Search in sources :

Example 26 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testClientsAdminPermissions.

@Test
void testClientsAdminPermissions() throws Exception {
    ClientDetails adminsClient = createClientAdminsClient(adminToken);
    // create clients
    ClientDetailsModification[] clients = createBaseClients(3, SECRET, Arrays.asList("client_credentials", "refresh_token"));
    for (ClientDetailsModification c : clients) {
        c.setScope(Collections.singletonList("oauth.approvals"));
        c.setAction(ClientDetailsModification.ADD);
    }
    String token = testClient.getClientCredentialsOAuthAccessToken(adminsClient.getClientId(), "secret", "clients.admin");
    MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + token).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients));
    ResultActions result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isOk());
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ResultActions(org.springframework.test.web.servlet.ResultActions) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Example 27 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpointsMockMvcTests method testCreateAsAdminPermissions.

@Test
void testCreateAsAdminPermissions() throws Exception {
    ClientDetails adminsClient = createClientAdminsClient(adminToken);
    // create clients
    ClientDetailsModification[] clients = createBaseClients(1, SECRET, Arrays.asList("client_credentials", "refresh_token"));
    for (ClientDetailsModification c : clients) {
        c.setScope(Collections.singletonList("oauth.approvals"));
        c.setAction(ClientDetailsModification.ADD);
    }
    String token = testClient.getClientCredentialsOAuthAccessToken(adminsClient.getClientId(), "secret", "clients.admin");
    MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients").header("Authorization", "Bearer " + token).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients[0]));
    ResultActions result = mockMvc.perform(modifyClientsPost);
    result.andExpect(status().isCreated());
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString) ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString) ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString) ResultActions(org.springframework.test.web.servlet.ResultActions) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) Test(org.junit.jupiter.api.Test)

Example 28 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpoints method changeSecretTx.

@RequestMapping(value = "/oauth/clients/tx/secret", method = RequestMethod.POST)
@ResponseStatus(HttpStatus.OK)
@Transactional
@ResponseBody
public ClientDetailsModification[] changeSecretTx(@RequestBody SecretChangeRequest[] change) {
    ClientDetailsModification[] clientDetails = new ClientDetailsModification[change.length];
    String clientId = null;
    try {
        for (int i = 0; i < change.length; i++) {
            clientId = change[i].getClientId();
            clientDetails[i] = new ClientDetailsModification(clientDetailsService.retrieve(clientId, IdentityZoneHolder.get().getId()));
            boolean oldPasswordOk = authenticateClient(clientId, change[i].getOldSecret());
            clientDetailsValidator.getClientSecretValidator().validate(change[i].getSecret());
            clientRegistrationService.updateClientSecret(clientId, change[i].getSecret(), IdentityZoneHolder.get().getId());
            if (!oldPasswordOk) {
                deleteApprovals(clientId);
                clientDetails[i].setApprovalsDeleted(true);
            }
            clientDetails[i] = removeSecret(clientDetails[i]);
        }
    } catch (InvalidClientException e) {
        throw new NoSuchClientException("No such client: " + clientId);
    }
    clientSecretChanges.getAndAdd(change.length);
    return clientDetails;
}
Also used : InvalidClientException(org.springframework.security.oauth2.common.exceptions.InvalidClientException) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) NoSuchClientException(org.springframework.security.oauth2.provider.NoSuchClientException) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) Transactional(org.springframework.transaction.annotation.Transactional) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 29 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpoints method modifyClientDetailsTx.

@RequestMapping(value = "/oauth/clients/tx/modify", method = RequestMethod.POST)
@ResponseStatus(HttpStatus.OK)
@Transactional
@ResponseBody
public ClientDetailsModification[] modifyClientDetailsTx(@RequestBody ClientDetailsModification[] details) {
    ClientDetailsModification[] result = new ClientDetailsModification[details.length];
    for (int i = 0; i < result.length; i++) {
        if (ClientDetailsModification.ADD.equals(details[i].getAction())) {
            ClientDetails client = clientDetailsValidator.validate(details[i], Mode.CREATE);
            clientRegistrationService.addClientDetails(client, IdentityZoneHolder.get().getId());
            clientUpdates.incrementAndGet();
            result[i] = new ClientDetailsModification(clientDetailsService.retrieve(details[i].getClientId(), IdentityZoneHolder.get().getId()));
        } else if (ClientDetailsModification.DELETE.equals(details[i].getAction())) {
            result[i] = new ClientDetailsModification(clientDetailsService.retrieve(details[i].getClientId(), IdentityZoneHolder.get().getId()));
            doProcessDeletes(new ClientDetails[] { result[i] });
            result[i].setApprovalsDeleted(true);
        } else if (ClientDetailsModification.UPDATE.equals(details[i].getAction())) {
            result[i] = updateClientNotSecret(details[i]);
        } else if (ClientDetailsModification.UPDATE_SECRET.equals(details[i].getAction())) {
            boolean approvalsDeleted = updateClientSecret(details[i]);
            result[i] = updateClientNotSecret(details[i]);
            result[i].setApprovalsDeleted(approvalsDeleted);
        } else if (ClientDetailsModification.SECRET.equals(details[i].getAction())) {
            boolean approvalsDeleted = updateClientSecret(details[i]);
            result[i] = details[i];
            result[i].setApprovalsDeleted(approvalsDeleted);
        } else {
            throw new InvalidClientDetailsException("Invalid action.");
        }
        result[i].setAction(details[i].getAction());
        result[i].setClientSecret(null);
    }
    return result;
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) Transactional(org.springframework.transaction.annotation.Transactional) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 30 with ClientDetailsModification

use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.

the class ClientAdminEndpoints method removeSecret.

private ClientDetailsModification removeSecret(ClientDetails client) {
    if (client == null) {
        return null;
    }
    ClientDetailsModification details = new ClientDetailsModification(client);
    details.setClientSecret(null);
    return details;
}
Also used : ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)

Aggregations

ClientDetailsModification (org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)31 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)20 Test (org.junit.jupiter.api.Test)16 ClientDetailsHelper.clientFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString)15 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)15 ResultActions (org.springframework.test.web.servlet.ResultActions)15 ClientDetailsHelper.arrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)14 ClientDetailsHelper.clientArrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString)14 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)14 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)8 Approval (org.cloudfoundry.identity.uaa.approval.Approval)4 HashMap (java.util.HashMap)3 AbstractUaaEvent (org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent)2 Test (org.junit.Test)2 Transactional (org.springframework.transaction.annotation.Transactional)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)2 HashSet (java.util.HashSet)1 ApprovalStore (org.cloudfoundry.identity.uaa.approval.ApprovalStore)1