Search in sources :

Example 1 with ScimUser

use of org.cloudfoundry.identity.uaa.scim.ScimUser in project uaa by cloudfoundry.

the class UaaChangePasswordServiceTest method getScimUsers.

private List<ScimUser> getScimUsers() {
    ScimUser.Email email = new ScimUser.Email();
    email.setValue("username@test.com");
    ScimUser user = new ScimUser("id", "username", "givenName", "familyName");
    user.setEmails(Collections.singletonList(email));
    return Collections.singletonList(user);
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser)

Example 2 with ScimUser

use of org.cloudfoundry.identity.uaa.scim.ScimUser in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method resetPassword_ForcedChange_NewPasswordSameAsOld.

@Test
void resetPassword_ForcedChange_NewPasswordSameAsOld() {
    String userId = "user-id";
    ScimUser user = new ScimUser(userId, "username", "firstname", "lastname");
    user.setMeta(new ScimMeta(new Date(), new Date(), 0));
    user.setPrimaryEmail("foo@example.com");
    when(scimUserProvisioning.retrieve(userId, currentZoneId)).thenReturn(user);
    when(scimUserProvisioning.checkPasswordMatches("user-id", "password", currentZoneId)).thenThrow(new InvalidPasswordException("Your new password cannot be the same as the old password.", UNPROCESSABLE_ENTITY));
    assertThrows(InvalidPasswordException.class, () -> uaaResetPasswordService.resetUserPassword(userId, "password"));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) ScimMeta(org.cloudfoundry.identity.uaa.scim.ScimMeta) InvalidPasswordException(org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException) Matchers.containsString(org.hamcrest.Matchers.containsString) Mockito.anyString(org.mockito.Mockito.anyString) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 3 with ScimUser

use of org.cloudfoundry.identity.uaa.scim.ScimUser in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method resetPassword_forcedChange_must_verify_password_policy.

@Test
void resetPassword_forcedChange_must_verify_password_policy() {
    String userId = "user-id";
    ScimUser user = new ScimUser(userId, "username", "firstname", "lastname");
    user.setMeta(new ScimMeta(new Date(), new Date(), 0));
    user.setPrimaryEmail("foo@example.com");
    when(scimUserProvisioning.retrieve(userId, currentZoneId)).thenReturn(user);
    doThrow(new InvalidPasswordException("Password cannot contain whitespace characters.")).when(passwordValidator).validate("new password");
    assertThrowsWithMessageThat(InvalidPasswordException.class, () -> uaaResetPasswordService.resetUserPassword(userId, "new password"), containsString("Password cannot contain whitespace characters."));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) ScimMeta(org.cloudfoundry.identity.uaa.scim.ScimMeta) InvalidPasswordException(org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException) Matchers.containsString(org.hamcrest.Matchers.containsString) Mockito.anyString(org.mockito.Mockito.anyString) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 4 with ScimUser

use of org.cloudfoundry.identity.uaa.scim.ScimUser in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method forgotPassword_PublishesResetPasswordRequestEvent.

@Test
void forgotPassword_PublishesResetPasswordRequestEvent() {
    ApplicationEventPublisher publisher = mock(ApplicationEventPublisher.class);
    Authentication authentication = mock(Authentication.class);
    uaaResetPasswordService.setApplicationEventPublisher(publisher);
    SecurityContextHolder.getContext().setAuthentication(authentication);
    ScimUser user = new ScimUser("user-id-001", "exampleUser", "firstName", "lastName");
    user.setPrimaryEmail("user@example.com");
    String zoneId = currentZoneId;
    when(scimUserProvisioning.retrieveByUsernameAndOriginAndZone(anyString(), anyString(), eq(zoneId))).thenReturn(Collections.singletonList(user));
    Timestamp expiresAt = new Timestamp(System.currentTimeMillis());
    when(codeStore.generateCode(anyString(), any(Timestamp.class), anyString(), anyString())).thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null));
    uaaResetPasswordService.forgotPassword("exampleUser", "", "");
    ArgumentCaptor<ResetPasswordRequestEvent> captor = ArgumentCaptor.forClass(ResetPasswordRequestEvent.class);
    verify(publisher).publishEvent(captor.capture());
    ResetPasswordRequestEvent event = captor.getValue();
    assertThat(event.getSource(), equalTo("exampleUser"));
    assertThat(event.getCode(), equalTo("code"));
    assertThat(event.getEmail(), equalTo("user@example.com"));
    assertThat(event.getAuthentication(), sameInstance(authentication));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication) Authentication(org.springframework.security.core.Authentication) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) Matchers.containsString(org.hamcrest.Matchers.containsString) Mockito.anyString(org.mockito.Mockito.anyString) Timestamp(java.sql.Timestamp) ResetPasswordRequestEvent(org.cloudfoundry.identity.uaa.account.event.ResetPasswordRequestEvent) Test(org.junit.jupiter.api.Test)

Example 5 with ScimUser

use of org.cloudfoundry.identity.uaa.scim.ScimUser in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method forgotPassword_ResetCodeIsReturnedSuccessfully.

@Test
void forgotPassword_ResetCodeIsReturnedSuccessfully() {
    ScimUser user = new ScimUser("user-id-001", "exampleUser", "firstName", "lastName");
    user.setPasswordLastModified(new Date(1234));
    user.setPrimaryEmail("user@example.com");
    String zoneID = currentZoneId;
    when(scimUserProvisioning.retrieveByUsernameAndOriginAndZone(anyString(), anyString(), eq(zoneID))).thenReturn(Collections.singletonList(user));
    Timestamp expiresAt = new Timestamp(System.currentTimeMillis());
    ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
    when(codeStore.generateCode(eq("{\"user_id\":\"user-id-001\",\"username\":\"exampleUser\",\"passwordModifiedTime\":1234,\"client_id\":\"example\",\"redirect_uri\":\"redirect.example.com\"}"), any(Timestamp.class), anyString(), anyString())).thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null));
    ForgotPasswordInfo forgotPasswordInfo = uaaResetPasswordService.forgotPassword("exampleUser", "example", "redirect.example.com");
    verify(codeStore).expireByIntent(captor.capture(), anyString());
    assertEquals(UaaResetPasswordService.FORGOT_PASSWORD_INTENT_PREFIX + user.getId(), captor.getValue());
    assertThat(forgotPasswordInfo.getUserId(), equalTo("user-id-001"));
    assertThat(forgotPasswordInfo.getEmail(), equalTo("user@example.com"));
    ExpiringCode resetPasswordCode = forgotPasswordInfo.getResetPasswordCode();
    assertThat(resetPasswordCode.getCode(), equalTo("code"));
    assertThat(resetPasswordCode.getExpiresAt(), equalTo(expiresAt));
    assertThat(resetPasswordCode.getData(), equalTo("user-id-001"));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) ForgotPasswordInfo(org.cloudfoundry.identity.uaa.account.ForgotPasswordInfo) Matchers.containsString(org.hamcrest.Matchers.containsString) Mockito.anyString(org.mockito.Mockito.anyString) Timestamp(java.sql.Timestamp) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Aggregations

ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)495 Test (org.junit.jupiter.api.Test)301 Matchers.containsString (org.hamcrest.Matchers.containsString)136 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)80 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)75 Test (org.junit.Test)57 ExpiringCode (org.cloudfoundry.identity.uaa.codestore.ExpiringCode)56 MvcResult (org.springframework.test.web.servlet.MvcResult)50 Timestamp (java.sql.Timestamp)49 MockHttpSession (org.springframework.mock.web.MockHttpSession)47 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)46 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)43 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)41 HashMap (java.util.HashMap)39 IdentityZone (org.cloudfoundry.identity.uaa.zone.IdentityZone)35 Map (java.util.Map)34 ScimGroup (org.cloudfoundry.identity.uaa.scim.ScimGroup)33 RestTemplate (org.springframework.web.client.RestTemplate)30 ScimGroupMember (org.cloudfoundry.identity.uaa.scim.ScimGroupMember)29 List (java.util.List)27