Search in sources :

Example 16 with AuditLogEvent

use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.

the class NewPasswordCommandTest method execute_PasswordConfirmationIsDifferentThenPassword_ThrowsException.

@Test
public void execute_PasswordConfirmationIsDifferentThenPassword_ThrowsException() throws Exception {
    when(contextMock.getNewPassword()).thenReturn(Optional.of("newPassword"));
    when(contextMock.getNewPasswordConfirmation()).thenReturn("differentPassword");
    when(contextMock.getUserName()).thenReturn("someUsername");
    when(contextMock.getToken()).thenReturn(Optional.of("token"));
    when(contextMock.getEmail()).thenReturn(Optional.of("email"));
    doThrow(new SimbaException(PASSWORDS_DONT_MATCH)).when(credentialServiceMock).changePassword("someUsername", "newPassword", "differentPassword");
    AuditLogEvent auditLogEvent = mock(AuditLogEvent.class);
    when(auditLogFactory.createEventForSessionForFailure(contextMock, PASSWORD_NOT_VALID)).thenReturn(auditLogEvent);
    Command.State state = newPasswordCommand.execute(contextMock);
    assertThat(state).isEqualTo(FINISH);
    verify(credentialServiceMock).changePassword("someUsername", "newPassword", "differentPassword");
    verify(auditMock).log(auditLogEvent);
    verify(contextMock).redirectToNewPassword("token", "email", "PASSWORDS_DONT_MATCH");
}
Also used : AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent) SimbaException(org.simbasecurity.core.exception.SimbaException) Command(org.simbasecurity.core.chain.Command) Test(org.junit.Test)

Example 17 with AuditLogEvent

use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.

the class DatabaseAuditLogProviderTest method auditEventIsPersisted_digestNotEnabled.

@Test
public void auditEventIsPersisted_digestNotEnabled() {
    SSOToken ssoToken = new SSOToken();
    AuditLogEvent event = new AuditLogEvent(AuditLogEventCategory.SESSION, "username", ssoToken, "remoteIP", "message", "userAgent", "hostServerName", "surname", "firstname", "requestURL", "CHAINID");
    provider.log(event);
    jdbcTemplate.query("SELECT * FROM SIMBA_AUDIT_LOG WHERE ssoToken=?", getRowMapper(), ssoToken.getToken());
}
Also used : AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent) SSOToken(org.simbasecurity.api.service.thrift.SSOToken) Test(org.junit.Test)

Example 18 with AuditLogEvent

use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.

the class DatabaseDigestAuditLogProviderTest method auditEventIsPersisted.

@Test
public void auditEventIsPersisted() {
    SSOToken ssoToken = new SSOToken();
    AuditLogEvent event = new AuditLogEvent(AuditLogEventCategory.SESSION, "username", ssoToken, "remoteIP", "message", "userAgent", "hostServerName", "surname", "firstname", "requestURL", "CHAINID");
    provider.log(event);
    jdbcTemplate.query("SELECT * FROM SIMBA_AUDIT_LOG WHERE ssoToken=?", getRowMapper(), ssoToken.getToken());
}
Also used : AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent) SSOToken(org.simbasecurity.api.service.thrift.SSOToken) Test(org.junit.Test)

Example 19 with AuditLogEvent

use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.

the class SessionServiceImplTest method testPurgeExpiredSessions.

@Test
public void testPurgeExpiredSessions() {
    Session expiredSession = createSessionMock(true);
    Session unexpiredSession = createSessionMock(false);
    when(sessionRepository.findAll()).thenReturn(Arrays.asList(expiredSession, unexpiredSession));
    service.purgeExpiredSessions();
    verify(sessionRepository).remove(expiredSession);
    verify(sessionRepository, never()).remove(unexpiredSession);
    verify(audit).log(captor.capture());
    AuditLogEvent resultAuditLogEvent = captor.getValue();
    assertEquals(AuditLogEventCategory.SESSION, resultAuditLogEvent.getCategory());
    assertEquals("Purged expired session", resultAuditLogEvent.getMessage());
}
Also used : AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent) Session(org.simbasecurity.core.domain.Session) Test(org.junit.Test)

Example 20 with AuditLogEvent

use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.

the class DatabaseAuditLogProviderTest method auditEventIsPersisted_digestEnabled.

@Test
public void auditEventIsPersisted_digestEnabled() {
    when(configurationServiceMock.getValue(SimbaConfigurationParameter.AUDIT_LOG_INTEGRITY_ENABLED)).thenReturn(Boolean.TRUE);
    SSOToken ssoToken = new SSOToken();
    AuditLogEvent event = new AuditLogEvent(AuditLogEventCategory.SESSION, "username", ssoToken, "remoteIP", "message", "userAgent", "hostServerName", "surname", "firstname", "requestURL", "CHAINID");
    provider.log(event);
    jdbcTemplate.query("SELECT * FROM SIMBA_AUDIT_LOG WHERE ssoToken=?", getRowMapper(false), ssoToken.getToken());
}
Also used : AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent) SSOToken(org.simbasecurity.api.service.thrift.SSOToken) Test(org.junit.Test)

Aggregations

AuditLogEvent (org.simbasecurity.core.audit.AuditLogEvent)36 Test (org.junit.Test)32 Command (org.simbasecurity.core.chain.Command)9 User (org.simbasecurity.core.domain.User)8 State (org.simbasecurity.core.chain.Command.State)6 UserTestBuilder.aDefaultUser (org.simbasecurity.core.domain.UserTestBuilder.aDefaultUser)6 SSOToken (org.simbasecurity.api.service.thrift.SSOToken)4 Token (org.simbasecurity.core.domain.communication.token.Token)3 URL (java.net.URL)2 PolicyDecision (org.simbasecurity.api.service.thrift.PolicyDecision)2 Session (org.simbasecurity.core.domain.Session)2 EmailAddress (org.simbasecurity.core.domain.user.EmailAddress)2 TemplateWithLinks (org.simbasecurity.core.service.communication.mail.template.TemplateWithLinks)2 Optional (java.util.Optional)1 Audit (org.simbasecurity.core.audit.Audit)1 AuditLogEventFactory (org.simbasecurity.core.audit.AuditLogEventFactory)1 ChainContext (org.simbasecurity.core.chain.ChainContext)1 CONTINUE (org.simbasecurity.core.chain.Command.State.CONTINUE)1 FINISH (org.simbasecurity.core.chain.Command.State.FINISH)1 UserTestBuilder.aUser (org.simbasecurity.core.domain.UserTestBuilder.aUser)1