Search in sources :

Example 6 with RandomValueStringGenerator

use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.

the class ScimUserEndpointsMockMvcTests method testCreateUserWithEmailDomainNotAllowedForOriginUaa.

@Test
void testCreateUserWithEmailDomainNotAllowedForOriginUaa() throws Exception {
    ScimUser user = new ScimUser(null, "abc@example.org", "First", "Last");
    user.addEmail("abc@example.org");
    user.setPassword(new RandomValueStringGenerator(2).generate());
    user.setOrigin("uaa");
    byte[] requestBody = JsonUtils.writeValueAsBytes(user);
    IdentityProvider oidcProvider = new IdentityProvider().setActive(true).setName("OIDC_test").setType(OriginKeys.OIDC10).setOriginKey(OriginKeys.OIDC10).setConfig(new OIDCIdentityProviderDefinition());
    oidcProvider.setIdentityZoneId(IdentityZoneHolder.getUaaZone().getId());
    oidcProvider.getConfig().setEmailDomain(Collections.singletonList("example.org"));
    identityProviderProvisioning.create(oidcProvider, oidcProvider.getIdentityZoneId());
    try {
        MockHttpServletRequestBuilder post = post("/Users").header("Authorization", "Bearer " + scimCreateToken).contentType(APPLICATION_JSON).content(requestBody);
        mockMvc.perform(post).andExpect(status().isBadRequest()).andExpect(jsonPath("$.message").value("The user account is set up for single sign-on. Please use one of these origin(s) : [oidc1.0]"));
    } finally {
        identityProviderProvisioning.deleteByOrigin(oidcProvider.getOriginKey(), IdentityZoneHolder.getUaaZone().getId());
    }
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) IdentityProvider(org.cloudfoundry.identity.uaa.provider.IdentityProvider) OIDCIdentityProviderDefinition(org.cloudfoundry.identity.uaa.provider.OIDCIdentityProviderDefinition) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) Test(org.junit.jupiter.api.Test)

Example 7 with RandomValueStringGenerator

use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.

the class ScimUserEndpointsTests method create_with_non_uaa_origin_does_not_validate_password.

@Test
void create_with_non_uaa_origin_does_not_validate_password() {
    ScimUser user = spy(new ScimUser(null, "dave", "David", "Syer"));
    user.addEmail(new RandomValueStringGenerator().generate() + "@test.org");
    user.setOrigin("google");
    user.setPassword("bla bla");
    MockHttpServletRequest request = new MockHttpServletRequest();
    scimUserEndpoints.createUser(user, request, new MockHttpServletResponse());
    ArgumentCaptor<String> passwords = ArgumentCaptor.forClass(String.class);
    verify(user, atLeastOnce()).setPassword(passwords.capture());
    // 1. this method, 2. user scimUserEndpoints, 3. user provisioning
    assertEquals(3, passwords.getAllValues().size());
    assertEquals("bla bla", passwords.getAllValues().get(0));
    assertEquals("", passwords.getAllValues().get(1));
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) Matchers.containsString(org.hamcrest.Matchers.containsString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 8 with RandomValueStringGenerator

use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.

the class ScimUserEndpointsTests method createUserWhenInternalUserManagementIsDisabled.

private void createUserWhenInternalUserManagementIsDisabled(String origin) {
    ScimUser user = new ScimUser(null, "dave", "David", "Syer");
    user.addEmail(new RandomValueStringGenerator().generate() + "@test.org");
    user.setOrigin(origin);
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setAttribute(DisableInternalUserManagementFilter.DISABLE_INTERNAL_USER_MANAGEMENT, true);
    scimUserEndpoints.createUser(user, request, new MockHttpServletResponse());
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)

Example 9 with RandomValueStringGenerator

use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.

the class ScimUserLookupMockMvcTests method createInactiveIdp.

private ScimUser createInactiveIdp(String originKey) throws Exception {
    String tokenToCreateIdp = testClient.getClientCredentialsOAuthAccessToken("login", "loginsecret", "idps.write");
    IdentityProvider inactiveIdentityProvider = MultitenancyFixture.identityProvider(originKey, "uaa");
    inactiveIdentityProvider.setActive(false);
    MockMvcUtils.createIdpUsingWebRequest(mockMvc, null, tokenToCreateIdp, inactiveIdentityProvider, status().isCreated());
    ScimUser scimUser = new ScimUser(null, new RandomValueStringGenerator().generate() + "@test.org", "test", "test");
    scimUser.setPrimaryEmail(scimUser.getUserName());
    scimUser.setPassword("secr3T");
    scimUser.setOrigin(originKey);
    scimUser = MockMvcUtils.createUserInZone(mockMvc, adminToken, scimUser, "");
    return scimUser;
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) IdentityProvider(org.cloudfoundry.identity.uaa.provider.IdentityProvider) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator)

Example 10 with RandomValueStringGenerator

use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.

the class ScimUserLookupMockMvcTests method setUp.

@BeforeEach
void setUp(@Autowired WebApplicationContext webApplicationContext, @Autowired TestClient testClient, @Autowired MockMvc mockMvc) throws Exception {
    this.webApplicationContext = webApplicationContext;
    this.mockMvc = mockMvc;
    this.testClient = testClient;
    adminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "clients.read clients.write clients.secret scim.read scim.write clients.admin");
    user = new ScimUser(null, new RandomValueStringGenerator().generate() + "@test.org", "PasswordResetUserFirst", "PasswordResetUserLast");
    user.setPrimaryEmail(user.getUserName());
    user.setPassword("secr3T");
    user = MockMvcUtils.createUser(this.mockMvc, adminToken, user);
    List<String> scopes = Arrays.asList("scim.userids", "cloud_controller.read");
    MockMvcUtils.createClient(this.mockMvc, adminToken, clientId, clientSecret, Collections.singleton("scim"), scopes, Arrays.asList("client_credentials", "password"), "uaa.none");
    scimLookupIdUserToken = testClient.getUserOAuthAccessToken(clientId, clientSecret, user.getUserName(), "secr3T", "scim.userids");
    if (testUsers == null) {
        testUsers = createUsers(adminToken);
    }
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator) BeforeEach(org.junit.jupiter.api.BeforeEach)

Aggregations

RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)271 Test (org.junit.jupiter.api.Test)111 Matchers.containsString (org.hamcrest.Matchers.containsString)92 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)81 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)76 Test (org.junit.Test)52 BeforeEach (org.junit.jupiter.api.BeforeEach)45 IdentityZone (org.cloudfoundry.identity.uaa.zone.IdentityZone)40 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)36 RestTemplate (org.springframework.web.client.RestTemplate)34 IdentityProvider (org.cloudfoundry.identity.uaa.provider.IdentityProvider)30 SamlIdentityProviderDefinition (org.cloudfoundry.identity.uaa.provider.SamlIdentityProviderDefinition)29 MvcResult (org.springframework.test.web.servlet.MvcResult)26 SetServerNameRequestPostProcessor (org.cloudfoundry.identity.uaa.util.SetServerNameRequestPostProcessor)16 IdentityZoneConfiguration (org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration)16 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)16 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)15 ScimGroup (org.cloudfoundry.identity.uaa.scim.ScimGroup)14 KeyWithCertTest (org.cloudfoundry.identity.uaa.util.KeyWithCertTest)14 Matchers.isEmptyOrNullString (org.hamcrest.Matchers.isEmptyOrNullString)14