use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.
the class UserInfoResponseBaseTest method prepareApplicationManagementService.
protected void prepareApplicationManagementService(boolean appendTenantDomain, boolean appendUserStoreDomain) throws Exception {
ServiceProvider serviceProvider = new ServiceProvider();
when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
serviceProvider.setLocalAndOutBoundAuthenticationConfig(new LocalAndOutboundAuthenticationConfig());
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseTenantDomainInLocalSubjectIdentifier(appendTenantDomain);
serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseUserstoreDomainInLocalSubjectIdentifier(appendUserStoreDomain);
OAuth2ServiceComponentHolder.setApplicationMgtService(applicationManagementService);
}
use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.
the class PasswordGrantHandlerTest method testValidateGrantForException.
@Test(dataProvider = "GetValidateGrantForExceptionDataProvider", expectedExceptions = IdentityOAuth2Exception.class)
public void testValidateGrantForException(String tenantDomain, boolean authenticated, boolean isSaas, Exception e, String reasonForError) throws Exception {
mockStatic(OAuthServerConfiguration.class);
when(OAuthServerConfiguration.getInstance()).thenReturn(serverConfiguration);
when(serverConfiguration.getIdentityOauthTokenIssuer()).thenReturn(oauthIssuer);
mockStatic(MultitenantUtils.class);
when(MultitenantUtils.getTenantDomain(anyString())).thenReturn(tenantDomain);
when(tokReqMsgCtx.getOauth2AccessTokenReqDTO()).thenReturn(oAuth2AccessTokenReqDTO);
when(oAuth2AccessTokenReqDTO.getResourceOwnerUsername()).thenReturn("username");
when(oAuth2AccessTokenReqDTO.getClientId()).thenReturn(CLIENT_ID);
when(oAuth2AccessTokenReqDTO.getTenantDomain()).thenReturn("carbon.super");
when(oAuth2AccessTokenReqDTO.getResourceOwnerPassword()).thenReturn("password");
mockStatic(IdentityUtil.class);
when(IdentityUtil.extractDomainFromName(anyString())).thenReturn(PRIMARY_DEFAULT_DOMAIN_NAME);
when(MultitenantUtils.getTenantAwareUsername(anyString())).thenReturn("username");
mockStatic(OAuth2ServiceComponentHolder.class);
when(OAuth2ServiceComponentHolder.getApplicationMgtService()).thenReturn(applicationManagementService);
OAuthComponentServiceHolder.getInstance().setRealmService(realmService);
mockStatic(FrameworkUtils.class);
ResolvedUserResult resolvedUserResult = new ResolvedUserResult(ResolvedUserResult.UserResolvedStatus.FAIL);
when(FrameworkUtils.processMultiAttributeLoginIdentification(anyString(), anyString())).thenReturn(resolvedUserResult);
if (e instanceof IdentityApplicationManagementException) {
when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenThrow(e);
} else {
when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
when(serviceProvider.isSaasApp()).thenReturn(isSaas);
when(serviceProvider.getLocalAndOutBoundAuthenticationConfig()).thenReturn(localAndOutboundAuthenticationConfig);
}
when(realmService.getTenantUserRealm(anyInt())).thenReturn(userRealm);
if (e instanceof UserStoreException) {
when(userRealm.getUserStoreManager()).thenThrow(e);
} else {
when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
}
AuthenticationResult authenticationResult;
if (authenticated) {
org.wso2.carbon.user.core.common.User userObj = new org.wso2.carbon.user.core.common.User("c2de9b28-f258-4df0-ba29-f4803e4e821a", "username", "username");
userObj.setTenantDomain("dummyTenantDomain");
resolvedUserResult.setUser(userObj);
authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
authenticationResult.setAuthenticatedUser(userObj);
} else {
authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.FAIL);
}
when(userStoreManager.authenticateWithID(eq(UserCoreClaimConstants.USERNAME_CLAIM_URI), anyString(), anyObject(), eq(UserCoreConstants.DEFAULT_PROFILE))).thenReturn(authenticationResult);
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantIdOfUser(anyString())).thenReturn(1);
PasswordGrantHandler passwordGrantHandler = new PasswordGrantHandler();
passwordGrantHandler.validateGrant(tokReqMsgCtx);
fail("Password grant validation should fail with the reason " + reasonForError);
}
use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.
the class PasswordGrantHandlerTest method testValidateGrant.
@Test(dataProvider = "ValidateGrantDataProvider")
public void testValidateGrant(String username, boolean isSaas) throws Exception {
when(tokReqMsgCtx.getOauth2AccessTokenReqDTO()).thenReturn(oAuth2AccessTokenReqDTO);
when(oAuth2AccessTokenReqDTO.getResourceOwnerUsername()).thenReturn(username + "wso2.com");
when(oAuth2AccessTokenReqDTO.getClientId()).thenReturn(CLIENT_ID);
when(oAuth2AccessTokenReqDTO.getTenantDomain()).thenReturn("wso2.com");
when(oAuth2AccessTokenReqDTO.getResourceOwnerPassword()).thenReturn("randomPassword");
mockStatic(OAuthServerConfiguration.class);
when(OAuthServerConfiguration.getInstance()).thenReturn(serverConfiguration);
when(serverConfiguration.getIdentityOauthTokenIssuer()).thenReturn(oauthIssuer);
mockStatic(MultitenantUtils.class);
when(MultitenantUtils.getTenantDomain(anyString())).thenReturn("wso2.com");
when(MultitenantUtils.getTenantAwareUsername(anyString())).thenReturn(username);
mockStatic(OAuth2ServiceComponentHolder.class);
when(OAuth2ServiceComponentHolder.getApplicationMgtService()).thenReturn(applicationManagementService);
mockStatic(FrameworkUtils.class);
ResolvedUserResult resolvedUserResult = new ResolvedUserResult(ResolvedUserResult.UserResolvedStatus.FAIL);
when(FrameworkUtils.processMultiAttributeLoginIdentification(anyString(), anyString())).thenReturn(resolvedUserResult);
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantIdOfUser(anyString())).thenReturn(1);
mockStatic(UserCoreUtil.class);
when(UserCoreUtil.getDomainFromThreadLocal()).thenReturn("DOMAIN");
when(UserCoreUtil.removeDomainFromName(anyString())).thenReturn("wso2.com");
mockStatic(OAuthComponentServiceHolder.class);
when(OAuthComponentServiceHolder.getInstance()).thenReturn(oAuthComponentServiceHolder);
when(oAuthComponentServiceHolder.getRealmService()).thenReturn(realmService);
when(realmService.getTenantUserRealm(anyInt())).thenReturn(userRealm);
when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
org.wso2.carbon.user.core.common.User userObj = new org.wso2.carbon.user.core.common.User("c2de9b28-f258-4df0-ba29-f4803e4e821a", username, username);
userObj.setTenantDomain("dummyTenantDomain");
resolvedUserResult.setUser(userObj);
AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
authenticationResult.setAuthenticatedUser(userObj);
when(userStoreManager.authenticateWithID(eq(UserCoreClaimConstants.USERNAME_CLAIM_URI), anyString(), anyObject(), eq(UserCoreConstants.DEFAULT_PROFILE))).thenReturn(authenticationResult);
when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
when(serviceProvider.isSaasApp()).thenReturn(isSaas);
when(serviceProvider.getLocalAndOutBoundAuthenticationConfig()).thenReturn(localAndOutboundAuthenticationConfig);
when(localAndOutboundAuthenticationConfig.isUseUserstoreDomainInLocalSubjectIdentifier()).thenReturn(true);
when(localAndOutboundAuthenticationConfig.isUseTenantDomainInLocalSubjectIdentifier()).thenReturn(true);
PasswordGrantHandler passwordGrantHandler = new PasswordGrantHandler();
boolean isValid = passwordGrantHandler.validateGrant(tokReqMsgCtx);
assertTrue(isValid, "Password grant validation should be successful");
}
use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.
the class DefaultOIDCClaimsCallbackHandlerTest method testHandleCustomClaimsWithOAuthTokenReqMsgCtxtWithRoleDomainRemoved.
@Test
public void testHandleCustomClaimsWithOAuthTokenReqMsgCtxtWithRoleDomainRemoved() throws Exception {
JWTClaimsSet.Builder jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
OAuthTokenReqMessageContext requestMsgCtx = getTokenReqMessageContextForLocalUser();
ServiceProvider serviceProvider = getSpWithDefaultRequestedClaimsMappings();
mockApplicationManagementService(serviceProvider);
LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
// Enable user store domain removal for roles
localAndOutboundAuthenticationConfig.setUseUserstoreDomainInRoles(false);
serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
UserRealm userRealm = getUserRealmWithUserClaims(USER_CLAIMS_MAP_WITH_SECONDARY_ROLES);
mockUserRealm(requestMsgCtx.getAuthorizedUser().toString(), userRealm);
mockClaimHandler();
JWTClaimsSet jwtClaimsSet = getJwtClaimSet(jwtClaimsSetBuilder, requestMsgCtx);
assertNotNull(jwtClaimsSet);
assertNotNull(jwtClaimsSet.getClaim("username"));
assertEquals(jwtClaimsSet.getStringArrayClaim("role")[0], "role1");
assertEquals(jwtClaimsSet.getStringArrayClaim("role")[1], "role2");
}
use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.
the class SAML2BearerGrantHandlerTest method getServicProvider.
private ServiceProvider getServicProvider(boolean isTenantDomainInSubject, boolean isUserstoreDomainInSubject) {
serviceProvider = new ServiceProvider();
serviceProvider.setSaasApp(true);
LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
localAndOutboundAuthenticationConfig.setUseTenantDomainInLocalSubjectIdentifier(isTenantDomainInSubject);
localAndOutboundAuthenticationConfig.setUseUserstoreDomainInLocalSubjectIdentifier(isUserstoreDomainInSubject);
serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
return serviceProvider;
}
Aggregations