use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class CheckTokenCommandTest method execute_withUnknownEmailAddress_statusError_AndProperAuditLogging.
@Test
public void execute_withUnknownEmailAddress_statusError_AndProperAuditLogging() throws Exception {
User user = aDefaultUser(emailFactory).withEmail("bruce@wayneindustries.com").build();
setupContextWith("bruce@wayneindustries.com", "sleutel!");
when(userTokenServiceMock.getUserForToken(Token.fromString("sleutel!"))).thenReturn(Optional.of(user));
when(credentialServiceMock.findUserByMail(emailFactory.email("bruce@wayneindustries.com"))).thenReturn(Optional.empty());
Command.State state = checkTokenCommand.execute(chainContextMock);
assertThat(state).isEqualTo(FINISH);
verify(chainContextMock).redirectToWrongToken();
verify(auditMock).log(auditEventCaptor.capture());
AuditLogEvent auditLogEvent = auditEventCaptor.getValue();
assertThat(auditLogEvent.getCategory()).isEqualTo(AUTHENTICATION);
assertThat(auditLogEvent.getMessage()).isEqualTo(String.format("There was an unsuccessful reset password attempt for email address %s, but there was no user found for that email address.", "bruce@wayneindustries.com"));
}
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class CheckTokenCommandTest method execute_withTokenInContextAndDatabase_EmailAddressUserIsSameAsTokenUser_statusContinue.
@Test
public void execute_withTokenInContextAndDatabase_EmailAddressUserIsSameAsTokenUser_statusContinue() throws Exception {
User user = aDefaultUser(emailFactory).withUserName("batman").withEmail("bruce@wayneindustries.com").build();
setupContextWith("bruce@wayneindustries.com", "sleutel!");
when(userTokenServiceMock.getUserForToken(Token.fromString("sleutel!"))).thenReturn(Optional.of(user));
when(credentialServiceMock.findUserByMail(emailFactory.email("bruce@wayneindustries.com"))).thenReturn(Optional.of(user));
Command.State state = checkTokenCommand.execute(chainContextMock);
assertThat(state).isEqualTo(CONTINUE);
verify(chainContextMock).setUserName("batman");
verify(auditMock).log(auditEventCaptor.capture());
AuditLogEvent auditLogEvent = auditEventCaptor.getValue();
assertThat(auditLogEvent.getCategory()).isEqualTo(AUTHENTICATION);
assertThat(auditLogEvent.getUsername()).isEqualTo("batman");
assertThat(auditLogEvent.getMessage()).isEqualTo(String.format("There was a successful reset password attempt for email address %s.", "bruce@wayneindustries.com"));
}
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class ResetPasswordCommandTest method execute_EmailKnown_WillSendMailAndRedirect.
@Test
public void execute_EmailKnown_WillSendMailAndRedirect() throws Exception {
User user = aUser().build();
when(chainContextMock.getEmail()).thenReturn(Optional.of("someEmail@bla.com"));
when(credentialServiceMock.findUserByMail(emailFactory.email("someEmail@bla.com"))).thenReturn(Optional.ofNullable(user));
AuditLogEvent auditLogEvent = mock(AuditLogEvent.class);
when(auditLogEventFactory.createEventForUserAuthentication(eq(user.getName()), anyString())).thenReturn(auditLogEvent);
Command.State state = resetPasswordCommand.execute(chainContextMock);
verify(resetPasswordServiceMock).sendResetPasswordMessageTo(user, resetReason);
assertThat(state).isEqualTo(FINISH);
verify(chainContextMock).redirectToPasswordReset();
verify(audit).log(auditLogEvent);
}
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class ResetPasswordCommandTest method execute_EmailUnknown_WillNotSendMailButWillRedirect.
@Test
public void execute_EmailUnknown_WillNotSendMailButWillRedirect() throws Exception {
when(chainContextMock.getEmail()).thenReturn(Optional.of("someEmail@bla.com"));
when(credentialServiceMock.findUserByMail(emailFactory.email("someEmail@bla.com"))).thenReturn(Optional.empty());
AuditLogEvent auditLogEvent = mock(AuditLogEvent.class);
when(auditLogEventFactory.createEventForUserAuthentication(isNull(), anyString())).thenReturn(auditLogEvent);
Command.State state = resetPasswordCommand.execute(chainContextMock);
verifyZeroInteractions(resetPasswordServiceMock);
assertThat(state).isEqualTo(FINISH);
verify(chainContextMock).redirectToPasswordReset();
verify(audit).log(auditLogEvent);
}
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class ResetPasswordServiceTest method sendMessageForNewUser_WillTriggerAuditloggingForNewUser.
@Test
public void sendMessageForNewUser_WillTriggerAuditloggingForNewUser() throws Exception {
EmailAddress email = emailFactory.email("something@mail.com");
User user = aDefaultUser().withUserName("otherTest").withEmail(email).withLanguage(en_US).build();
Token token = Token.generateToken();
when(tokenManagerMock.generateToken(user, newUserReason)).thenReturn(token);
URL link = new URL("http://www.google.com");
List<URL> links = Collections.singletonList(link);
when(linkGeneratorMock.generateResetPasswordLinks(email, token)).thenReturn(links);
when(templateServiceMock.createMailBodyWithLink(new TemplateWithLinks(newUserReason.getTemplate(), links), en_US)).thenReturn("someBody");
when(templateServiceMock.createMailSubject(newUserReason.getSubjectTemplate(), en_US)).thenReturn("New user");
ArgumentCaptor<AuditLogEvent> logCaptor = ArgumentCaptor.forClass(AuditLogEvent.class);
resetPasswordService.sendResetPasswordMessageTo(user, newUserReason);
verify(mailServiceMock).sendMail(mail().from(emailFactory.email("bla@hotmail.com")).to(email).subject("New user").body("someBody"));
verify(auditMock).log(logCaptor.capture());
assertThat(logCaptor.getValue()).extracting(AuditLogEvent::getUsername, AuditLogEvent::getMessage, AuditLogEvent::getCategory).containsExactly("otherTest", "Email has been sent to user for following reason: NewUser", AUTHENTICATION);
}
Aggregations