Search in sources :

Example 11 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.

the class UserInfoResponseBaseTest method prepareApplicationManagementService.

protected void prepareApplicationManagementService(boolean appendTenantDomain, boolean appendUserStoreDomain) throws Exception {
    ServiceProvider serviceProvider = new ServiceProvider();
    when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
    serviceProvider.setLocalAndOutBoundAuthenticationConfig(new LocalAndOutboundAuthenticationConfig());
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseTenantDomainInLocalSubjectIdentifier(appendTenantDomain);
    serviceProvider.getLocalAndOutBoundAuthenticationConfig().setUseUserstoreDomainInLocalSubjectIdentifier(appendUserStoreDomain);
    OAuth2ServiceComponentHolder.setApplicationMgtService(applicationManagementService);
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)

Example 12 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.

the class PasswordGrantHandlerTest method testValidateGrantForException.

@Test(dataProvider = "GetValidateGrantForExceptionDataProvider", expectedExceptions = IdentityOAuth2Exception.class)
public void testValidateGrantForException(String tenantDomain, boolean authenticated, boolean isSaas, Exception e, String reasonForError) throws Exception {
    mockStatic(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(serverConfiguration);
    when(serverConfiguration.getIdentityOauthTokenIssuer()).thenReturn(oauthIssuer);
    mockStatic(MultitenantUtils.class);
    when(MultitenantUtils.getTenantDomain(anyString())).thenReturn(tenantDomain);
    when(tokReqMsgCtx.getOauth2AccessTokenReqDTO()).thenReturn(oAuth2AccessTokenReqDTO);
    when(oAuth2AccessTokenReqDTO.getResourceOwnerUsername()).thenReturn("username");
    when(oAuth2AccessTokenReqDTO.getClientId()).thenReturn(CLIENT_ID);
    when(oAuth2AccessTokenReqDTO.getTenantDomain()).thenReturn("carbon.super");
    when(oAuth2AccessTokenReqDTO.getResourceOwnerPassword()).thenReturn("password");
    mockStatic(IdentityUtil.class);
    when(IdentityUtil.extractDomainFromName(anyString())).thenReturn(PRIMARY_DEFAULT_DOMAIN_NAME);
    when(MultitenantUtils.getTenantAwareUsername(anyString())).thenReturn("username");
    mockStatic(OAuth2ServiceComponentHolder.class);
    when(OAuth2ServiceComponentHolder.getApplicationMgtService()).thenReturn(applicationManagementService);
    OAuthComponentServiceHolder.getInstance().setRealmService(realmService);
    mockStatic(FrameworkUtils.class);
    ResolvedUserResult resolvedUserResult = new ResolvedUserResult(ResolvedUserResult.UserResolvedStatus.FAIL);
    when(FrameworkUtils.processMultiAttributeLoginIdentification(anyString(), anyString())).thenReturn(resolvedUserResult);
    if (e instanceof IdentityApplicationManagementException) {
        when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenThrow(e);
    } else {
        when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
        when(serviceProvider.isSaasApp()).thenReturn(isSaas);
        when(serviceProvider.getLocalAndOutBoundAuthenticationConfig()).thenReturn(localAndOutboundAuthenticationConfig);
    }
    when(realmService.getTenantUserRealm(anyInt())).thenReturn(userRealm);
    if (e instanceof UserStoreException) {
        when(userRealm.getUserStoreManager()).thenThrow(e);
    } else {
        when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
    }
    AuthenticationResult authenticationResult;
    if (authenticated) {
        org.wso2.carbon.user.core.common.User userObj = new org.wso2.carbon.user.core.common.User("c2de9b28-f258-4df0-ba29-f4803e4e821a", "username", "username");
        userObj.setTenantDomain("dummyTenantDomain");
        resolvedUserResult.setUser(userObj);
        authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
        authenticationResult.setAuthenticatedUser(userObj);
    } else {
        authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.FAIL);
    }
    when(userStoreManager.authenticateWithID(eq(UserCoreClaimConstants.USERNAME_CLAIM_URI), anyString(), anyObject(), eq(UserCoreConstants.DEFAULT_PROFILE))).thenReturn(authenticationResult);
    mockStatic(IdentityTenantUtil.class);
    when(IdentityTenantUtil.getTenantIdOfUser(anyString())).thenReturn(1);
    PasswordGrantHandler passwordGrantHandler = new PasswordGrantHandler();
    passwordGrantHandler.validateGrant(tokReqMsgCtx);
    fail("Password grant validation should fail with the reason " + reasonForError);
}
Also used : IdentityApplicationManagementException(org.wso2.carbon.identity.application.common.IdentityApplicationManagementException) AuthenticationResult(org.wso2.carbon.user.core.common.AuthenticationResult) UserStoreException(org.wso2.carbon.user.core.UserStoreException) ResolvedUserResult(org.wso2.carbon.identity.multi.attribute.login.mgt.ResolvedUserResult) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 13 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.

the class PasswordGrantHandlerTest method testValidateGrant.

@Test(dataProvider = "ValidateGrantDataProvider")
public void testValidateGrant(String username, boolean isSaas) throws Exception {
    when(tokReqMsgCtx.getOauth2AccessTokenReqDTO()).thenReturn(oAuth2AccessTokenReqDTO);
    when(oAuth2AccessTokenReqDTO.getResourceOwnerUsername()).thenReturn(username + "wso2.com");
    when(oAuth2AccessTokenReqDTO.getClientId()).thenReturn(CLIENT_ID);
    when(oAuth2AccessTokenReqDTO.getTenantDomain()).thenReturn("wso2.com");
    when(oAuth2AccessTokenReqDTO.getResourceOwnerPassword()).thenReturn("randomPassword");
    mockStatic(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(serverConfiguration);
    when(serverConfiguration.getIdentityOauthTokenIssuer()).thenReturn(oauthIssuer);
    mockStatic(MultitenantUtils.class);
    when(MultitenantUtils.getTenantDomain(anyString())).thenReturn("wso2.com");
    when(MultitenantUtils.getTenantAwareUsername(anyString())).thenReturn(username);
    mockStatic(OAuth2ServiceComponentHolder.class);
    when(OAuth2ServiceComponentHolder.getApplicationMgtService()).thenReturn(applicationManagementService);
    mockStatic(FrameworkUtils.class);
    ResolvedUserResult resolvedUserResult = new ResolvedUserResult(ResolvedUserResult.UserResolvedStatus.FAIL);
    when(FrameworkUtils.processMultiAttributeLoginIdentification(anyString(), anyString())).thenReturn(resolvedUserResult);
    mockStatic(IdentityTenantUtil.class);
    when(IdentityTenantUtil.getTenantIdOfUser(anyString())).thenReturn(1);
    mockStatic(UserCoreUtil.class);
    when(UserCoreUtil.getDomainFromThreadLocal()).thenReturn("DOMAIN");
    when(UserCoreUtil.removeDomainFromName(anyString())).thenReturn("wso2.com");
    mockStatic(OAuthComponentServiceHolder.class);
    when(OAuthComponentServiceHolder.getInstance()).thenReturn(oAuthComponentServiceHolder);
    when(oAuthComponentServiceHolder.getRealmService()).thenReturn(realmService);
    when(realmService.getTenantUserRealm(anyInt())).thenReturn(userRealm);
    when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
    org.wso2.carbon.user.core.common.User userObj = new org.wso2.carbon.user.core.common.User("c2de9b28-f258-4df0-ba29-f4803e4e821a", username, username);
    userObj.setTenantDomain("dummyTenantDomain");
    resolvedUserResult.setUser(userObj);
    AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
    authenticationResult.setAuthenticatedUser(userObj);
    when(userStoreManager.authenticateWithID(eq(UserCoreClaimConstants.USERNAME_CLAIM_URI), anyString(), anyObject(), eq(UserCoreConstants.DEFAULT_PROFILE))).thenReturn(authenticationResult);
    when(applicationManagementService.getServiceProviderByClientId(anyString(), anyString(), anyString())).thenReturn(serviceProvider);
    when(serviceProvider.isSaasApp()).thenReturn(isSaas);
    when(serviceProvider.getLocalAndOutBoundAuthenticationConfig()).thenReturn(localAndOutboundAuthenticationConfig);
    when(localAndOutboundAuthenticationConfig.isUseUserstoreDomainInLocalSubjectIdentifier()).thenReturn(true);
    when(localAndOutboundAuthenticationConfig.isUseTenantDomainInLocalSubjectIdentifier()).thenReturn(true);
    PasswordGrantHandler passwordGrantHandler = new PasswordGrantHandler();
    boolean isValid = passwordGrantHandler.validateGrant(tokReqMsgCtx);
    assertTrue(isValid, "Password grant validation should be successful");
}
Also used : ResolvedUserResult(org.wso2.carbon.identity.multi.attribute.login.mgt.ResolvedUserResult) AuthenticationResult(org.wso2.carbon.user.core.common.AuthenticationResult) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 14 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCClaimsCallbackHandlerTest method testHandleCustomClaimsWithOAuthTokenReqMsgCtxtWithRoleDomainRemoved.

@Test
public void testHandleCustomClaimsWithOAuthTokenReqMsgCtxtWithRoleDomainRemoved() throws Exception {
    JWTClaimsSet.Builder jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
    OAuthTokenReqMessageContext requestMsgCtx = getTokenReqMessageContextForLocalUser();
    ServiceProvider serviceProvider = getSpWithDefaultRequestedClaimsMappings();
    mockApplicationManagementService(serviceProvider);
    LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
    // Enable user store domain removal for roles
    localAndOutboundAuthenticationConfig.setUseUserstoreDomainInRoles(false);
    serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
    UserRealm userRealm = getUserRealmWithUserClaims(USER_CLAIMS_MAP_WITH_SECONDARY_ROLES);
    mockUserRealm(requestMsgCtx.getAuthorizedUser().toString(), userRealm);
    mockClaimHandler();
    JWTClaimsSet jwtClaimsSet = getJwtClaimSet(jwtClaimsSetBuilder, requestMsgCtx);
    assertNotNull(jwtClaimsSet);
    assertNotNull(jwtClaimsSet.getClaim("username"));
    assertEquals(jwtClaimsSet.getStringArrayClaim("role")[0], "role1");
    assertEquals(jwtClaimsSet.getStringArrayClaim("role")[1], "role2");
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) UserRealm(org.wso2.carbon.user.core.UserRealm) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) AttributeBuilder(org.opensaml.saml.saml2.core.impl.AttributeBuilder) OAuthTokenReqMessageContext(org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) SAML2BearerGrantHandlerTest(org.wso2.carbon.identity.oauth2.token.handlers.grant.saml.SAML2BearerGrantHandlerTest) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 15 with LocalAndOutboundAuthenticationConfig

use of org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig in project identity-inbound-auth-oauth by wso2-extensions.

the class SAML2BearerGrantHandlerTest method getServicProvider.

private ServiceProvider getServicProvider(boolean isTenantDomainInSubject, boolean isUserstoreDomainInSubject) {
    serviceProvider = new ServiceProvider();
    serviceProvider.setSaasApp(true);
    LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
    localAndOutboundAuthenticationConfig.setUseTenantDomainInLocalSubjectIdentifier(isTenantDomainInSubject);
    localAndOutboundAuthenticationConfig.setUseUserstoreDomainInLocalSubjectIdentifier(isUserstoreDomainInSubject);
    serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
    return serviceProvider;
}
Also used : LocalAndOutboundAuthenticationConfig(org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider)

Aggregations

LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig)24 LocalAndOutboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAndOutboundAuthenticationConfig)13 ServiceProvider (org.wso2.carbon.identity.application.common.model.ServiceProvider)12 AuthenticationStep (org.wso2.carbon.identity.application.common.model.AuthenticationStep)8 ClaimConfig (org.wso2.carbon.identity.application.common.model.ClaimConfig)7 AuthenticationStep (org.wso2.carbon.identity.application.common.model.xsd.AuthenticationStep)7 PreparedStatement (java.sql.PreparedStatement)6 ArrayList (java.util.ArrayList)6 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)6 Test (org.testng.annotations.Test)6 IdentityProvider (org.wso2.carbon.identity.application.common.model.IdentityProvider)6 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.xsd.LocalAuthenticatorConfig)6 NamedPreparedStatement (org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)5 IdentityApplicationManagementException (org.wso2.carbon.identity.application.common.IdentityApplicationManagementException)5 ResultSet (java.sql.ResultSet)4 LocalAuthenticatorConfig (org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig)4 User (org.wso2.carbon.identity.application.common.model.User)4 InboundAuthenticationConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationConfig)4 InboundAuthenticationRequestConfig (org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig)4 ApplicationConfig (org.wso2.carbon.identity.application.authentication.framework.config.model.ApplicationConfig)3