Example 6 with ScimMeta
use of org.cloudfoundry.identity.uaa.scim.ScimMeta in project uaa by cloudfoundry.
the class PasswordResetEndpointTest method changePassword_Returns422UnprocessableEntity_NewPasswordSameAsOld.
@Test
void changePassword_Returns422UnprocessableEntity_NewPasswordSameAsOld() throws Exception {
Mockito.reset(mockPasswordValidator);
when(mockExpiringCodeStore.retrieveCode("emailed_code", currentZoneId)).thenReturn(new ExpiringCode("emailed_code", new Timestamp(System.currentTimeMillis() + UaaResetPasswordService.PASSWORD_RESET_LIFETIME), "{\"user_id\":\"eyedee\",\"username\":\"user@example.com\",\"passwordModifiedTime\":null,\"client_id\":\"\",\"redirect_uri\":\"\"}", null));
ScimUser scimUser = new ScimUser("eyedee", "user@example.com", "User", "Man");
scimUser.setMeta(new ScimMeta(new Date(System.currentTimeMillis() - (1000 * 60 * 60 * 24)), new Date(System.currentTimeMillis() - (1000 * 60 * 60 * 24)), 0));
scimUser.addEmail("user@example.com");
scimUser.setVerified(true);
when(mockScimUserProvisioning.retrieve("eyedee", currentZoneId)).thenReturn(scimUser);
when(mockScimUserProvisioning.checkPasswordMatches("eyedee", "new_secret", currentZoneId)).thenReturn(true);
MockHttpServletRequestBuilder post = post("/password_change").contentType(APPLICATION_JSON).content("{\"code\":\"emailed_code\",\"new_password\":\"new_secret\"}").accept(APPLICATION_JSON);
SecurityContextHolder.getContext().setAuthentication(new MockAuthentication());
mockMvc.perform(post).andExpect(status().isUnprocessableEntity()).andExpect(content().string(JsonObjectMatcherUtils.matchesJsonObject(new JSONObject().put("error_description", "Your new password cannot be the same as the old password.").put("message", "Your new password cannot be the same as the old password.").put("error", "invalid_password"))));
}
Also used :
ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser)
ScimMeta(org.cloudfoundry.identity.uaa.scim.ScimMeta)
ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode)
JSONObject(org.json.JSONObject)
MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)
MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication)
Timestamp(java.sql.Timestamp)
Date(java.util.Date)
Test(org.junit.jupiter.api.Test)
Example 7 with ScimMeta
use of org.cloudfoundry.identity.uaa.scim.ScimMeta in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method resetPassword_ForcedChange.
@Test
void resetPassword_ForcedChange() {
String userId = "user-id";
ScimUser user = new ScimUser(userId, "username", "firstname", "lastname");
user.setMeta(new ScimMeta(new Date(), new Date(), 0));
user.setPrimaryEmail("foo@example.com");
when(scimUserProvisioning.retrieve(userId, currentZoneId)).thenReturn(user);
uaaResetPasswordService.resetUserPassword(userId, "password");
verify(scimUserProvisioning, times(1)).updatePasswordChangeRequired(userId, false, currentZoneId);
verify(scimUserProvisioning, times(1)).changePassword(userId, null, "password", currentZoneId);
}
Also used :
ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser)
ScimMeta(org.cloudfoundry.identity.uaa.scim.ScimMeta)
Matchers.containsString(org.hamcrest.Matchers.containsString)
Mockito.anyString(org.mockito.Mockito.anyString)
Date(java.util.Date)
Test(org.junit.jupiter.api.Test)
Example 8 with ScimMeta
use of org.cloudfoundry.identity.uaa.scim.ScimMeta in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method setupResetPassword.
private ExpiringCode setupResetPassword(String clientId, String redirectUri) {
ScimUser user = new ScimUser("usermans-id", "userman", "firstName", "lastName");
user.setMeta(new ScimMeta(new Date(System.currentTimeMillis() - (1000 * 60 * 60 * 24)), new Date(System.currentTimeMillis() - (1000 * 60 * 60 * 24)), 0));
user.setPrimaryEmail("user@example.com");
String zoneId = currentZoneId;
when(scimUserProvisioning.retrieve(eq("usermans-id"), eq(zoneId))).thenReturn(user);
ExpiringCode code = new ExpiringCode("code", new Timestamp(System.currentTimeMillis()), "{\"user_id\":\"usermans-id\",\"username\":\"userman\",\"passwordModifiedTime\":null,\"client_id\":\"" + clientId + "\",\"redirect_uri\":\"" + redirectUri + "\"}", null);
when(codeStore.retrieveCode(eq("secret_code"), anyString())).thenReturn(code);
SecurityContext securityContext = mock(SecurityContext.class);
when(securityContext.getAuthentication()).thenReturn(new MockAuthentication());
SecurityContextHolder.setContext(securityContext);
return code;
}
Also used :
ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser)
ScimMeta(org.cloudfoundry.identity.uaa.scim.ScimMeta)
ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode)
MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication)
SecurityContext(org.springframework.security.core.context.SecurityContext)
Matchers.containsString(org.hamcrest.Matchers.containsString)
Mockito.anyString(org.mockito.Mockito.anyString)
Timestamp(java.sql.Timestamp)
Date(java.util.Date)
Example 9 with ScimMeta
use of org.cloudfoundry.identity.uaa.scim.ScimMeta in project uaa by cloudfoundry.
the class UaaResetPasswordServiceTests method resetPassword_InvalidPasswordException_NewPasswordSameAsOld.
@Test
void resetPassword_InvalidPasswordException_NewPasswordSameAsOld() {
ScimUser user = new ScimUser("user-id", "username", "firstname", "lastname");
user.setMeta(new ScimMeta(new Date(), new Date(), 0));
user.setPrimaryEmail("foo@example.com");
ExpiringCode expiringCode = new ExpiringCode("good_code", new Timestamp(System.currentTimeMillis() + UaaResetPasswordService.PASSWORD_RESET_LIFETIME), "{\"user_id\":\"user-id\",\"username\":\"username\",\"passwordModifiedTime\":null,\"client_id\":\"\",\"redirect_uri\":\"\"}", null);
when(codeStore.retrieveCode("good_code", currentZoneId)).thenReturn(expiringCode);
when(scimUserProvisioning.retrieve("user-id", currentZoneId)).thenReturn(user);
when(scimUserProvisioning.checkPasswordMatches("user-id", "Passwo3dAsOld", currentZoneId)).thenThrow(new InvalidPasswordException("Your new password cannot be the same as the old password.", UNPROCESSABLE_ENTITY));
SecurityContext securityContext = mock(SecurityContext.class);
when(securityContext.getAuthentication()).thenReturn(new MockAuthentication());
SecurityContextHolder.setContext(securityContext);
try {
uaaResetPasswordService.resetPassword(expiringCode, "Passwo3dAsOld");
fail();
} catch (InvalidPasswordException e) {
assertEquals("Your new password cannot be the same as the old password.", e.getMessage());
assertEquals(UNPROCESSABLE_ENTITY, e.getStatus());
}
}
Also used :
ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser)
ScimMeta(org.cloudfoundry.identity.uaa.scim.ScimMeta)
ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode)
MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication)
SecurityContext(org.springframework.security.core.context.SecurityContext)
InvalidPasswordException(org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException)
Timestamp(java.sql.Timestamp)
Date(java.util.Date)
Test(org.junit.jupiter.api.Test)
Example 10 with ScimMeta
use of org.cloudfoundry.identity.uaa.scim.ScimMeta in project uaa by cloudfoundry.
the class ScimUserEndpointsTests method deleteIsNotAllowedWithWrongVersionInEtag.
@Test
void deleteIsNotAllowedWithWrongVersionInEtag() {
ScimUser exGuy = new ScimUser(null, "deleteme2", "Expendable", "Guy");
exGuy.addEmail("exguy2@imonlyheretobedeleted.com");
exGuy = jdbcScimUserProvisioning.createUser(exGuy, "exguyspassword", identityZone.getId());
final String exGuyId = exGuy.getId();
final ScimMeta exGuyMeta = exGuy.getMeta();
assertThrows(OptimisticLockingFailureException.class, () -> scimUserEndpoints.deleteUser(exGuyId, Integer.toString(exGuyMeta.getVersion() + 1), new MockHttpServletRequest(), new MockHttpServletResponse()));
}
Also used :
ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser)
ScimMeta(org.cloudfoundry.identity.uaa.scim.ScimMeta)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Matchers.containsString(org.hamcrest.Matchers.containsString)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Aggregations
ScimMeta (org.cloudfoundry.identity.uaa.scim.ScimMeta)13
ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)12
Test (org.junit.jupiter.api.Test)11
Date (java.util.Date)10
Timestamp (java.sql.Timestamp)6
ExpiringCode (org.cloudfoundry.identity.uaa.codestore.ExpiringCode)6
MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)6
MockAuthentication (org.cloudfoundry.identity.uaa.test.MockAuthentication)5
Matchers.containsString (org.hamcrest.Matchers.containsString)5
Mockito.anyString (org.mockito.Mockito.anyString)4
InvalidPasswordException (org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException)3
SecurityContext (org.springframework.security.core.context.SecurityContext)2
ScimGroup (org.cloudfoundry.identity.uaa.scim.ScimGroup)1
PasswordChange (org.cloudfoundry.identity.uaa.scim.endpoints.PasswordChange)1
JSONObject (org.json.JSONObject)1
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)1
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1
