Search in sources :

Example 1 with UaaUserPrototype

use of org.cloudfoundry.identity.uaa.user.UaaUserPrototype in project uaa by cloudfoundry.

the class TotpMfaEndpointTest method testEmptyOTP.

@Test
public void testEmptyOTP() throws Exception {
    when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
    when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
    when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
    IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
    SessionStatus sessionStatus = mock(SessionStatus.class);
    ModelAndView returnView = endpoint.validateCode(mock(Model.class), "", mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
    assertEquals("mfa/enter_code", returnView.getViewName());
    verifyZeroInteractions(sessionStatus);
    verifyMfaEvent(MfaAuthenticationFailureEvent.class);
}
Also used : UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) SessionStatus(org.springframework.web.bind.support.SessionStatus) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) ModelAndView(org.springframework.web.servlet.ModelAndView) Model(org.springframework.ui.Model) UaaUserPrototype(org.cloudfoundry.identity.uaa.user.UaaUserPrototype) Test(org.junit.Test)

Example 2 with UaaUserPrototype

use of org.cloudfoundry.identity.uaa.user.UaaUserPrototype in project uaa by cloudfoundry.

the class TotpMfaEndpointTest method testValidOTPActivatesUser.

@Test
public void testValidOTPActivatesUser() throws Exception {
    int code = 1234;
    when(userGoogleMfaCredentialsProvisioning.isValidCode(ArgumentMatchers.any(UserGoogleMfaCredentials.class), eq(code))).thenReturn(true);
    when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
    when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
    when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
    IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
    SessionStatus sessionStatus = mock(SessionStatus.class);
    endpoint.validateCode(mock(Model.class), Integer.toString(code), mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
    verify(userGoogleMfaCredentialsProvisioning).saveUserCredentials(ArgumentMatchers.any(UserGoogleMfaCredentials.class));
    verify(sessionStatus).setComplete();
    verifyMfaEvent(MfaAuthenticationSuccessEvent.class);
}
Also used : UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) SessionStatus(org.springframework.web.bind.support.SessionStatus) Model(org.springframework.ui.Model) UaaUserPrototype(org.cloudfoundry.identity.uaa.user.UaaUserPrototype) Test(org.junit.Test)

Example 3 with UaaUserPrototype

use of org.cloudfoundry.identity.uaa.user.UaaUserPrototype in project uaa by cloudfoundry.

the class TotpMfaEndpointTest method testValidOTPReturnsErrorWhenLockedOut.

@Test
public void testValidOTPReturnsErrorWhenLockedOut() throws Exception {
    exception.expect(AuthenticationPolicyRejectionException.class);
    int code = 1234;
    when(mockMfaPolicy.isAllowed(anyString())).thenReturn(new LoginPolicy.Result(false, 0));
    when(userGoogleMfaCredentialsProvisioning.isValidCode(ArgumentMatchers.any(UserGoogleMfaCredentials.class), eq(code))).thenReturn(true);
    when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
    when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
    when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
    IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
    SessionStatus sessionStatus = mock(SessionStatus.class);
    endpoint.validateCode(mock(Model.class), Integer.toString(code), mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
    verifyZeroInteractions(sessionStatus);
    verifyMfaEvent(MfaAuthenticationFailureEvent.class);
}
Also used : UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) SessionStatus(org.springframework.web.bind.support.SessionStatus) Model(org.springframework.ui.Model) CommonLoginPolicy(org.cloudfoundry.identity.uaa.authentication.manager.CommonLoginPolicy) LoginPolicy(org.cloudfoundry.identity.uaa.authentication.manager.LoginPolicy) UaaUserPrototype(org.cloudfoundry.identity.uaa.user.UaaUserPrototype) Test(org.junit.Test)

Example 4 with UaaUserPrototype

use of org.cloudfoundry.identity.uaa.user.UaaUserPrototype in project uaa by cloudfoundry.

the class TotpMfaEndpointTest method testValidOTPTakesToHomePage.

@Test
public void testValidOTPTakesToHomePage() throws Exception {
    int code = 1234;
    when(userGoogleMfaCredentialsProvisioning.isValidCode(ArgumentMatchers.any(UserGoogleMfaCredentials.class), eq(code))).thenReturn(true);
    when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
    when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
    when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
    IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
    SessionStatus sessionStatus = mock(SessionStatus.class);
    ModelAndView returnView = endpoint.validateCode(mock(Model.class), Integer.toString(code), mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
    assertEquals("/login/mfa/completed", ((RedirectView) returnView.getView()).getUrl());
    verify(sessionStatus, times(1)).setComplete();
    verifyMfaEvent(MfaAuthenticationSuccessEvent.class);
}
Also used : UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) SessionStatus(org.springframework.web.bind.support.SessionStatus) ModelAndView(org.springframework.web.servlet.ModelAndView) Model(org.springframework.ui.Model) UaaUserPrototype(org.cloudfoundry.identity.uaa.user.UaaUserPrototype) Test(org.junit.Test)

Example 5 with UaaUserPrototype

use of org.cloudfoundry.identity.uaa.user.UaaUserPrototype in project uaa by cloudfoundry.

the class TotpMfaEndpointTest method testNonNumericOTP.

@Test
public void testNonNumericOTP() throws Exception {
    when(uaaAuthentication.getPrincipal()).thenReturn(new UaaPrincipal(userId, "Marissa", null, "uaa", null, null), null, null);
    when(mfaProviderProvisioning.retrieveByName(mfaProvider.getName(), IdentityZoneHolder.get().getId())).thenReturn(mfaProvider);
    when(userDb.retrieveUserByName("Marissa", "uaa")).thenReturn(new UaaUser(new UaaUserPrototype().withUsername("Marissa").withOrigin("uaa").withId("1234").withEmail("marissa@example.com")));
    IdentityZoneHolder.get().getConfig().getMfaConfig().setEnabled(true).setProviderName(mfaProvider.getName());
    SessionStatus sessionStatus = mock(SessionStatus.class);
    ModelAndView returnView = endpoint.validateCode(mock(Model.class), "asdf123", mock(UserGoogleMfaCredentials.class), new MockHttpServletRequest(), sessionStatus);
    assertEquals("mfa/enter_code", returnView.getViewName());
    verifyZeroInteractions(sessionStatus);
    verifyMfaEvent(MfaAuthenticationFailureEvent.class);
}
Also used : UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UaaUser(org.cloudfoundry.identity.uaa.user.UaaUser) SessionStatus(org.springframework.web.bind.support.SessionStatus) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) ModelAndView(org.springframework.web.servlet.ModelAndView) Model(org.springframework.ui.Model) UaaUserPrototype(org.cloudfoundry.identity.uaa.user.UaaUserPrototype) Test(org.junit.Test)

Aggregations

UaaUser (org.cloudfoundry.identity.uaa.user.UaaUser)26 UaaUserPrototype (org.cloudfoundry.identity.uaa.user.UaaUserPrototype)26 Test (org.junit.Test)11 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)9 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)8 UserGoogleMfaCredentials (org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials)7 Model (org.springframework.ui.Model)7 SessionStatus (org.springframework.web.bind.support.SessionStatus)7 Test (org.junit.jupiter.api.Test)6 ModelAndView (org.springframework.web.servlet.ModelAndView)5 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)4 UaaUserDatabase (org.cloudfoundry.identity.uaa.user.UaaUserDatabase)3 TimeService (org.cloudfoundry.identity.uaa.util.TimeService)3 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)3 Date (java.util.Date)2 ApprovalService (org.cloudfoundry.identity.uaa.approval.ApprovalService)2 CommonLoginPolicy (org.cloudfoundry.identity.uaa.authentication.manager.CommonLoginPolicy)2 Mailable (org.cloudfoundry.identity.uaa.user.Mailable)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)2