Search in sources :

Example 1 with JdbcScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning in project uaa by cloudfoundry.

the class ScimGroupBootstrapTests method initScimGroupBootstrapTests.

@BeforeEach
void initScimGroupBootstrapTests() {
    JdbcTemplate template = jdbcTemplate;
    JdbcPagingListFactory pagingListFactory = new JdbcPagingListFactory(template, limitSqlAdapter);
    gDB = new JdbcScimGroupProvisioning(template, pagingListFactory);
    uDB = new JdbcScimUserProvisioning(template, pagingListFactory, passwordEncoder);
    mDB = new JdbcScimGroupMembershipManager(template, new TimeServiceImpl(), uDB, null);
    mDB.setScimGroupProvisioning(gDB);
    uDB.deleteByIdentityZone(IdentityZone.getUaaZoneId());
    gDB.deleteByIdentityZone(IdentityZone.getUaaZoneId());
    uDB.createUser(TestUtils.scimUserInstance("dev1"), "test", IdentityZone.getUaaZoneId());
    uDB.createUser(TestUtils.scimUserInstance("dev2"), "test", IdentityZone.getUaaZoneId());
    uDB.createUser(TestUtils.scimUserInstance("dev3"), "test", IdentityZone.getUaaZoneId());
    uDB.createUser(TestUtils.scimUserInstance("qa1"), "test", IdentityZone.getUaaZoneId());
    uDB.createUser(TestUtils.scimUserInstance("qa2"), "test", IdentityZone.getUaaZoneId());
    uDB.createUser(TestUtils.scimUserInstance("mgr1"), "test", IdentityZone.getUaaZoneId());
    uDB.createUser(TestUtils.scimUserInstance("hr1"), "test", IdentityZone.getUaaZoneId());
    assertEquals(7, uDB.retrieveAll(IdentityZone.getUaaZoneId()).size());
    assertEquals(0, gDB.retrieveAll(IdentityZone.getUaaZoneId()).size());
    bootstrap = new ScimGroupBootstrap(gDB, uDB, mDB);
}
Also used : TimeServiceImpl(org.cloudfoundry.identity.uaa.util.TimeServiceImpl) JdbcPagingListFactory(org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory) JdbcScimGroupMembershipManager(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupMembershipManager) JdbcScimGroupProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupProvisioning) JdbcScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning) JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 2 with JdbcScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning in project uaa by cloudfoundry.

the class ScimUserBootstrapTests method init.

@BeforeEach
void init() {
    JdbcPagingListFactory pagingListFactory = new JdbcPagingListFactory(jdbcTemplate, LimitSqlAdapterFactory.getLimitSqlAdapter());
    jdbcScimUserProvisioning = spy(new JdbcScimUserProvisioning(jdbcTemplate, pagingListFactory, passwordEncoder));
    jdbcScimGroupProvisioning = new JdbcScimGroupProvisioning(jdbcTemplate, pagingListFactory);
    jdbcScimGroupMembershipManager = new JdbcScimGroupMembershipManager(jdbcTemplate, new TimeServiceImpl(), jdbcScimUserProvisioning, null);
    jdbcScimGroupMembershipManager.setScimGroupProvisioning(jdbcScimGroupProvisioning);
    scimUserEndpoints = new ScimUserEndpoints(new IdentityZoneManagerImpl(), new IsSelfCheck(null), jdbcScimUserProvisioning, null, null, null, null, null, null, null, jdbcScimGroupMembershipManager, 5);
    IdentityZoneHolder.get().getConfig().getUserConfig().setDefaultGroups(emptyList());
}
Also used : TimeServiceImpl(org.cloudfoundry.identity.uaa.util.TimeServiceImpl) JdbcPagingListFactory(org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory) JdbcScimGroupMembershipManager(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupMembershipManager) IdentityZoneManagerImpl(org.cloudfoundry.identity.uaa.zone.beans.IdentityZoneManagerImpl) JdbcScimGroupProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupProvisioning) IsSelfCheck(org.cloudfoundry.identity.uaa.security.IsSelfCheck) JdbcScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning) ScimUserEndpoints(org.cloudfoundry.identity.uaa.scim.endpoints.ScimUserEndpoints) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 3 with JdbcScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning in project uaa by cloudfoundry.

the class PasswordChangeEndpointTests method setup.

@BeforeEach
void setup(@Autowired JdbcTemplate jdbcTemplate) {
    jdbcScimUserProvisioning = new JdbcScimUserProvisioning(jdbcTemplate, new JdbcPagingListFactory(jdbcTemplate, LimitSqlAdapterFactory.getLimitSqlAdapter()), passwordEncoder);
    final RandomValueStringGenerator generator = new RandomValueStringGenerator();
    final String currentIdentityZoneId = "currentIdentityZoneId-" + generator.generate();
    mockIdentityZoneManager = mock(IdentityZoneManager.class);
    when(mockIdentityZoneManager.getCurrentIdentityZoneId()).thenReturn(currentIdentityZoneId);
    mockPasswordValidator = mock(PasswordValidator.class);
    mockSecurityContextAccessor = mock(SecurityContextAccessor.class);
    passwordChangeEndpoint = new PasswordChangeEndpoint(mockIdentityZoneManager, mockPasswordValidator, jdbcScimUserProvisioning, mockSecurityContextAccessor);
    joel = new ScimUser(null, "jdsa", "Joel", "D'sa");
    joel.addEmail("jdsa@vmware.com");
    dale = new ScimUser(null, "olds", "Dale", "Olds");
    dale.addEmail("olds@vmware.com");
    joel = jdbcScimUserProvisioning.createUser(joel, "password", currentIdentityZoneId);
    dale = jdbcScimUserProvisioning.createUser(dale, "password", currentIdentityZoneId);
    when(mockSecurityContextAccessor.getUserId()).thenReturn(joel.getId());
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) JdbcPagingListFactory(org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory) PasswordValidator(org.cloudfoundry.identity.uaa.scim.validate.PasswordValidator) JdbcScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning) SecurityContextAccessor(org.cloudfoundry.identity.uaa.security.beans.SecurityContextAccessor) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) IdentityZoneManager(org.cloudfoundry.identity.uaa.zone.beans.IdentityZoneManager) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 4 with JdbcScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning in project uaa by cloudfoundry.

the class LoginSamlAuthenticationProviderTests method configureProvider.

@BeforeEach
void configureProvider() throws SAMLException, SecurityException, DecryptionException, ValidationException {
    identityZoneManager = new IdentityZoneManagerImpl();
    RequestContextHolder.resetRequestAttributes();
    MockHttpServletRequest request = new MockHttpServletRequest(mock(ServletContext.class));
    MockHttpServletResponse response = new MockHttpServletResponse();
    ServletWebRequest servletWebRequest = new ServletWebRequest(request, response);
    RequestContextHolder.setRequestAttributes(servletWebRequest);
    ScimGroupProvisioning groupProvisioning = new JdbcScimGroupProvisioning(jdbcTemplate, new JdbcPagingListFactory(jdbcTemplate, limitSqlAdapter));
    identityZoneManager.getCurrentIdentityZone().getConfig().getUserConfig().setDefaultGroups(Collections.singletonList("uaa.user"));
    groupProvisioning.createOrGet(new ScimGroup(null, "uaa.user", identityZoneManager.getCurrentIdentityZone().getId()), identityZoneManager.getCurrentIdentityZone().getId());
    providerDefinition = new SamlIdentityProviderDefinition();
    userProvisioning = new JdbcScimUserProvisioning(jdbcTemplate, new JdbcPagingListFactory(jdbcTemplate, limitSqlAdapter), passwordEncoder);
    uaaSamlUser = groupProvisioning.create(new ScimGroup(null, UAA_SAML_USER, IdentityZone.getUaaZoneId()), identityZoneManager.getCurrentIdentityZone().getId());
    uaaSamlAdmin = groupProvisioning.create(new ScimGroup(null, UAA_SAML_ADMIN, IdentityZone.getUaaZoneId()), identityZoneManager.getCurrentIdentityZone().getId());
    ScimGroup uaaSamlTest = groupProvisioning.create(new ScimGroup(null, UAA_SAML_TEST, IdentityZone.getUaaZoneId()), identityZoneManager.getCurrentIdentityZone().getId());
    JdbcScimGroupMembershipManager membershipManager = new JdbcScimGroupMembershipManager(jdbcTemplate, new TimeServiceImpl(), userProvisioning, null);
    membershipManager.setScimGroupProvisioning(groupProvisioning);
    ScimUserBootstrap bootstrap = new ScimUserBootstrap(userProvisioning, groupProvisioning, membershipManager, Collections.emptyList(), false, Collections.emptyList());
    externalManager = new JdbcScimGroupExternalMembershipManager(jdbcTemplate);
    externalManager.setScimGroupProvisioning(groupProvisioning);
    externalManager.mapExternalGroup(uaaSamlUser.getId(), SAML_USER, OriginKeys.SAML, identityZoneManager.getCurrentIdentityZone().getId());
    externalManager.mapExternalGroup(uaaSamlAdmin.getId(), SAML_ADMIN, OriginKeys.SAML, identityZoneManager.getCurrentIdentityZone().getId());
    externalManager.mapExternalGroup(uaaSamlTest.getId(), SAML_TEST, OriginKeys.SAML, identityZoneManager.getCurrentIdentityZone().getId());
    consumer = mock(WebSSOProfileConsumer.class);
    SAMLCredential credential = getUserCredential("marissa-saml", "Marissa", "Bloggs", "marissa.bloggs@test.com", "1234567890");
    when(consumer.processAuthenticationResponse(any())).thenReturn(credential);
    TimeService timeService = mock(TimeService.class);
    userDatabase = new JdbcUaaUserDatabase(jdbcTemplate, timeService, false, identityZoneManager);
    providerProvisioning = new JdbcIdentityProviderProvisioning(jdbcTemplate);
    publisher = new CreateUserPublisher(bootstrap);
    authprovider = new LoginSamlAuthenticationProvider(identityZoneManager, userDatabase, providerProvisioning, externalManager);
    authprovider.setApplicationEventPublisher(publisher);
    authprovider.setConsumer(consumer);
    authprovider.setSamlLogger(samlLogger);
    provider = new IdentityProvider();
    provider.setIdentityZoneId(IdentityZone.getUaaZoneId());
    provider.setOriginKey(OriginKeys.SAML);
    provider.setName("saml-test");
    provider.setActive(true);
    provider.setType(OriginKeys.SAML);
    providerDefinition.setMetaDataLocation(String.format(IDP_META_DATA, OriginKeys.SAML));
    providerDefinition.setIdpEntityAlias(OriginKeys.SAML);
    provider.setConfig(providerDefinition);
    provider = providerProvisioning.create(provider, identityZoneManager.getCurrentIdentityZone().getId());
}
Also used : JdbcScimGroupExternalMembershipManager(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupExternalMembershipManager) TimeServiceImpl(org.cloudfoundry.identity.uaa.util.TimeServiceImpl) JdbcPagingListFactory(org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory) JdbcUaaUserDatabase(org.cloudfoundry.identity.uaa.user.JdbcUaaUserDatabase) JdbcScimGroupMembershipManager(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupMembershipManager) IdentityZoneManagerImpl(org.cloudfoundry.identity.uaa.zone.beans.IdentityZoneManagerImpl) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) JdbcScimGroupProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupProvisioning) TimeService(org.cloudfoundry.identity.uaa.util.TimeService) JdbcScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning) IdentityProvider(org.cloudfoundry.identity.uaa.provider.IdentityProvider) ScimGroupProvisioning(org.cloudfoundry.identity.uaa.scim.ScimGroupProvisioning) JdbcScimGroupProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupProvisioning) JdbcIdentityProviderProvisioning(org.cloudfoundry.identity.uaa.provider.JdbcIdentityProviderProvisioning) WebSSOProfileConsumer(org.springframework.security.saml.websso.WebSSOProfileConsumer) ScimUserBootstrap(org.cloudfoundry.identity.uaa.scim.bootstrap.ScimUserBootstrap) SAMLCredential(org.springframework.security.saml.SAMLCredential) SamlIdentityProviderDefinition(org.cloudfoundry.identity.uaa.provider.SamlIdentityProviderDefinition) ServletContext(javax.servlet.ServletContext) ScimGroup(org.cloudfoundry.identity.uaa.scim.ScimGroup) ServletWebRequest(org.springframework.web.context.request.ServletWebRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 5 with JdbcScimUserProvisioning

use of org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning in project uaa by cloudfoundry.

the class SamlTestUtils method mockSsoWebProfileImpl.

private static IdpWebSsoProfileImpl mockSsoWebProfileImpl() {
    IdpWebSsoProfileImpl profile = new IdpWebSsoProfileImpl();
    JdbcScimUserProvisioning scimUserProvisioning = mock(JdbcScimUserProvisioning.class);
    profile.setScimUserProvisioning(scimUserProvisioning);
    JdbcSamlServiceProviderProvisioning samlServiceProviderProvisioning = mock(JdbcSamlServiceProviderProvisioning.class);
    profile.setSamlServiceProviderProvisioning(samlServiceProviderProvisioning);
    ScimUser user = new ScimUser(null, "johndoe", "John", "Doe");
    SamlServiceProvider samlServiceProvider = new SamlServiceProvider();
    SamlServiceProviderDefinition config = new SamlServiceProviderDefinition();
    config.setAttributeMappings(new HashMap<>());
    samlServiceProvider.setConfig(config);
    when(scimUserProvisioning.retrieve(anyString(), anyString())).thenReturn(user);
    when(samlServiceProviderProvisioning.retrieveByEntityId(any(), any())).thenReturn(samlServiceProvider);
    profile.setScimUserProvisioning(scimUserProvisioning);
    profile.setSamlServiceProviderProvisioning(samlServiceProviderProvisioning);
    return profile;
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) JdbcScimUserProvisioning(org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning)

Aggregations

JdbcScimUserProvisioning (org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimUserProvisioning)9 JdbcPagingListFactory (org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory)5 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)5 BeforeEach (org.junit.jupiter.api.BeforeEach)5 TimeServiceImpl (org.cloudfoundry.identity.uaa.util.TimeServiceImpl)4 ScimUserProvisioning (org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning)3 JdbcScimGroupMembershipManager (org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupMembershipManager)3 JdbcScimGroupProvisioning (org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupProvisioning)3 Test (org.junit.jupiter.api.Test)3 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)2 IdentityZoneManager (org.cloudfoundry.identity.uaa.zone.beans.IdentityZoneManager)2 IdentityZoneManagerImpl (org.cloudfoundry.identity.uaa.zone.beans.IdentityZoneManagerImpl)2 Matchers.containsString (org.hamcrest.Matchers.containsString)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)2 ServletContext (javax.servlet.ServletContext)1 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)1 UaaAuthenticationDetails (org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails)1 JdbcExpiringCodeStore (org.cloudfoundry.identity.uaa.codestore.JdbcExpiringCodeStore)1