Search in sources :

Example 1 with MfaConfig

use of org.cloudfoundry.identity.uaa.zone.MfaConfig in project uaa by cloudfoundry.

the class UserGoogleMfaCredentialsProvisioningTest method setup.

@BeforeEach
void setup() {
    provisioner = new UserGoogleMfaCredentialsProvisioning();
    mfaProvider = new MfaProvider().setName("abc").setId("abc");
    otherMfaProvider = new MfaProvider().setName("abcd").setId("abcd");
    jdbcProvisioner = mock(JdbcUserGoogleMfaCredentialsProvisioning.class);
    provisioner.setJdbcProvisioner(jdbcProvisioner);
    MfaProviderProvisioning mfaProviderProvisioning = mock(MfaProviderProvisioning.class);
    provisioner.setMfaProviderProvisioning(mfaProviderProvisioning);
    when(mfaProviderProvisioning.retrieveByName(anyString(), anyString())).thenReturn(mfaProvider);
    IdentityZoneHolder.get().getConfig().setMfaConfig(new MfaConfig().setEnabled(true).setProviderName(mfaProvider.getName()));
}
Also used : MfaConfig(org.cloudfoundry.identity.uaa.zone.MfaConfig) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 2 with MfaConfig

use of org.cloudfoundry.identity.uaa.zone.MfaConfig in project uaa by cloudfoundry.

the class ScimUserEndpointsMockMvcTests method testDeleteMfaUserCredentials.

@Test
void testDeleteMfaUserCredentials() throws Exception {
    ScimUser user = createUser(uaaAdminToken);
    MfaProvider provider = createMfaProvider(IdentityZoneHolder.get().getId());
    IdentityZoneHolder.get().getConfig().setMfaConfig(new MfaConfig().setEnabled(true).setProviderName("mfaProvider"));
    UserGoogleMfaCredentials creds = new UserGoogleMfaCredentials(user.getId(), "ABCDEFGHIJKLMNOP", 1234, Collections.singletonList(123456)).setMfaProviderId(provider.getId());
    mfaCredentialsProvisioning.save(creds, IdentityZoneHolder.get().getId());
    assertNotNull(mfaCredentialsProvisioning.retrieve(user.getId(), provider.getId()));
    MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId() + "/mfa").header("Authorization", "Bearer " + uaaAdminToken).contentType(APPLICATION_JSON);
    mockMvc.perform(delete).andExpect(status().isOk());
    assertMfaCredentialsNotExisting(user, provider);
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) MfaProvider(org.cloudfoundry.identity.uaa.mfa.MfaProvider) MfaConfig(org.cloudfoundry.identity.uaa.zone.MfaConfig) UserGoogleMfaCredentials(org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) Test(org.junit.jupiter.api.Test)

Example 3 with MfaConfig

use of org.cloudfoundry.identity.uaa.zone.MfaConfig in project uaa by cloudfoundry.

the class ScimUserEndpointsTests method deleteMfaRegistration.

@Test
void deleteMfaRegistration() {
    identityZone.getConfig().setMfaConfig(new MfaConfig().setEnabled(true).setProviderName("mfaProvider"));
    scimUserEndpoints.deleteMfaRegistration(dale.getId());
    verify(mockJdbcUserGoogleMfaCredentialsProvisioning).delete(dale.getId());
}
Also used : MfaConfig(org.cloudfoundry.identity.uaa.zone.MfaConfig) Test(org.junit.jupiter.api.Test)

Example 4 with MfaConfig

use of org.cloudfoundry.identity.uaa.zone.MfaConfig in project uaa by cloudfoundry.

the class MfaProviderEndpoints method deleteMfaProviderById.

@RequestMapping(value = "{id}", method = DELETE)
public ResponseEntity<MfaProvider> deleteMfaProviderById(@PathVariable String id) {
    MfaProvider existing = mfaProviderProvisioning.retrieve(id, IdentityZoneHolder.get().getId());
    MfaConfig currentMfaConfig = IdentityZoneHolder.get().getConfig().getMfaConfig();
    if (currentMfaConfig.isEnabled() && currentMfaConfig.getProviderName().equals(existing.getName())) {
        throw new MfaAlreadyExistsException("MFA provider is currently active on zone: " + IdentityZoneHolder.get().getId() + ". Please deactivate it from the zone or set another MFA provider");
    }
    publisher.publishEvent(new EntityDeletedEvent<>(existing, SecurityContextHolder.getContext().getAuthentication(), IdentityZoneHolder.getCurrentZoneId()));
    return new ResponseEntity<>(existing, HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) MfaAlreadyExistsException(org.cloudfoundry.identity.uaa.mfa.exception.MfaAlreadyExistsException) MfaConfig(org.cloudfoundry.identity.uaa.zone.MfaConfig) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 5 with MfaConfig

use of org.cloudfoundry.identity.uaa.zone.MfaConfig in project uaa by cloudfoundry.

the class ScimUserEndpointsMockMvcTests method testDeleteMfaUserCredentialsUserDoesNotExist.

@Test
void testDeleteMfaUserCredentialsUserDoesNotExist() throws Exception {
    MfaProvider provider = createMfaProvider(IdentityZoneHolder.get().getId());
    IdentityZoneHolder.get().getConfig().setMfaConfig(new MfaConfig().setEnabled(true).setProviderName("mfaProvider"));
    String userId = "invalidUserId";
    MockHttpServletRequestBuilder delete = delete("/Users/" + userId + "/mfa").header("Authorization", "Bearer " + uaaAdminToken).contentType(APPLICATION_JSON);
    mockMvc.perform(delete).andExpect(status().isNotFound());
    try {
        mfaCredentialsProvisioning.retrieve(userId, provider.getId());
        fail();
    } catch (UserMfaConfigDoesNotExistException e) {
    // no op
    }
}
Also used : MfaProvider(org.cloudfoundry.identity.uaa.mfa.MfaProvider) MfaConfig(org.cloudfoundry.identity.uaa.zone.MfaConfig) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) UserMfaConfigDoesNotExistException(org.cloudfoundry.identity.uaa.mfa.exception.UserMfaConfigDoesNotExistException) Test(org.junit.jupiter.api.Test)

Aggregations

MfaConfig (org.cloudfoundry.identity.uaa.zone.MfaConfig)9 Test (org.junit.jupiter.api.Test)7 MfaProvider (org.cloudfoundry.identity.uaa.mfa.MfaProvider)5 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)5 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)4 UserGoogleMfaCredentials (org.cloudfoundry.identity.uaa.mfa.UserGoogleMfaCredentials)3 MfaAlreadyExistsException (org.cloudfoundry.identity.uaa.mfa.exception.MfaAlreadyExistsException)1 UserMfaConfigDoesNotExistException (org.cloudfoundry.identity.uaa.mfa.exception.UserMfaConfigDoesNotExistException)1 IdentityZone (org.cloudfoundry.identity.uaa.zone.IdentityZone)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 ResponseEntity (org.springframework.http.ResponseEntity)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1