use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class JpaJaxbClientAdapterTest method toEntityTest.
@Test
public void toEntityTest() {
Client client = getClient();
ClientDetailsEntity entity = adapter.toEntity(client);
ClientDetailsEntity toCompare = getClientDetailsEntity();
// Configuration values should be the default
assertFalse(entity.isPersistentTokensEnabled());
assertNull(entity.getAuthenticationProviderId());
assertEquals(toCompare.getClientDescription(), entity.getClientDescription());
assertEquals(toCompare.getClientId(), entity.getClientId());
assertEquals(toCompare.getClientName(), entity.getClientName());
assertEquals(toCompare.getClientRegisteredRedirectUris(), entity.getClientRegisteredRedirectUris());
assertEquals(toCompare.getClientWebsite(), entity.getClientWebsite());
assertEquals(toCompare.isAllowAutoDeprecate(), entity.isAllowAutoDeprecate());
assertFalse(entity.isPersistentTokensEnabled());
assertNull(entity.getClientType());
assertNull(entity.getAuthenticationProviderId());
assertNull(entity.getEmailAccessReason());
assertNull(entity.getGroupProfileId());
assertNull(entity.getClientSecrets());
assertEquals(Collections.EMPTY_SET, entity.getClientAuthorizedGrantTypes());
assertEquals(Collections.EMPTY_SET, entity.getClientResourceIds());
assertEquals(Collections.EMPTY_SET, entity.getClientScopes());
assertEquals(Collections.EMPTY_SET, entity.getCustomEmails());
assertEquals(Collections.EMPTY_LIST, entity.getClientGrantedAuthorities());
}
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class OrcidSecurityManagerImpl method checkAndFilter.
/**
* Check the permissions of a request over an element. Private
* implementation that will also include a parameter that indicates if we
* should check the token or, if it was already checked previously
*
* @param orcid
* The user owner of the element
* @param element
* The element to check
* @param requiredScope
* The required scope to access this element
* @param tokenAlreadyChecked
* Indicates if the token was already checked previously, so, we
* don't expend time checking it again
* @throws OrcidUnauthorizedException
* In case the token used was not issued for the owner of the
* element
* @throws OrcidAccessControlException
* In case the request doesn't have the required scopes
* @throws OrcidVisibilityException
* In case the element is not visible due the visibility
*/
private void checkAndFilter(String orcid, VisibilityType element, ScopePathType requiredScope, boolean tokenAlreadyChecked) {
if (element == null) {
return;
}
// Check the token was issued for this user
if (!tokenAlreadyChecked) {
isMyToken(orcid);
}
// Check if the client is the source of the element
if (element instanceof Filterable) {
Filterable filterable = (Filterable) element;
OAuth2Authentication oAuth2Authentication = getOAuth2Authentication();
if (oAuth2Authentication != null) {
OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
String clientId = authorizationRequest.getClientId();
if (clientId.equals(filterable.retrieveSourcePath())) {
// The client doing the request is the source of the element
return;
}
}
}
// /read-public scope
if (Visibility.PUBLIC.equals(element.getVisibility())) {
try {
checkScopes(ScopePathType.READ_PUBLIC);
// can return it
return;
} catch (OrcidAccessControlException e) {
// Just continue filtering
}
}
// Filter
filter(element, requiredScope);
}
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class MemberV3ApiServiceDelegator_GeneralTest method testOrcidProfileCreate_CANT_UpdateOnClaimedAccounts.
@Test
public void testOrcidProfileCreate_CANT_UpdateOnClaimedAccounts() {
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
Response response = serviceDelegator.viewAddress(ORCID, 9L);
assertNotNull(response);
Address a = (Address) response.getEntity();
assertNotNull(a);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateAddress(ORCID, a.getPutCode(), a);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewEducation(ORCID, 20L);
assertNotNull(response);
Education edu = (Education) response.getEntity();
assertNotNull(edu);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateEducation(ORCID, edu.getPutCode(), edu);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewEmployment(ORCID, 17L);
assertNotNull(response);
Employment emp = (Employment) response.getEntity();
assertNotNull(emp);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateEmployment(ORCID, emp.getPutCode(), emp);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewExternalIdentifier(ORCID, 13L);
assertNotNull(response);
PersonExternalIdentifier extId = (PersonExternalIdentifier) response.getEntity();
assertNotNull(extId);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateExternalIdentifier(ORCID, extId.getPutCode(), extId);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewFunding(ORCID, 10L);
assertNotNull(response);
Funding f = (Funding) response.getEntity();
assertNotNull(f);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateFunding(ORCID, f.getPutCode(), f);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewKeyword(ORCID, 9L);
assertNotNull(response);
Keyword k = (Keyword) response.getEntity();
assertNotNull(k);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateKeyword(ORCID, k.getPutCode(), k);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewOtherName(ORCID, 13L);
assertNotNull(response);
OtherName o = (OtherName) response.getEntity();
assertNotNull(o);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateOtherName(ORCID, o.getPutCode(), o);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewPeerReview(ORCID, 9L);
assertNotNull(response);
PeerReview p = (PeerReview) response.getEntity();
assertNotNull(p);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updatePeerReview(ORCID, p.getPutCode(), p);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewResearcherUrl(ORCID, 13L);
assertNotNull(response);
ResearcherUrl r = (ResearcherUrl) response.getEntity();
assertNotNull(r);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateResearcherUrl(ORCID, r.getPutCode(), r);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_LIMITED);
response = serviceDelegator.viewWork(ORCID, 11L);
assertNotNull(response);
Work w = (Work) response.getEntity();
assertNotNull(w);
try {
SecurityContextTestUtils.setUpSecurityContextForClientOnly();
serviceDelegator.updateWork(ORCID, w.getPutCode(), w);
fail();
} catch (IllegalStateException e) {
assertEquals("Non client credential scope found in client request", e.getMessage());
}
}
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class NotificationsApiServiceDelegatorImpl method findPermissionNotifications.
@Override
@AccessControl(requiredScope = ScopePathType.PREMIUM_NOTIFICATION)
public Response findPermissionNotifications(String orcid) {
// Get the client profile information
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String clientId = null;
if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
clientId = authorizationRequest.getClientId();
}
NotificationPermissions notifications = notificationManager.findPermissionsByOrcidAndClient(orcid, clientId, 0, MAX_NOTIFICATIONS_AVAILABLE);
return Response.ok(notifications).build();
}
use of org.orcid.jaxb.model.v3.dev1.client.Client in project ORCID-Source by ORCID.
the class NotificationManagerTest method testFindPermissionsByOrcidAndClient.
/**
* Test independent of spring context, sets up NotificationManager with
* mocked notifiation dao and notification adapter
*/
@Test
public void testFindPermissionsByOrcidAndClient() {
List<Notification> notificationPermissions = IntStream.range(0, 10).mapToObj(i -> new NotificationPermission()).collect(Collectors.toList());
NotificationDao notificationDao = mock(NotificationDaoImpl.class);
JpaJaxbNotificationAdapter adapter = mock(JpaJaxbNotificationAdapterImpl.class);
when(notificationDao.findPermissionsByOrcidAndClient(anyString(), anyString(), anyInt(), anyInt())).thenReturn(new ArrayList<NotificationEntity>());
when(adapter.toNotification(Matchers.<ArrayList<NotificationEntity>>any())).thenReturn(notificationPermissions);
NotificationManager notificationManager = new NotificationManagerImpl();
ReflectionTestUtils.setField(notificationManager, "notificationAdapter", adapter);
ReflectionTestUtils.setField(notificationManager, "notificationDao", notificationDao);
NotificationPermissions notifications = notificationManager.findPermissionsByOrcidAndClient("some-orcid", "some-client", 0, OrcidApiConstants.MAX_NOTIFICATIONS_AVAILABLE);
assertEquals(notificationPermissions.size(), notifications.getNotifications().size());
}
Aggregations