Search in sources :

Example 1 with ScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning in project uaa by cloudfoundry.

the class UaaChangePasswordServiceTest method setUp.

@Before
public void setUp() {
    SecurityContextHolder.clearContext();
    SecurityContextHolder.getContext().setAuthentication(new MockAuthentication());
    scimUserProvisioning = mock(ScimUserProvisioning.class);
    passwordValidator = mock(PasswordValidator.class);
    subject = new UaaChangePasswordService(scimUserProvisioning, passwordValidator);
}
Also used : MockAuthentication(org.cloudfoundry.identity.uaa.test.MockAuthentication) PasswordValidator(org.cloudfoundry.identity.uaa.scim.validate.PasswordValidator) ScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning) UaaChangePasswordService(org.cloudfoundry.identity.uaa.account.UaaChangePasswordService) Before(org.junit.Before)

Example 2 with ScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning in project uaa by cloudfoundry.

the class ScimUserEndpointsMockMvcTests method verifyUser.

private void verifyUser(String token) throws Exception {
    ScimUserProvisioning usersRepository = webApplicationContext.getBean(ScimUserProvisioning.class);
    String email = "joe@" + generator.generate().toLowerCase() + ".com";
    ScimUser joel = new ScimUser(null, email, "Joel", "D'sa");
    joel.addEmail(email);
    joel = usersRepository.createUser(joel, "pas5Word", IdentityZoneHolder.get().getId());
    MockHttpServletRequestBuilder get = MockMvcRequestBuilders.get("/Users/" + joel.getId() + "/verify").header("Authorization", "Bearer " + token).accept(APPLICATION_JSON);
    mockMvc.perform(get).andExpect(status().isOk()).andExpect(header().string("ETag", "\"0\"")).andExpect(jsonPath("$.userName").value(email)).andExpect(jsonPath("$.emails[0].value").value(email)).andExpect(jsonPath("$.name.familyName").value("D'sa")).andExpect(jsonPath("$.name.givenName").value("Joel")).andExpect(jsonPath("$.verified").value(true));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning)

Example 3 with ScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning in project uaa by cloudfoundry.

the class ScimUserEndpointsMockMvcTests method updateUser.

private ScimUser updateUser(String token, int status) throws Exception {
    ScimUserProvisioning usersRepository = webApplicationContext.getBean(ScimUserProvisioning.class);
    String email = "otheruser@" + generator.generate().toLowerCase() + ".com";
    ScimUser user = new ScimUser(null, email, "Other", "User");
    user.addEmail(email);
    user = usersRepository.createUser(user, "pas5Word", IdentityZoneHolder.get().getId());
    if (status == HttpStatus.BAD_REQUEST.value()) {
        user.setUserName(null);
    } else {
        String username2 = "ou" + generator.generate().toLowerCase();
        user.setUserName(username2);
    }
    user.setName(new ScimUser.Name("Joe", "Smith"));
    return updateUser(token, status, user);
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) ScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning)

Example 4 with ScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning in project uaa by cloudfoundry.

the class TokenRevocationEndpointTests method setupForTokenRevocation.

@BeforeEach
void setupForTokenRevocation() {
    String zoneId = IdentityZoneHolder.get().getId();
    RandomValueStringGenerator generator = new RandomValueStringGenerator();
    String clientId = generator.generate().toLowerCase();
    client = new BaseClientDetails(clientId, "", "some.scopes", "client_credentials", "authorities");
    client.addAdditionalInformation(TOKEN_SALT, "pre-salt");
    IdentityZoneManager mockIdentityZoneManager = mock(IdentityZoneManager.class);
    when(mockIdentityZoneManager.getCurrentIdentityZoneId()).thenReturn(IdentityZone.getUaaZoneId());
    clientService = spy(new MultitenantJdbcClientDetailsService(jdbcTemplate, mockIdentityZoneManager, passwordEncoder));
    clientService.addClientDetails(client, zoneId);
    ScimUserProvisioning userProvisioning = new JdbcScimUserProvisioning(jdbcTemplate, new JdbcPagingListFactory(jdbcTemplate, limitSqlAdapter), passwordEncoder);
    JdbcRevocableTokenProvisioning provisioning = spy(new JdbcRevocableTokenProvisioning(jdbcTemplate, limitSqlAdapter, new TimeServiceImpl()));
    endpoint = spy(new TokenRevocationEndpoint(clientService, userProvisioning, provisioning));
    ApplicationEventPublisher publisher = mock(ApplicationEventPublisher.class);
    endpoint.setApplicationEventPublisher(publisher);
    SecurityContextHolder.getContext().setAuthentication(new UaaOauth2Authentication("token-value", zoneId, mock(OAuth2Request.class), new UaaAuthentication(new UaaPrincipal("id", "username", "username@test.com", OriginKeys.UAA, "", zoneId), Collections.emptyList(), mock(UaaAuthenticationDetails.class))));
    provisioning.create(new RevocableToken().setClientId(client.getClientId()).setTokenId("token-id").setUserId(null).setResponseType(RevocableToken.TokenType.ACCESS_TOKEN).setValue("value").setIssuedAt(System.currentTimeMillis()), zoneId);
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) TimeServiceImpl(org.cloudfoundry.identity.uaa.util.TimeServiceImpl) MultitenantJdbcClientDetailsService(org.cloudfoundry.identity.uaa.zone.MultitenantJdbcClientDetailsService) JdbcRevocableTokenProvisioning(org.cloudfoundry.identity.uaa.oauth.token.JdbcRevocableTokenProvisioning) JdbcPagingListFactory(org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory) UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) JdbcScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning) ScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning) JdbcScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) RevocableToken(org.cloudfoundry.identity.uaa.oauth.token.RevocableToken) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) IdentityZoneManager(org.cloudfoundry.identity.uaa.zone.beans.IdentityZoneManager) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 5 with ScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning in project uaa by cloudfoundry.

the class ResetPasswordControllerMockMvcTests method resetPassword_ReturnsUnprocessableEntity_NewPasswordNotAccordingToPolicy.

@Test
void resetPassword_ReturnsUnprocessableEntity_NewPasswordNotAccordingToPolicy() throws Exception {
    IdentityProvider<UaaIdentityProviderDefinition> uaaProvider = webApplicationContext.getBean(JdbcIdentityProviderProvisioning.class).retrieveByOrigin(UAA, IdentityZone.getUaaZoneId());
    UaaIdentityProviderDefinition currentDefinition = uaaProvider.getConfig();
    PasswordPolicy passwordPolicy = new PasswordPolicy();
    passwordPolicy.setMinLength(3);
    passwordPolicy.setMaxLength(20);
    uaaProvider.setConfig(new UaaIdentityProviderDefinition(passwordPolicy, null));
    webApplicationContext.getBean(JdbcIdentityProviderProvisioning.class).update(uaaProvider, uaaProvider.getIdentityZoneId());
    ScimUserProvisioning userProvisioning = webApplicationContext.getBean(ScimUserProvisioning.class);
    List<ScimUser> users = userProvisioning.query("username eq \"marissa\"", IdentityZoneHolder.get().getId());
    assertNotNull(users);
    assertEquals(1, users.size());
    ScimUser user = users.get(0);
    PasswordChange passwordChange = new PasswordChange(user.getId(), user.getUserName(), null, null, null);
    ExpiringCode code = codeStore.generateCode(JsonUtils.writeValueAsString(passwordChange), new Timestamp(System.currentTimeMillis() + UaaResetPasswordService.PASSWORD_RESET_LIFETIME), null, IdentityZoneHolder.get().getId());
    mockMvc.perform(createChangePasswordRequest(user, code, true, "d3faultPasswd", "d3faultPasswd"));
    code = codeStore.generateCode(JsonUtils.writeValueAsString(passwordChange), new Timestamp(System.currentTimeMillis() + UaaResetPasswordService.PASSWORD_RESET_LIFETIME), null, IdentityZoneHolder.get().getId());
    mockMvc.perform(createChangePasswordRequest(user, code, true, "a", "a")).andExpect(status().isUnprocessableEntity()).andExpect(request().attribute("message", equalTo("Password must be at least 3 characters in length."))).andExpect(forwardedUrl("/reset_password"));
    uaaProvider = webApplicationContext.getBean(JdbcIdentityProviderProvisioning.class).retrieveByOrigin(UAA, IdentityZone.getUaaZoneId());
    uaaProvider.setConfig(currentDefinition);
    webApplicationContext.getBean(JdbcIdentityProviderProvisioning.class).update(uaaProvider, uaaProvider.getIdentityZoneId());
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) UaaIdentityProviderDefinition(org.cloudfoundry.identity.uaa.provider.UaaIdentityProviderDefinition) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) PasswordChange(org.cloudfoundry.identity.uaa.scim.endpoints.PasswordChange) PasswordPolicy(org.cloudfoundry.identity.uaa.provider.PasswordPolicy) JdbcIdentityProviderProvisioning(org.cloudfoundry.identity.uaa.provider.JdbcIdentityProviderProvisioning) ScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning) Timestamp(java.sql.Timestamp) Test(org.junit.jupiter.api.Test)

Aggregations

ScimUserProvisioning (org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning)14 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)11 Test (org.junit.jupiter.api.Test)7 JdbcScimUserProvisioning (org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning)5 Timestamp (java.sql.Timestamp)4 ExpiringCode (org.cloudfoundry.identity.uaa.codestore.ExpiringCode)4 PasswordChange (org.cloudfoundry.identity.uaa.scim.endpoints.PasswordChange)4 Matchers.containsString (org.hamcrest.Matchers.containsString)4 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)3 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)3 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)3 UaaAuthenticationDetails (org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails)2 PasswordValidator (org.cloudfoundry.identity.uaa.scim.validate.PasswordValidator)2 IdentityZoneManager (org.cloudfoundry.identity.uaa.zone.beans.IdentityZoneManager)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 LinkedList (java.util.LinkedList)1 UaaChangePasswordService (org.cloudfoundry.identity.uaa.account.UaaChangePasswordService)1 UaaResetPasswordService (org.cloudfoundry.identity.uaa.account.UaaResetPasswordService)1