use of org.cloudfoundry.identity.uaa.provider.IdentityProvider in project uaa by cloudfoundry.
the class LdapLoginAuthenticationManager method getExternalUserAuthorities.
@Override
protected List<String> getExternalUserAuthorities(UserDetails request) {
List<String> result = super.getExternalUserAuthorities(request);
if (getProviderProvisioning() != null) {
IdentityProvider provider = getProviderProvisioning().retrieveByOrigin(getOrigin(), IdentityZoneHolder.get().getId());
LdapIdentityProviderDefinition ldapIdentityProviderDefinition = ObjectUtils.castInstance(provider.getConfig(), LdapIdentityProviderDefinition.class);
List<String> externalWhiteList = ldapIdentityProviderDefinition.getExternalGroupsWhitelist();
result = new ArrayList(retainAllMatches(getAuthoritesAsNames(request.getAuthorities()), externalWhiteList));
}
return result;
}
use of org.cloudfoundry.identity.uaa.provider.IdentityProvider in project uaa by cloudfoundry.
the class LoginInfoEndpointTests method getPromptsFromNonOIDCProvider.
@Test
void getPromptsFromNonOIDCProvider() {
MockHttpServletRequest mockHttpServletRequest = getMockHttpServletRequest();
mockHttpServletRequest.setParameter("origin", "non-OIDC");
IdentityProvider provider = mock(IdentityProvider.class);
SamlIdentityProviderDefinition samlConfig = mock(SamlIdentityProviderDefinition.class);
when(provider.getConfig()).thenReturn(samlConfig);
when(mockIdentityProviderProvisioning.retrieveByOrigin("non-OIDC", "uaa")).thenReturn(provider);
MultitenantClientServices clientDetailsService = mockClientService();
LoginInfoEndpoint endpoint = getEndpoint(IdentityZoneHolder.get(), clientDetailsService);
endpoint.infoForLoginJson(extendedModelMap, null, mockHttpServletRequest);
assertNotNull(extendedModelMap.get("prompts"));
assertTrue(extendedModelMap.get("prompts") instanceof Map);
Map<String, String[]> returnedPrompts = (Map<String, String[]>) extendedModelMap.get("prompts");
assertEquals(2, returnedPrompts.size());
assertNotNull(returnedPrompts.get("username"));
assertEquals("Email", returnedPrompts.get("username")[1]);
assertNotNull(returnedPrompts.get("password"));
assertEquals("Password", returnedPrompts.get("password")[1]);
}
use of org.cloudfoundry.identity.uaa.provider.IdentityProvider in project uaa by cloudfoundry.
the class LoginInfoEndpointTests method mockOidcProvider.
private static void mockOidcProvider(IdentityProviderProvisioning mockIdentityProviderProvisioning) throws MalformedURLException {
IdentityProvider mockProvider = mock(IdentityProvider.class);
when(mockProvider.getOriginKey()).thenReturn("my-OIDC-idp1");
when(mockProvider.getType()).thenReturn(OriginKeys.OIDC10);
AbstractExternalOAuthIdentityProviderDefinition mockOidcConfig = mock(OIDCIdentityProviderDefinition.class);
when(mockOidcConfig.getAuthUrl()).thenReturn(new URL("http://localhost:8080/uaa"));
when(mockOidcConfig.getRelyingPartyId()).thenReturn("client-id");
when(mockOidcConfig.getResponseType()).thenReturn("token");
when(mockProvider.getConfig()).thenReturn(mockOidcConfig);
when(mockOidcConfig.isShowLinkText()).thenReturn(true);
when(mockIdentityProviderProvisioning.retrieveAll(anyBoolean(), any())).thenReturn(singletonList(mockProvider));
}
use of org.cloudfoundry.identity.uaa.provider.IdentityProvider in project uaa by cloudfoundry.
the class LoginInfoEndpointTests method promptLogic.
@Test
void promptLogic() throws Exception {
LoginInfoEndpoint endpoint = getEndpoint(IdentityZoneHolder.get());
IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true);
endpoint.loginForHtml(extendedModelMap, null, new MockHttpServletRequest("GET", "http://someurl"), singletonList(MediaType.TEXT_HTML));
assertNotNull("prompts attribute should be present", extendedModelMap.get("prompts"));
assertTrue("prompts should be a Map for Html content", extendedModelMap.get("prompts") instanceof Map);
Map mapPrompts = (Map) extendedModelMap.get("prompts");
assertEquals("there should be two prompts for html", 2, mapPrompts.size());
assertNotNull(mapPrompts.get("username"));
assertNotNull(mapPrompts.get("password"));
assertNull(mapPrompts.get("passcode"));
assertNull(mapPrompts.get("mfaCode"));
extendedModelMap.clear();
endpoint.infoForJson(extendedModelMap, null, new MockHttpServletRequest("GET", "http://someurl"));
assertNotNull("prompts attribute should be present", extendedModelMap.get("prompts"));
assertTrue("prompts should be a Map for JSON content", extendedModelMap.get("prompts") instanceof Map);
mapPrompts = (Map) extendedModelMap.get("prompts");
assertEquals("there should be two prompts for html", 3, mapPrompts.size());
assertNotNull(mapPrompts.get("username"));
assertNotNull(mapPrompts.get("password"));
assertNotNull(mapPrompts.get("mfaCode"));
assertNull(mapPrompts.get("passcode"));
// add a SAML IDP, should make the passcode prompt appear
extendedModelMap.clear();
when(mockSamlIdentityProviderConfigurator.getIdentityProviderDefinitions((List<String>) isNull(), eq(IdentityZone.getUaa()))).thenReturn(idps);
endpoint.infoForJson(extendedModelMap, null, new MockHttpServletRequest("GET", "http://someurl"));
assertNotNull("prompts attribute should be present", extendedModelMap.get("prompts"));
assertTrue("prompts should be a Map for JSON content", extendedModelMap.get("prompts") instanceof Map);
mapPrompts = (Map) extendedModelMap.get("prompts");
assertEquals("there should be three prompts for html", 4, mapPrompts.size());
assertNotNull(mapPrompts.get("username"));
assertNotNull(mapPrompts.get("password"));
assertNotNull(mapPrompts.get("passcode"));
assertNotNull(mapPrompts.get("mfaCode"));
when(mockSamlIdentityProviderConfigurator.getIdentityProviderDefinitions((List<String>) isNull(), eq(IdentityZone.getUaa()))).thenReturn(idps);
IdentityProvider ldapIdentityProvider = new IdentityProvider();
ldapIdentityProvider.setActive(false);
when(mockIdentityProviderProvisioning.retrieveByOrigin(OriginKeys.LDAP, "uaa")).thenReturn(ldapIdentityProvider);
IdentityProvider uaaIdentityProvider = new IdentityProvider();
uaaIdentityProvider.setActive(false);
when(mockIdentityProviderProvisioning.retrieveByOriginIgnoreActiveFlag(OriginKeys.UAA, "uaa")).thenReturn(uaaIdentityProvider);
extendedModelMap.clear();
endpoint.infoForJson(extendedModelMap, null, new MockHttpServletRequest("GET", "http://someurl"));
assertNotNull("prompts attribute should be present", extendedModelMap.get("prompts"));
mapPrompts = (Map) extendedModelMap.get("prompts");
assertNull(mapPrompts.get("username"));
assertNull(mapPrompts.get("password"));
assertNotNull(mapPrompts.get("passcode"));
}
use of org.cloudfoundry.identity.uaa.provider.IdentityProvider in project uaa by cloudfoundry.
the class LoginInfoEndpointTests method getPromptsFromOIDCProvider.
@Test
void getPromptsFromOIDCProvider() {
List<Prompt> customPrompts = new ArrayList<>();
customPrompts.add(new Prompt("username", "text", "MyEmail"));
customPrompts.add(new Prompt("password", "password", "MyPassword"));
customPrompts.add(new Prompt("passcode", "text", "MyTemporary Authentication Code ( Get one at " + HTTP_LOCALHOST_8080_UAA + "/passcode )"));
MockHttpServletRequest mockHttpServletRequest = getMockHttpServletRequest();
mockHttpServletRequest.setParameter("origin", "OIDC-without-prompts");
IdentityProvider provider = mock(IdentityProvider.class);
OIDCIdentityProviderDefinition oidcConfig = mock(OIDCIdentityProviderDefinition.class);
when(oidcConfig.getPrompts()).thenReturn(customPrompts);
when(provider.getConfig()).thenReturn(oidcConfig);
when(mockIdentityProviderProvisioning.retrieveByOrigin("OIDC-without-prompts", "uaa")).thenReturn(provider);
MultitenantClientServices clientDetailsService = mockClientService();
LoginInfoEndpoint endpoint = getEndpoint(IdentityZoneHolder.get(), clientDetailsService);
endpoint.infoForLoginJson(extendedModelMap, null, mockHttpServletRequest);
assertNotNull(extendedModelMap.get("prompts"));
assertTrue(extendedModelMap.get("prompts") instanceof Map);
Map<String, String[]> returnedPrompts = (Map<String, String[]>) extendedModelMap.get("prompts");
assertEquals(2, returnedPrompts.size());
assertNotNull(returnedPrompts.get("username"));
assertEquals("MyEmail", returnedPrompts.get("username")[1]);
assertNotNull(returnedPrompts.get("password"));
assertEquals("MyPassword", returnedPrompts.get("password")[1]);
}
Aggregations