Example 16 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class NewPasswordCommandTest method execute_PasswordConfirmationIsDifferentThenPassword_ThrowsException.
@Test
public void execute_PasswordConfirmationIsDifferentThenPassword_ThrowsException() throws Exception {
when(contextMock.getNewPassword()).thenReturn(Optional.of("newPassword"));
when(contextMock.getNewPasswordConfirmation()).thenReturn("differentPassword");
when(contextMock.getUserName()).thenReturn("someUsername");
when(contextMock.getToken()).thenReturn(Optional.of("token"));
when(contextMock.getEmail()).thenReturn(Optional.of("email"));
doThrow(new SimbaException(PASSWORDS_DONT_MATCH)).when(credentialServiceMock).changePassword("someUsername", "newPassword", "differentPassword");
AuditLogEvent auditLogEvent = mock(AuditLogEvent.class);
when(auditLogFactory.createEventForSessionForFailure(contextMock, PASSWORD_NOT_VALID)).thenReturn(auditLogEvent);
Command.State state = newPasswordCommand.execute(contextMock);
assertThat(state).isEqualTo(FINISH);
verify(credentialServiceMock).changePassword("someUsername", "newPassword", "differentPassword");
verify(auditMock).log(auditLogEvent);
verify(contextMock).redirectToNewPassword("token", "email", "PASSWORDS_DONT_MATCH");
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
SimbaException(org.simbasecurity.core.exception.SimbaException)
Command(org.simbasecurity.core.chain.Command)
Test(org.junit.Test)
Example 17 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class DatabaseAuditLogProviderTest method auditEventIsPersisted_digestNotEnabled.
@Test
public void auditEventIsPersisted_digestNotEnabled() {
SSOToken ssoToken = new SSOToken();
AuditLogEvent event = new AuditLogEvent(AuditLogEventCategory.SESSION, "username", ssoToken, "remoteIP", "message", "userAgent", "hostServerName", "surname", "firstname", "requestURL", "CHAINID");
provider.log(event);
jdbcTemplate.query("SELECT * FROM SIMBA_AUDIT_LOG WHERE ssoToken=?", getRowMapper(), ssoToken.getToken());
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
SSOToken(org.simbasecurity.api.service.thrift.SSOToken)
Test(org.junit.Test)
Example 18 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class DatabaseDigestAuditLogProviderTest method auditEventIsPersisted.
@Test
public void auditEventIsPersisted() {
SSOToken ssoToken = new SSOToken();
AuditLogEvent event = new AuditLogEvent(AuditLogEventCategory.SESSION, "username", ssoToken, "remoteIP", "message", "userAgent", "hostServerName", "surname", "firstname", "requestURL", "CHAINID");
provider.log(event);
jdbcTemplate.query("SELECT * FROM SIMBA_AUDIT_LOG WHERE ssoToken=?", getRowMapper(), ssoToken.getToken());
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
SSOToken(org.simbasecurity.api.service.thrift.SSOToken)
Test(org.junit.Test)
Example 19 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class SessionServiceImplTest method testPurgeExpiredSessions.
@Test
public void testPurgeExpiredSessions() {
Session expiredSession = createSessionMock(true);
Session unexpiredSession = createSessionMock(false);
when(sessionRepository.findAll()).thenReturn(Arrays.asList(expiredSession, unexpiredSession));
service.purgeExpiredSessions();
verify(sessionRepository).remove(expiredSession);
verify(sessionRepository, never()).remove(unexpiredSession);
verify(audit).log(captor.capture());
AuditLogEvent resultAuditLogEvent = captor.getValue();
assertEquals(AuditLogEventCategory.SESSION, resultAuditLogEvent.getCategory());
assertEquals("Purged expired session", resultAuditLogEvent.getMessage());
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
Session(org.simbasecurity.core.domain.Session)
Test(org.junit.Test)
Example 20 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class DatabaseAuditLogProviderTest method auditEventIsPersisted_digestEnabled.
@Test
public void auditEventIsPersisted_digestEnabled() {
when(configurationServiceMock.getValue(SimbaConfigurationParameter.AUDIT_LOG_INTEGRITY_ENABLED)).thenReturn(Boolean.TRUE);
SSOToken ssoToken = new SSOToken();
AuditLogEvent event = new AuditLogEvent(AuditLogEventCategory.SESSION, "username", ssoToken, "remoteIP", "message", "userAgent", "hostServerName", "surname", "firstname", "requestURL", "CHAINID");
provider.log(event);
jdbcTemplate.query("SELECT * FROM SIMBA_AUDIT_LOG WHERE ssoToken=?", getRowMapper(false), ssoToken.getToken());
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
SSOToken(org.simbasecurity.api.service.thrift.SSOToken)
Test(org.junit.Test)
Aggregations
AuditLogEvent (org.simbasecurity.core.audit.AuditLogEvent)36
Test (org.junit.Test)32
Command (org.simbasecurity.core.chain.Command)9
User (org.simbasecurity.core.domain.User)8
State (org.simbasecurity.core.chain.Command.State)6
UserTestBuilder.aDefaultUser (org.simbasecurity.core.domain.UserTestBuilder.aDefaultUser)6
SSOToken (org.simbasecurity.api.service.thrift.SSOToken)4
Token (org.simbasecurity.core.domain.communication.token.Token)3
URL (java.net.URL)2
PolicyDecision (org.simbasecurity.api.service.thrift.PolicyDecision)2
Session (org.simbasecurity.core.domain.Session)2
EmailAddress (org.simbasecurity.core.domain.user.EmailAddress)2
TemplateWithLinks (org.simbasecurity.core.service.communication.mail.template.TemplateWithLinks)2
Optional (java.util.Optional)1
Audit (org.simbasecurity.core.audit.Audit)1
AuditLogEventFactory (org.simbasecurity.core.audit.AuditLogEventFactory)1
ChainContext (org.simbasecurity.core.chain.ChainContext)1
CONTINUE (org.simbasecurity.core.chain.Command.State.CONTINUE)1
FINISH (org.simbasecurity.core.chain.Command.State.FINISH)1
UserTestBuilder.aUser (org.simbasecurity.core.domain.UserTestBuilder.aUser)1
