Example 1 with LoginProvider
use of org.owasp.oag.config.configuration.LoginProvider in project Application-Gateway by gianlucafrei.
the class WiremockTest method makeLogin.
protected LoginResult makeLogin() {
try {
// ACT1: Start the login
var loginResult = webClient.get().uri("/auth/local/login").exchange().expectStatus().isFound().returnResult(String.class);
var redirectUriString = loginResult.getResponseHeaders().getFirst("Location");
URI redirectUri = new URI(redirectUriString);
AuthenticationRequest oidcRequest = AuthenticationRequest.parse(redirectUri);
LoginProvider provider = config.getLoginProviders().get("local");
assertTrue(redirectUriString.startsWith((String) provider.getWith().get("authEndpoint")));
assertEquals(provider.getWith().get("clientId"), oidcRequest.getClientID().toString());
var loginStateCookie = loginResult.getResponseCookies().getFirst(LoginStateCookie.NAME);
// ACT 2: Call the callback url
// Arrange
String authorizationResponse = String.format("?state=%s&code=%s", oidcRequest.getState().getValue(), "authCode");
var callbackResult = webClient.get().uri("/auth/local/callback" + authorizationResponse).cookie(loginStateCookie.getName(), loginStateCookie.getValue()).exchange().expectStatus().isFound().returnResult(String.class);
var result = new LoginResult(callbackResult);
// id from jwt token
result.id = "248289761001";
return result;
} catch (Exception e) {
throw new ApplicationException("Login Failed", e);
}
}
Also used :
ApplicationException(org.owasp.oag.exception.ApplicationException)
AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest)
LoginProvider(org.owasp.oag.config.configuration.LoginProvider)
URI(java.net.URI)
ApplicationException(org.owasp.oag.exception.ApplicationException)
Example 2 with LoginProvider
use of org.owasp.oag.config.configuration.LoginProvider in project Application-Gateway by gianlucafrei.
the class LoginProvidorValidationTest method testNoFields.
@Test
public void testNoFields() {
// Arrange
LoginProvider provider = new LoginProvider(null, null);
// Act
var errors = provider.getErrors(context);
// Assert
assertEquals(2, errors.size());
}
Also used :
LoginProvider(org.owasp.oag.config.configuration.LoginProvider)
Test(org.junit.jupiter.api.Test)
IntegrationTest(org.owasp.oag.integration.testInfrastructure.IntegrationTest)
Example 3 with LoginProvider
use of org.owasp.oag.config.configuration.LoginProvider in project Application-Gateway by gianlucafrei.
the class LoginController method loadLoginDriver.
public LoginDriver loadLoginDriver(String providerKey) {
// Load settings
LoginProvider provider = loadProvider(providerKey);
String driverName = provider.getType();
try {
return loginDriverFactory.loadDriverByKey(driverName, provider.getWith());
} catch (Exception e) {
throw new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR, "could not find login driver", e);
}
}
Also used :
LoginProvider(org.owasp.oag.config.configuration.LoginProvider)
ResponseStatusException(org.springframework.web.server.ResponseStatusException)
URISyntaxException(java.net.URISyntaxException)
AuthenticationException(org.owasp.oag.exception.AuthenticationException)
CookieDecryptionException(org.owasp.oag.exception.CookieDecryptionException)
ResponseStatusException(org.springframework.web.server.ResponseStatusException)
Example 4 with LoginProvider
use of org.owasp.oag.config.configuration.LoginProvider in project Application-Gateway by gianlucafrei.
the class LoginProvidorValidationTest method testInvalidProviderName.
@Test
public void testInvalidProviderName() {
// Arrange
LoginProvider provider = new LoginProvider("doesnotexist", new LoginProviderSettings());
// Act
var errors = provider.getErrors(context);
// Assert
assertEquals(1, errors.size());
}
Also used :
LoginProvider(org.owasp.oag.config.configuration.LoginProvider)
LoginProviderSettings(org.owasp.oag.config.configuration.LoginProviderSettings)
Test(org.junit.jupiter.api.Test)
IntegrationTest(org.owasp.oag.integration.testInfrastructure.IntegrationTest)
Example 5 with LoginProvider
use of org.owasp.oag.config.configuration.LoginProvider in project Application-Gateway by gianlucafrei.
the class LoginProvidorValidationTest method testInvalidInvalidSettings.
@Test
public void testInvalidInvalidSettings() {
// Arrange
LoginProvider provider = new LoginProvider("oidc", new LoginProviderSettings());
// Act
var errors = provider.getErrors(context);
// Assert
assertTrue(!errors.isEmpty(), "Expected errors with invalid configuration");
}
Also used :
LoginProvider(org.owasp.oag.config.configuration.LoginProvider)
LoginProviderSettings(org.owasp.oag.config.configuration.LoginProviderSettings)
Test(org.junit.jupiter.api.Test)
IntegrationTest(org.owasp.oag.integration.testInfrastructure.IntegrationTest)
Aggregations
LoginProvider (org.owasp.oag.config.configuration.LoginProvider)7
Test (org.junit.jupiter.api.Test)5
IntegrationTest (org.owasp.oag.integration.testInfrastructure.IntegrationTest)4
LoginProviderSettings (org.owasp.oag.config.configuration.LoginProviderSettings)3
AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)2
URI (java.net.URI)2
URISyntaxException (java.net.URISyntaxException)1
ApplicationException (org.owasp.oag.exception.ApplicationException)1
AuthenticationException (org.owasp.oag.exception.AuthenticationException)1
CookieDecryptionException (org.owasp.oag.exception.CookieDecryptionException)1
WiremockTest (org.owasp.oag.integration.testInfrastructure.WiremockTest)1
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)1
ResponseStatusException (org.springframework.web.server.ResponseStatusException)1
