Examples with ExtendedLdapUserImpl org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl used on opensource projects

Search in sources :

Example 1 with ExtendedLdapUserImpl

use of org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl in project uaa by cloudfoundry.

the class LdapLoginAuthenticationManagerTests method getAuthDetails.

private ExtendedLdapUserImpl getAuthDetails(String email, String givenName, String familyName, String phoneNumber, AttributeInfo... attributes) {
    String[] emails = { email };
    String[] given_names = { givenName };
    String[] family_names = { familyName };
    String[] phone_numbers = { phoneNumber };
    info.put(EMAIL_ATTRIBUTE, emails);
    info.put(GIVEN_NAME_ATTRIBUTE, given_names);
    info.put(FAMILY_NAME_ATTRIBUTE, family_names);
    info.put(PHONE_NUMBER_ATTTRIBUTE, phone_numbers);
    for (AttributeInfo i : attributes) {
        info.put(i.getName(), i.getValues());
    }
    authUserDetail = new ExtendedLdapUserImpl(mockLdapUserDetails(), info);
    authUserDetail.setMailAttributeName(EMAIL_ATTRIBUTE);
    authUserDetail.setGivenNameAttributeName(GIVEN_NAME_ATTRIBUTE);
    authUserDetail.setFamilyNameAttributeName(FAMILY_NAME_ATTRIBUTE);
    authUserDetail.setPhoneNumberAttributeName(PHONE_NUMBER_ATTTRIBUTE);
    return authUserDetail;
}
Also used : ExtendedLdapUserImpl(org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)

Example 2 with ExtendedLdapUserImpl

use of org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl in project uaa by cloudfoundry.

the class LdapLoginAuthenticationManagerTests method update_existingUser_if_attributes_different.

@Test
void update_existingUser_if_attributes_different() {
    ExtendedLdapUserImpl authDetails = getAuthDetails(LDAP_EMAIL, "MarissaChanged", "BloggsChanged", "8675309");
    when(auth.getPrincipal()).thenReturn(authDetails);
    UaaUser user = getUaaUser();
    UaaUser userFromRequest = am.getUser(auth, null);
    am.userAuthenticated(auth, userFromRequest, user);
    ArgumentCaptor<ExternalGroupAuthorizationEvent> captor = ArgumentCaptor.forClass(ExternalGroupAuthorizationEvent.class);
    verify(publisher, times(1)).publishEvent(captor.capture());
    assertEquals(LDAP_EMAIL, captor.getValue().getUser().getEmail());
    assertEquals("MarissaChanged", captor.getValue().getUser().getGivenName());
    assertEquals("BloggsChanged", captor.getValue().getUser().getFamilyName());
}
Also used : ExtendedLdapUserImpl(org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) Test(org.junit.jupiter.api.Test)

Example 3 with ExtendedLdapUserImpl

use of org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl in project uaa by cloudfoundry.

the class LdapLoginAuthenticationManagerTests method test_authentication_attributes.

void test_authentication_attributes(boolean storeUserInfo) {
    UaaUser user = getUaaUser();
    ExtendedLdapUserImpl authDetails = getAuthDetails(user.getEmail(), user.getGivenName(), user.getFamilyName(), user.getPhoneNumber(), new AttributeInfo(UAA_MANAGER, new String[] { KARI_THE_ANT_EATER, JOHN_THE_SLOTH }), new AttributeInfo(COST_CENTER, new String[] { DENVER_CO }));
    Map<String, String[]> role1 = new HashMap<>();
    role1.put("cn", new String[] { "ldap.role.1.a", "ldap.role.1.b", "ldap.role.1" });
    Map<String, String[]> role2 = new HashMap<>();
    role2.put("cn", new String[] { "ldap.role.2.a", "ldap.role.2.b", "ldap.role.2" });
    authDetails.setAuthorities(Arrays.asList(new LdapAuthority("role1", "cn=role1,ou=test,ou=com", role1), new LdapAuthority("role2", "cn=role2,ou=test,ou=com", role2)));
    definition.setExternalGroupsWhitelist(Collections.singletonList("*"));
    when(auth.getPrincipal()).thenReturn(authDetails);
    UaaUserDatabase db = mock(UaaUserDatabase.class);
    when(db.retrieveUserByName(anyString(), eq(OriginKeys.LDAP))).thenReturn(user);
    when(db.retrieveUserById(anyString())).thenReturn(user);
    am.setOrigin(OriginKeys.LDAP);
    am.setUserDatabase(db);
    // set the config flag
    definition.setStoreCustomAttributes(storeUserInfo);
    UaaAuthentication authentication = (UaaAuthentication) am.authenticate(auth);
    UserInfo info = new UserInfo().setUserAttributes(authentication.getUserAttributes()).setRoles(Arrays.asList("ldap.role.1.a", "ldap.role.1.b", "ldap.role.1", "ldap.role.2.a", "ldap.role.2.b", "ldap.role.2"));
    if (storeUserInfo) {
        verify(db, times(1)).storeUserInfo(anyString(), eq(info));
    } else {
        verify(db, never()).storeUserInfo(anyString(), eq(info));
    }
    assertEquals("Expected two user attributes", 2, authentication.getUserAttributes().size());
    assertNotNull("Expected cost center attribute", authentication.getUserAttributes().get(COST_CENTERS));
    assertEquals(DENVER_CO, authentication.getUserAttributes().getFirst(COST_CENTERS));
    assertNotNull("Expected manager attribute", authentication.getUserAttributes().get(MANAGERS));
    assertEquals("Expected 2 manager attribute values", 2, authentication.getUserAttributes().get(MANAGERS).size());
    assertThat(authentication.getUserAttributes().get(MANAGERS), containsInAnyOrder(JOHN_THE_SLOTH, KARI_THE_ANT_EATER));
    assertThat(authentication.getAuthenticationMethods(), containsInAnyOrder("ext", "pwd"));
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) ExtendedLdapUserImpl(org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl) LdapAuthority(org.cloudfoundry.identity.uaa.provider.ldap.extension.LdapAuthority) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) UserInfo(org.cloudfoundry.identity.uaa.user.UserInfo) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) UaaUserDatabase(org.cloudfoundry.identity.uaa.user.UaaUserDatabase)

Example 4 with ExtendedLdapUserImpl

use of org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl in project uaa by cloudfoundry.

the class ExternalLoginAuthenticationManagerTest method testAuthenticateCreateUserWithLdapUserDetailsPrincipal.

@Test
public void testAuthenticateCreateUserWithLdapUserDetailsPrincipal() {
    String dn = "cn=" + userName + ",ou=Users,dc=test,dc=com";
    String origin = LDAP;
    String email = "joe@test.org";
    LdapUserDetails baseLdapUserDetails = mock(LdapUserDetails.class);
    mockUserDetails(baseLdapUserDetails);
    when(baseLdapUserDetails.getDn()).thenReturn(dn);
    HashMap<String, String[]> ldapAttrs = new HashMap<>();
    String ldapMailAttrName = "email";
    ldapAttrs.put(ldapMailAttrName, new String[] { email });
    ExtendedLdapUserImpl ldapUserDetails = new ExtendedLdapUserImpl(baseLdapUserDetails, ldapAttrs);
    ldapUserDetails.setMailAttributeName(ldapMailAttrName);
    manager = new LdapLoginAuthenticationManager(null);
    setupManager();
    manager.setProviderProvisioning(null);
    manager.setOrigin(origin);
    when(user.getEmail()).thenReturn(email);
    when(user.getOrigin()).thenReturn(origin);
    when(uaaUserDatabase.retrieveUserByName(eq(userName), eq(origin))).thenReturn(null).thenReturn(user);
    when(inputAuth.getPrincipal()).thenReturn(ldapUserDetails);
    Authentication result = manager.authenticate(inputAuth);
    assertNotNull(result);
    assertEquals(UaaAuthentication.class, result.getClass());
    UaaAuthentication uaaAuthentication = (UaaAuthentication) result;
    assertEquals(userName, uaaAuthentication.getPrincipal().getName());
    assertEquals(origin, uaaAuthentication.getPrincipal().getOrigin());
    assertEquals(userId, uaaAuthentication.getPrincipal().getId());
    userArgumentCaptor = ArgumentCaptor.forClass(ApplicationEvent.class);
    verify(applicationEventPublisher, times(3)).publishEvent(userArgumentCaptor.capture());
    assertEquals(3, userArgumentCaptor.getAllValues().size());
    NewUserAuthenticatedEvent event = (NewUserAuthenticatedEvent) userArgumentCaptor.getAllValues().get(0);
    assertEquals(origin, event.getUser().getOrigin());
    assertEquals(dn, event.getUser().getExternalId());
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) ExtendedLdapUserImpl(org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) LdapUserDetails(org.springframework.security.ldap.userdetails.LdapUserDetails) ExtendedLdapUserDetails(org.cloudfoundry.identity.uaa.provider.ldap.ExtendedLdapUserDetails) ApplicationEvent(org.springframework.context.ApplicationEvent) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.Test)

Example 5 with ExtendedLdapUserImpl

use of org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl in project uaa by cloudfoundry.

the class ExtendedLdapUserMapper method mapUserFromContext.

@Override
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) {
    LdapUserDetails ldapUserDetails = (LdapUserDetails) super.mapUserFromContext(ctx, username, authorities);
    DirContextAdapter adapter = (DirContextAdapter) ctx;
    Map<String, String[]> record = new HashMap<String, String[]>();
    List<String> attributeNames = Collections.list(adapter.getAttributes().getIDs());
    for (String attributeName : attributeNames) {
        try {
            Object[] objValues = adapter.getObjectAttributes(attributeName);
            String[] values = new String[objValues != null ? objValues.length : 0];
            for (int i = 0; i < values.length; i++) {
                if (objValues[i] != null) {
                    if (objValues[i].getClass().isAssignableFrom(String.class)) {
                        values[i] = (String) objValues[i];
                    } else if (objValues[i] instanceof byte[]) {
                        values[i] = new String((byte[]) objValues[i]);
                    } else {
                        values[i] = objValues[i].toString();
                    }
                }
            }
            if (values == null || values.length == 0) {
                logger.debug("No attribute value found for '" + attributeName + "'");
            } else {
                record.put(attributeName, values);
            }
        } catch (ArrayStoreException x) {
            logger.debug("Attribute value is not a string for '" + attributeName + "'");
        }
    }
    record.put(DN_KEY, new String[] { adapter.getDn().toString() });
    String mailAttr = configureMailAttribute(username, record);
    ExtendedLdapUserImpl result = new ExtendedLdapUserImpl(ldapUserDetails, record);
    result.setMailAttributeName(mailAttr);
    result.setGivenNameAttributeName(givenNameAttributeName);
    result.setFamilyNameAttributeName(familyNameAttributeName);
    result.setPhoneNumberAttributeName(phoneNumberAttributeName);
    result.setEmailVerifiedAttributeName(emailVerifiedAttributeName);
    return result;
}
Also used : HashMap(java.util.HashMap) ExtendedLdapUserImpl(org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl) LdapUserDetails(org.springframework.security.ldap.userdetails.LdapUserDetails) DirContextAdapter(org.springframework.ldap.core.DirContextAdapter)

Aggregations

ExtendedLdapUserImpl (org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl)11 UaaUser (org.cloudfoundry.identity.uaa.user.UaaUser)4 Test (org.junit.Test)4 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)4 DirContextAdapter (org.springframework.ldap.core.DirContextAdapter)4 LdapName (javax.naming.ldap.LdapName)3 Test (org.junit.jupiter.api.Test)3 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)2 LdapAuthority (org.cloudfoundry.identity.uaa.provider.ldap.extension.LdapAuthority)2 LdapUserDetails (org.springframework.security.ldap.userdetails.LdapUserDetails)2 HashMap (java.util.HashMap)1 ExtendedLdapUserDetails (org.cloudfoundry.identity.uaa.provider.ldap.ExtendedLdapUserDetails)1 UaaUserDatabase (org.cloudfoundry.identity.uaa.user.UaaUserDatabase)1 UserInfo (org.cloudfoundry.identity.uaa.user.UserInfo)1 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)1 ApplicationEvent (org.springframework.context.ApplicationEvent)1 Authentication (org.springframework.security.core.Authentication)1 UserDetails (org.springframework.security.core.userdetails.UserDetails)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial