use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class TokenRevocationEndpointTests method setupForTokenRevocation.
@BeforeEach
void setupForTokenRevocation() {
String zoneId = IdentityZoneHolder.get().getId();
RandomValueStringGenerator generator = new RandomValueStringGenerator();
String clientId = generator.generate().toLowerCase();
client = new BaseClientDetails(clientId, "", "some.scopes", "client_credentials", "authorities");
client.addAdditionalInformation(TOKEN_SALT, "pre-salt");
IdentityZoneManager mockIdentityZoneManager = mock(IdentityZoneManager.class);
when(mockIdentityZoneManager.getCurrentIdentityZoneId()).thenReturn(IdentityZone.getUaaZoneId());
clientService = spy(new MultitenantJdbcClientDetailsService(jdbcTemplate, mockIdentityZoneManager, passwordEncoder));
clientService.addClientDetails(client, zoneId);
ScimUserProvisioning userProvisioning = new JdbcScimUserProvisioning(jdbcTemplate, new JdbcPagingListFactory(jdbcTemplate, limitSqlAdapter), passwordEncoder);
JdbcRevocableTokenProvisioning provisioning = spy(new JdbcRevocableTokenProvisioning(jdbcTemplate, limitSqlAdapter, new TimeServiceImpl()));
endpoint = spy(new TokenRevocationEndpoint(clientService, userProvisioning, provisioning));
ApplicationEventPublisher publisher = mock(ApplicationEventPublisher.class);
endpoint.setApplicationEventPublisher(publisher);
SecurityContextHolder.getContext().setAuthentication(new UaaOauth2Authentication("token-value", zoneId, mock(OAuth2Request.class), new UaaAuthentication(new UaaPrincipal("id", "username", "username@test.com", OriginKeys.UAA, "", zoneId), Collections.emptyList(), mock(UaaAuthenticationDetails.class))));
provisioning.create(new RevocableToken().setClientId(client.getClientId()).setTokenId("token-id").setUserId(null).setResponseType(RevocableToken.TokenType.ACCESS_TOKEN).setValue("value").setIssuedAt(System.currentTimeMillis()), zoneId);
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class UserManagedAuthzApprovalHandlerTests method setUp.
@BeforeEach
void setUp(@Autowired JdbcTemplate jdbcTemplate) {
RandomValueStringGenerator generator = new RandomValueStringGenerator();
currentIdentityZoneId = "currentIdentityZoneId-" + generator.generate();
approvalStore = new JdbcApprovalStore(jdbcTemplate);
QueryableResourceManager<ClientDetails> mockClientDetailsService = mock(QueryableResourceManager.class);
mockBaseClientDetails = mock(BaseClientDetails.class);
when(mockClientDetailsService.retrieve("foo", currentIdentityZoneId)).thenReturn(mockBaseClientDetails);
when(mockBaseClientDetails.getScope()).thenReturn(new HashSet<>(Arrays.asList("cloud_controller.read", "cloud_controller.write", "openid", "space.*.developer")));
when(mockBaseClientDetails.getAutoApproveScopes()).thenReturn(Collections.emptySet());
IdentityZoneManager mockIdentityZoneManager = mock(IdentityZoneManager.class);
when(mockIdentityZoneManager.getCurrentIdentityZoneId()).thenReturn(currentIdentityZoneId);
handler = new UserManagedAuthzApprovalHandler(approvalStore, mockClientDetailsService, mockIdentityZoneManager);
userId = "userId-" + generator.generate();
mockAuthentication = mock(AuthenticationWithGetId.class);
when(mockAuthentication.isAuthenticated()).thenReturn(true);
when(mockAuthentication.getId()).thenReturn(userId);
nextWeek = new Date(LocalDateTime.now().plus(Duration.ofDays(7)).atZone(ZoneId.systemDefault()).toEpochSecond() * 1000);
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class LoginMockMvcTests method noRedirect_ifProvidersOfDifferentTypesPresent.
@Test
void noRedirect_ifProvidersOfDifferentTypesPresent(@Autowired JdbcIdentityProviderProvisioning jdbcIdentityProviderProvisioning) throws Exception {
String alias = "login-saml-" + generator.generate();
final String zoneAdminClientId = "admin";
BaseClientDetails zoneAdminClient = new BaseClientDetails(zoneAdminClientId, null, "openid", "client_credentials,authorization_code", "clients.admin,scim.read,scim.write", "http://test.redirect.com");
zoneAdminClient.setClientSecret("admin-secret");
IdentityZoneCreationResult identityZoneCreationResult = MockMvcUtils.createOtherIdentityZoneAndReturnResult("puppy-" + new RandomValueStringGenerator().generate(), mockMvc, webApplicationContext, zoneAdminClient, false, IdentityZoneHolder.getCurrentZoneId());
IdentityZone identityZone = identityZoneCreationResult.getIdentityZone();
String metadata = String.format(MockMvcUtils.IDP_META_DATA, new RandomValueStringGenerator().generate());
SamlIdentityProviderDefinition activeSamlIdentityProviderDefinition = new SamlIdentityProviderDefinition().setMetaDataLocation(metadata).setIdpEntityAlias(alias).setLinkText("Active SAML Provider").setZoneId(identityZone.getId());
IdentityProvider activeIdentityProvider = new IdentityProvider();
activeIdentityProvider.setType(OriginKeys.SAML);
activeIdentityProvider.setName("Active SAML Provider");
activeIdentityProvider.setActive(true);
activeIdentityProvider.setConfig(activeSamlIdentityProviderDefinition);
activeIdentityProvider.setOriginKey(alias);
createIdentityProvider(jdbcIdentityProviderProvisioning, identityZone, activeIdentityProvider);
OIDCIdentityProviderDefinition definition = new OIDCIdentityProviderDefinition();
definition.setAuthUrl(new URL("http://auth.url"));
definition.setTokenUrl(new URL("http://token.url"));
definition.setTokenKey("key");
definition.setRelyingPartyId("UAA");
definition.setRelyingPartySecret("secret");
definition.setShowLinkText(false);
String oauthAlias = "login-oauth-" + generator.generate();
IdentityProvider<OIDCIdentityProviderDefinition> oauthIdentityProvider = MultitenancyFixture.identityProvider(oauthAlias, "uaa");
oauthIdentityProvider.setConfig(definition);
oauthIdentityProvider.setActive(true);
createIdentityProvider(jdbcIdentityProviderProvisioning, identityZone, oauthIdentityProvider);
IdentityZoneHolder.set(identityZone);
IdentityProvider uaaIdentityProvider = jdbcIdentityProviderProvisioning.retrieveByOriginIgnoreActiveFlag(UAA, identityZone.getId());
uaaIdentityProvider.setActive(false);
jdbcIdentityProviderProvisioning.update(uaaIdentityProvider, uaaIdentityProvider.getIdentityZoneId());
mockMvc.perform(get("/login").accept(TEXT_HTML).with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost")).with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost"))).andExpect(status().isOk()).andExpect(view().name("login"));
IdentityZoneHolder.clear();
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class LoginMockMvcTests method oauthRedirect_stateParameterPassedGetsReturned.
@Test
void oauthRedirect_stateParameterPassedGetsReturned(@Autowired JdbcIdentityProviderProvisioning jdbcIdentityProviderProvisioning) throws Exception {
final String zoneAdminClientId = "admin";
BaseClientDetails zoneAdminClient = new BaseClientDetails(zoneAdminClientId, null, "openid", "client_credentials,authorization_code", "clients.admin,scim.read,scim.write", "http://test.redirect.com");
zoneAdminClient.setClientSecret("admin-secret");
IdentityZoneCreationResult identityZoneCreationResult = MockMvcUtils.createOtherIdentityZoneAndReturnResult("puppy-" + new RandomValueStringGenerator().generate(), mockMvc, webApplicationContext, zoneAdminClient, false, IdentityZoneHolder.getCurrentZoneId());
IdentityZone identityZone = identityZoneCreationResult.getIdentityZone();
String zoneAdminToken = identityZoneCreationResult.getZoneAdminToken();
String oauthAlias = createOIDCProviderInZone(jdbcIdentityProviderProvisioning, identityZone, null);
IdentityZoneHolder.set(identityZone);
IdentityProvider uaaIdentityProvider = jdbcIdentityProviderProvisioning.retrieveByOriginIgnoreActiveFlag(UAA, identityZone.getId());
uaaIdentityProvider.setActive(false);
jdbcIdentityProviderProvisioning.update(uaaIdentityProvider, uaaIdentityProvider.getIdentityZoneId());
MvcResult mvcResult = mockMvc.perform(get("/login").accept(TEXT_HTML).servletPath("/login").with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost"))).andExpect(status().isFound()).andReturn();
String location = mvcResult.getResponse().getHeader("Location");
Map<String, String> queryParams = UriComponentsBuilder.fromUriString(location).build().getQueryParams().toSingleValueMap();
assertThat(location, startsWith("http://auth.url"));
assertThat(queryParams, hasEntry("client_id", "uaa"));
assertThat(queryParams, hasEntry("response_type", "code+id_token"));
assertThat(queryParams, hasEntry("redirect_uri", "http%3A%2F%2F" + identityZone.getSubdomain() + ".localhost%2Flogin%2Fcallback%2F" + oauthAlias));
assertThat(queryParams, hasEntry("scope", "openid+roles"));
assertThat(queryParams, hasKey("nonce"));
assertThat(queryParams, hasEntry(is("state"), not(isEmptyOrNullString())));
IdentityZoneHolder.clear();
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class LoginMockMvcTests method createZoneLinksZone.
IdentityZone createZoneLinksZone() throws Exception {
String subdomain = new RandomValueStringGenerator(24).generate().toLowerCase();
IdentityZone zone = MockMvcUtils.createOtherIdentityZone(subdomain, mockMvc, webApplicationContext, false, IdentityZoneHolder.getCurrentZoneId());
zone.getConfig().getLinks().setSelfService(new Links.SelfService().setPasswd(null).setSignup(null));
return MockMvcUtils.updateIdentityZone(zone, webApplicationContext);
}
Aggregations