Example 56 with Client
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class JpaJaxbClientAdapterTest method toEntityTest.
@Test
public void toEntityTest() {
Client client = getClient();
ClientDetailsEntity entity = adapter.toEntity(client);
ClientDetailsEntity toCompare = getClientDetailsEntity();
// Configuration values should be the default
assertFalse(entity.isPersistentTokensEnabled());
assertNull(entity.getAuthenticationProviderId());
assertEquals(toCompare.getClientDescription(), entity.getClientDescription());
assertEquals(toCompare.getClientId(), entity.getClientId());
assertEquals(toCompare.getClientName(), entity.getClientName());
assertEquals(toCompare.getClientRegisteredRedirectUris(), entity.getClientRegisteredRedirectUris());
assertEquals(toCompare.getClientWebsite(), entity.getClientWebsite());
assertEquals(toCompare.isAllowAutoDeprecate(), entity.isAllowAutoDeprecate());
assertFalse(entity.isPersistentTokensEnabled());
assertNull(entity.getClientType());
assertNull(entity.getAuthenticationProviderId());
assertNull(entity.getEmailAccessReason());
assertNull(entity.getGroupProfileId());
assertNull(entity.getClientSecrets());
assertEquals(Collections.EMPTY_SET, entity.getClientAuthorizedGrantTypes());
assertEquals(Collections.EMPTY_SET, entity.getClientResourceIds());
assertEquals(Collections.EMPTY_SET, entity.getClientScopes());
assertEquals(Collections.EMPTY_SET, entity.getCustomEmails());
assertEquals(Collections.EMPTY_LIST, entity.getClientGrantedAuthorities());
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
Client(org.orcid.jaxb.model.v3.dev1.client.Client)
Test(org.junit.Test)
Example 57 with Client
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class OrcidSecurityManagerImpl method checkAndFilter.
/**
* Check the permissions of a request over an element. Private
* implementation that will also include a parameter that indicates if we
* should check the token or, if it was already checked previously
*
* @param orcid
* The user owner of the element
* @param element
* The element to check
* @param requiredScope
* The required scope to access this element
* @param tokenAlreadyChecked
* Indicates if the token was already checked previously, so, we
* don't expend time checking it again
* @throws OrcidUnauthorizedException
* In case the token used was not issued for the owner of the
* element
* @throws OrcidAccessControlException
* In case the request doesn't have the required scopes
* @throws OrcidVisibilityException
* In case the element is not visible due the visibility
*/
private void checkAndFilter(String orcid, VisibilityType element, ScopePathType requiredScope, boolean tokenAlreadyChecked) {
if (element == null) {
return;
}
// Check the token was issued for this user
if (!tokenAlreadyChecked) {
isMyToken(orcid);
}
// Check if the client is the source of the element
if (element instanceof Filterable) {
Filterable filterable = (Filterable) element;
OAuth2Authentication oAuth2Authentication = getOAuth2Authentication();
if (oAuth2Authentication != null) {
OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
String clientId = authorizationRequest.getClientId();
if (clientId.equals(filterable.retrieveSourcePath())) {
// The client doing the request is the source of the element
return;
}
}
}
// /read-public scope
if (Visibility.PUBLIC.equals(element.getVisibility())) {
try {
checkScopes(ScopePathType.READ_PUBLIC);
// can return it
return;
} catch (OrcidAccessControlException e) {
// Just continue filtering
}
}
// Filter
filter(element, requiredScope);
}
Also used :
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
Filterable(org.orcid.jaxb.model.v3.dev1.common.Filterable)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException)
Example 58 with Client
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class MemberV3ApiServiceDelegator_GeneralTest method testOrcidProfileCreate_CANT_UpdateOnClaimedAccounts.
@Test
public void testOrcidProfileCreate_CANT_UpdateOnClaimedAccounts() {
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
Response response = serviceDelegator.viewAddress(ORCID, 9L);
assertNotNull(response);
Address a = (Address) response.getEntity();
assertNotNull(a);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateAddress(ORCID, a.getPutCode(), a);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewEducation(ORCID, 20L);
assertNotNull(response);
Education edu = (Education) response.getEntity();
assertNotNull(edu);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateEducation(ORCID, edu.getPutCode(), edu);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewEmployment(ORCID, 17L);
assertNotNull(response);
Employment emp = (Employment) response.getEntity();
assertNotNull(emp);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateEmployment(ORCID, emp.getPutCode(), emp);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewExternalIdentifier(ORCID, 13L);
assertNotNull(response);
PersonExternalIdentifier extId = (PersonExternalIdentifier) response.getEntity();
assertNotNull(extId);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateExternalIdentifier(ORCID, extId.getPutCode(), extId);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewFunding(ORCID, 10L);
assertNotNull(response);
Funding f = (Funding) response.getEntity();
assertNotNull(f);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateFunding(ORCID, f.getPutCode(), f);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewKeyword(ORCID, 9L);
assertNotNull(response);
Keyword k = (Keyword) response.getEntity();
assertNotNull(k);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateKeyword(ORCID, k.getPutCode(), k);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewOtherName(ORCID, 13L);
assertNotNull(response);
OtherName o = (OtherName) response.getEntity();
assertNotNull(o);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateOtherName(ORCID, o.getPutCode(), o);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewPeerReview(ORCID, 9L);
assertNotNull(response);
PeerReview p = (PeerReview) response.getEntity();
assertNotNull(p);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updatePeerReview(ORCID, p.getPutCode(), p);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewResearcherUrl(ORCID, 13L);
assertNotNull(response);
ResearcherUrl r = (ResearcherUrl) response.getEntity();
assertNotNull(r);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateResearcherUrl(ORCID, r.getPutCode(), r);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewWork(ORCID, 11L);
assertNotNull(response);
Work w = (Work) response.getEntity();
assertNotNull(w);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateWork(ORCID, w.getPutCode(), w);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
}
Also used :
Response(javax.ws.rs.core.Response)
Address(org.orcid.jaxb.model.v3.dev1.record.Address)
Keyword(org.orcid.jaxb.model.v3.dev1.record.Keyword)
Education(org.orcid.jaxb.model.v3.dev1.record.Education)
Employment(org.orcid.jaxb.model.v3.dev1.record.Employment)
Funding(org.orcid.jaxb.model.v3.dev1.record.Funding)
OtherName(org.orcid.jaxb.model.v3.dev1.record.OtherName)
Work(org.orcid.jaxb.model.v3.dev1.record.Work)
ResearcherUrl(org.orcid.jaxb.model.v3.dev1.record.ResearcherUrl)
PersonExternalIdentifier(org.orcid.jaxb.model.v3.dev1.record.PersonExternalIdentifier)
PeerReview(org.orcid.jaxb.model.v3.dev1.record.PeerReview)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Example 59 with Client
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class NotificationsApiServiceDelegatorImpl method findPermissionNotifications.
@Override
@AccessControl(requiredScope = ScopePathType.PREMIUM_NOTIFICATION)
public Response findPermissionNotifications(String orcid) {
// Get the client profile information
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String clientId = null;
if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
clientId = authorizationRequest.getClientId();
}
NotificationPermissions notifications = notificationManager.findPermissionsByOrcidAndClient(orcid, clientId, 0, MAX_NOTIFICATIONS_AVAILABLE);
return Response.ok(notifications).build();
}
Also used :
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
NotificationPermissions(org.orcid.jaxb.model.v3.dev1.notification.permission.NotificationPermissions)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
AccessControl(org.orcid.core.security.visibility.aop.AccessControl)
Example 60 with Client
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class NotificationManagerTest method testFindPermissionsByOrcidAndClient.
/**
* Test independent of spring context, sets up NotificationManager with
* mocked notifiation dao and notification adapter
*/
@Test
public void testFindPermissionsByOrcidAndClient() {
List<Notification> notificationPermissions = IntStream.range(0, 10).mapToObj(i -> new NotificationPermission()).collect(Collectors.toList());
NotificationDao notificationDao = mock(NotificationDaoImpl.class);
JpaJaxbNotificationAdapter adapter = mock(JpaJaxbNotificationAdapterImpl.class);
when(notificationDao.findPermissionsByOrcidAndClient(anyString(), anyString(), anyInt(), anyInt())).thenReturn(new ArrayList<NotificationEntity>());
when(adapter.toNotification(Matchers.<ArrayList<NotificationEntity>>any())).thenReturn(notificationPermissions);
NotificationManager notificationManager = new NotificationManagerImpl();
ReflectionTestUtils.setField(notificationManager, "notificationAdapter", adapter);
ReflectionTestUtils.setField(notificationManager, "notificationDao", notificationDao);
NotificationPermissions notifications = notificationManager.findPermissionsByOrcidAndClient("some-orcid", "some-client", 0, OrcidApiConstants.MAX_NOTIFICATIONS_AVAILABLE);
assertEquals(notificationPermissions.size(), notifications.getNotifications().size());
}
Also used :
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
Notification(org.orcid.jaxb.model.v3.dev1.notification.Notification)
Arrays(java.util.Arrays)
Locale(org.orcid.jaxb.model.v3.dev1.common.Locale)
TargetProxyHelper(org.orcid.test.TargetProxyHelper)
Date(java.util.Date)
OrcidJUnit4ClassRunner(org.orcid.test.OrcidJUnit4ClassRunner)
URISyntaxException(java.net.URISyntaxException)
ProfileEventEntity(org.orcid.persistence.jpa.entities.ProfileEventEntity)
RecordNameEntity(org.orcid.persistence.jpa.entities.RecordNameEntity)
DBUnitTest(org.orcid.test.DBUnitTest)
Assert.assertThat(org.junit.Assert.assertThat)
NotificationType(org.orcid.jaxb.model.v3.dev1.notification.NotificationType)
MockitoAnnotations(org.mockito.MockitoAnnotations)
Pair(org.apache.commons.lang3.tuple.Pair)
ProfileDao(org.orcid.persistence.dao.ProfileDao)
NotificationDao(org.orcid.persistence.dao.NotificationDao)
After(org.junit.After)
ProfileEntityCacheManager(org.orcid.core.manager.ProfileEntityCacheManager)
NotificationInstitutionalConnection(org.orcid.model.v3.dev1.notification.institutional_sign_in.NotificationInstitutionalConnection)
AfterClass(org.junit.AfterClass)
OrcidProfile(org.orcid.jaxb.model.message.OrcidProfile)
Resource(javax.annotation.Resource)
EncryptionManager(org.orcid.core.manager.EncryptionManager)
OrcidOauth2TokenDetailService(org.orcid.core.oauth.OrcidOauth2TokenDetailService)
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
JAXBException(javax.xml.bind.JAXBException)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
NotificationEntity(org.orcid.persistence.jpa.entities.NotificationEntity)
List(java.util.List)
Email(org.orcid.jaxb.model.v3.dev1.record.Email)
EmailEntity(org.orcid.persistence.jpa.entities.EmailEntity)
Source(org.orcid.jaxb.model.v3.dev1.common.Source)
JpaJaxbNotificationAdapterImpl(org.orcid.core.adapter.v3.impl.JpaJaxbNotificationAdapterImpl)
NotificationDaoImpl(org.orcid.persistence.dao.impl.NotificationDaoImpl)
GenericDao(org.orcid.persistence.dao.GenericDao)
NotificationManagerImpl(org.orcid.core.manager.v3.impl.NotificationManagerImpl)
Mockito.mock(org.mockito.Mockito.mock)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
IntStream(java.util.stream.IntStream)
NotificationCustomEntity(org.orcid.persistence.jpa.entities.NotificationCustomEntity)
CoreMatchers.anyOf(org.hamcrest.CoreMatchers.anyOf)
BeforeClass(org.junit.BeforeClass)
NotificationPermissions(org.orcid.jaxb.model.v3.dev1.notification.permission.NotificationPermissions)
Matchers(org.mockito.Matchers)
Mock(org.mockito.Mock)
CoreMatchers.not(org.hamcrest.CoreMatchers.not)
RunWith(org.junit.runner.RunWith)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
NotificationPermission(org.orcid.jaxb.model.v3.dev1.notification.permission.NotificationPermission)
MailGunManager(org.orcid.core.manager.impl.MailGunManager)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Answer(org.mockito.stubbing.Answer)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
NotificationCustom(org.orcid.jaxb.model.v3.dev1.notification.custom.NotificationCustom)
EmailEventEntity(org.orcid.persistence.jpa.entities.EmailEventEntity)
ArgumentMatchers.anyInt(org.mockito.ArgumentMatchers.anyInt)
JAXBContext(javax.xml.bind.JAXBContext)
IntFunction(java.util.function.IntFunction)
Before(org.junit.Before)
Unmarshaller(javax.xml.bind.Unmarshaller)
SourceEntity(org.orcid.persistence.jpa.entities.SourceEntity)
CollectionUtils(org.springframework.cglib.core.CollectionUtils)
OrcidMessage(org.orcid.jaxb.model.message.OrcidMessage)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
AmendedSection(org.orcid.jaxb.model.v3.dev1.notification.amended.AmendedSection)
Assert.assertTrue(org.junit.Assert.assertTrue)
ReflectionTestUtils(org.springframework.test.util.ReflectionTestUtils)
Mockito.times(org.mockito.Mockito.times)
IOException(java.io.IOException)
Test(org.junit.Test)
ClientDetailsDao(org.orcid.persistence.dao.ClientDetailsDao)
Mockito.when(org.mockito.Mockito.when)
LocalDateTime(org.joda.time.LocalDateTime)
OrcidApiConstants(org.orcid.core.api.OrcidApiConstants)
Mockito.verify(org.mockito.Mockito.verify)
Mockito(org.mockito.Mockito)
Mockito.never(org.mockito.Mockito.never)
EmailEventType(org.orcid.persistence.jpa.entities.EmailEventType)
ContextConfiguration(org.springframework.test.context.ContextConfiguration)
SecurityQuestionEntity(org.orcid.persistence.jpa.entities.SecurityQuestionEntity)
Collections(java.util.Collections)
Assert.assertEquals(org.junit.Assert.assertEquals)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
JpaJaxbNotificationAdapter(org.orcid.core.adapter.v3.JpaJaxbNotificationAdapter)
Transactional(org.springframework.transaction.annotation.Transactional)
NotificationDao(org.orcid.persistence.dao.NotificationDao)
JpaJaxbNotificationAdapter(org.orcid.core.adapter.v3.JpaJaxbNotificationAdapter)
NotificationPermissions(org.orcid.jaxb.model.v3.dev1.notification.permission.NotificationPermissions)
NotificationPermission(org.orcid.jaxb.model.v3.dev1.notification.permission.NotificationPermission)
NotificationEntity(org.orcid.persistence.jpa.entities.NotificationEntity)
Notification(org.orcid.jaxb.model.v3.dev1.notification.Notification)
NotificationManagerImpl(org.orcid.core.manager.v3.impl.NotificationManagerImpl)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Aggregations
Client (org.powerbot.bot.rt4.client.Client)36
Client (org.powerbot.bot.rt6.client.Client)33
Point (java.awt.Point)25
ArrayList (java.util.ArrayList)18
Test (org.junit.Test)17
Client (org.orcid.jaxb.model.v3.dev1.client.Client)11
ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)9
Tile (org.powerbot.script.Tile)8
HashSet (java.util.HashSet)6
ClientRedirectUri (org.orcid.jaxb.model.v3.dev1.client.ClientRedirectUri)5
Rectangle (java.awt.Rectangle)4
ClientSummary (org.orcid.jaxb.model.v3.dev1.client.ClientSummary)4
DBUnitTest (org.orcid.test.DBUnitTest)4
Reflector (org.powerbot.bot.Reflector)4
Condition (org.powerbot.script.Condition)4
Client (client.Client)3
CopyOnWriteArrayList (java.util.concurrent.CopyOnWriteArrayList)3
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3
PersonExternalIdentifier (org.orcid.jaxb.model.v3.dev1.record.PersonExternalIdentifier)3
SourceEntity (org.orcid.persistence.jpa.entities.SourceEntity)3
