsService(clientDetailsService);
    clientDetailsValidator.setClientSecretValidator(new ZoneAwareClientSecretPolicyValidator(new ClientSecretPolicy(0, 255, 0, 0, 0, 0, 6)));
    testZone.getConfig().setClientSecretPolicy(new ClientSecretPolicy(0, 255, 0, 0, 0, 0, 6));
    IdentityZoneHolder.set(testZone);
    endpoints = spy(new ClientAdminEndpoints(mockSecurityContextAccessor, clientDetailsValidator, mockAuthenticationManager, mock(ResourceMonitor.class), approvalStore, clientRegistrationService, clientDetailsService, 5));
    input = new BaseClientDetails();
    input.setClientId("foo");
    input.setClientSecret("secret");
    input.setAuthorizedGrantTypes(Collections.singletonList(GRANT_TYPE_AUTHORIZATION_CODE));
    input.setRegisteredRedirectUri(SINGLE_REDIRECT_URL);
    for (int i = 0; i < inputs.length; i++) {
        inputs[i] = new ClientDetailsModification();
        inputs[i].setClientId("foo-" + i);
        inputs[i].setClientSecret("secret-" + i);
        inputs[i].setAuthorizedGrantTypes(Collections.singletonList(GRANT_TYPE_AUTHORIZATION_CODE));
        inputs[i].setRegisteredRedirectUri(new HashSet(Collections.singletonList("https://foo-" + i)));
        inputs[i].setAccessTokenValiditySeconds(300);
    }
    detail = new UaaClientDetails(input);
    detail.setResourceIds(Collections.singletonList("none"));
    // refresh token is added automatically by endpoint validation
    detail.setAuthorizedGrantTypes(Arrays.asList(GRANT_TYPE_AUTHORIZATION_CODE, "refresh_token"));
    detail.setScope(Collections.singletonList("uaa.none"));
    detail.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
    for (int i = 0; i < details.length; i++) {
        details[i] = new BaseClientDetails(inputs[i]);
        details[i].setResourceIds(Collections.singletonList("none"));
        // refresh token is added automatically by endpoint validation
        details[i].setAuthorizedGrantTypes(Arrays.asList(GRANT_TYPE_AUTHORIZATION_CODE, "refresh_token"));
        details[i].setScope(Collections.singletonList("uaa.none"));
        details[i].setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
    }
    endpoints.setApplicationEventPublisher(new ApplicationEventPublisher() {

        @Override
        public void publishEvent(ApplicationEvent event) {
            if (event instanceof EntityDeletedEvent) {
                ClientDetails client = (ClientDetails) ((EntityDeletedEvent) event).getDeleted();
                clientRegistrationService.removeClientDetails(client.getClientId());
            }
        }

        @Override
        public void publishEvent(Object event) {
        }
    });
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ApplicationEvent(org.springframework.context.ApplicationEvent) ZoneAwareClientSecretPolicyValidator(org.cloudfoundry.identity.uaa.zone.ZoneAwareClientSecretPolicyValidator) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) ResourceMonitor(org.cloudfoundry.identity.uaa.resources.ResourceMonitor) MultitenantClientServices(org.cloudfoundry.identity.uaa.zone.MultitenantClientServices) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) ApprovalStore(org.cloudfoundry.identity.uaa.approval.ApprovalStore) SecurityContextAccessor(org.cloudfoundry.identity.uaa.security.beans.SecurityContextAccessor) ClientSecretPolicy(org.cloudfoundry.identity.uaa.zone.ClientSecretPolicy) EntityDeletedEvent(org.cloudfoundry.identity.uaa.audit.event.EntityDeletedEvent) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) HashSet(java.util.HashSet) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 17 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsTests method testMultipleCreateClientDetailsNonExistent.

@Test
void testMultipleCreateClientDetailsNonExistent() {
    ClientDetailsModification detailsModification = new ClientDetailsModification();
    detailsModification.setClientId("unknown");
    assertThrows(InvalidClientDetailsException.class, () -> endpoints.createClientDetailsTx(new ClientDetailsModification[] { detailsModification }));
}
Also used : ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Example 18 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsIntegrationTests method doCreateClients.

public ClientDetailsModification[] doCreateClients() throws Exception {
    headers = getAuthenticatedHeaders(getClientCredentialsAccessToken("clients.admin,clients.read,clients.write,clients.secret"));
    headers.add("Accept", "application/json");
    RandomValueStringGenerator gen = new RandomValueStringGenerator();
    String[] ids = new String[5];
    ClientDetailsModification[] clients = new ClientDetailsModification[ids.length];
    for (int i = 0; i < ids.length; i++) {
        ids[i] = gen.generate();
        ClientDetailsModification detailsModification = new ClientDetailsModification();
        detailsModification.setClientId(ids[i]);
        detailsModification.setScope(Arrays.asList("foo", "bar"));
        detailsModification.setAuthorizedGrantTypes(Collections.singletonList("client_credentials"));
        detailsModification.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
        clients[i] = detailsModification;
        clients[i].setClientSecret("secret");
        clients[i].setAdditionalInformation(Collections.<String, Object>singletonMap("foo", Collections.singletonList("bar")));
        clients[i].setRegisteredRedirectUri(Collections.singleton("http://redirect.url"));
    }
    ResponseEntity<ClientDetailsModification[]> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients/tx"), HttpMethod.POST, new HttpEntity<ClientDetailsModification[]>(clients, headers), ClientDetailsModification[].class);
    assertEquals(HttpStatus.CREATED, result.getStatusCode());
    validateClients(clients, result.getBody());
    for (String id : ids) {
        ClientDetails client = getClient(id);
        assertNotNull(client);
    }
    return result.getBody();
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)

Example 19 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class MockMvcUtils method getClientDetailsModification.

public static ClientDetailsModification getClientDetailsModification(String id, String secret, Collection<String> resourceIds, Collection<String> scopes, Collection<String> grantTypes, String authorities, Set<String> redirectUris) {
    ClientDetailsModification detailsModification = new ClientDetailsModification();
    detailsModification.setClientId(id);
    detailsModification.setResourceIds(resourceIds);
    detailsModification.setScope(scopes);
    detailsModification.setAuthorizedGrantTypes(grantTypes);
    detailsModification.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList(authorities));
    detailsModification.setRegisteredRedirectUri(redirectUris);
    detailsModification.setClientSecret(secret);
    return detailsModification;
}
Also used : ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)

Example 20 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testApprovalsAreDeleted.

@Test
void testApprovalsAreDeleted() throws Exception {
    ClientDetails details = createClient(adminToken, new RandomValueStringGenerator().generate(), SECRET, Collections.singleton("password"));
    String userToken = testClient.getUserOAuthAccessToken(details.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
    Approval[] approvals = getApprovals(details.getClientId());
    assertEquals(0, approvals.length);
    addApprovals(userToken, details.getClientId());
    approvals = getApprovals(details.getClientId());
    assertEquals(3, approvals.length);
    MockHttpServletRequestBuilder deleteClientsPost = post("/oauth/clients/tx/delete").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(new ClientDetails[] { details }));
    ResultActions result = mockMvc.perform(deleteClientsPost);
    result.andExpect(status().isOk());
    ClientDetailsModification[] deleted = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
    assertTrue(deleted[0].isApprovalsDeleted());
    verify(mockApplicationEventPublisher, times(2)).publishEvent(abstractUaaEventCaptor.capture());
    approvals = getApprovals(details.getClientId());
    assertEquals(0, approvals.length);
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ResultActions(org.springframework.test.web.servlet.ResultActions) Approval(org.cloudfoundry.identity.uaa.approval.Approval) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Aggregations

ClientDetailsModification (org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)31 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)20 Test (org.junit.jupiter.api.Test)16 ClientDetailsHelper.clientFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString)15 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)15 ResultActions (org.springframework.test.web.servlet.ResultActions)15 ClientDetailsHelper.arrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)14 ClientDetailsHelper.clientArrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString)14 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)14 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)8 Approval (org.cloudfoundry.identity.uaa.approval.Approval)4 HashMap (java.util.HashMap)3 AbstractUaaEvent (org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent)2 Test (org.junit.Test)2 Transactional (org.springframework.transaction.annotation.Transactional)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)2 HashSet (java.util.HashSet)1 ApprovalStore (org.cloudfoundry.identity.uaa.approval.ApprovalStore)1