use of uk.gov.pay.adminusers.model.User in project pay-adminusers by alphagov.
the class UserServices method authenticateSecondFactor.
@Transactional
public Optional<User> authenticateSecondFactor(String externalId, int code) {
logger.debug("OTP attempt - user_id={}", externalId);
ZonedDateTime now = ZonedDateTime.now(ZoneId.of("UTC"));
return userDao.findByExternalId(externalId).map(userEntity -> {
if (userEntity.isDisabled()) {
logger.warn("Failed OTP attempt - user_id={}, login_counter={}. Authenticate Second Factor attempted for a disabled User", userEntity.getExternalId(), userEntity.getLoginCounter());
return Optional.<User>empty();
}
if (secondFactorAuthenticator.authorize(userEntity.getOtpKey(), code)) {
userEntity.setLoginCounter(0);
userEntity.setUpdatedAt(now);
userEntity.setLastLoggedInAt(now);
userDao.merge(userEntity);
logger.info("Successful OTP. user_id={}", userEntity.getExternalId());
return Optional.of(linksBuilder.decorate(userEntity.toUser()));
} else {
userEntity.setLoginCounter(userEntity.getLoginCounter() + 1);
userEntity.setUpdatedAt(now);
userEntity.setDisabled(userEntity.getLoginCounter() > loginAttemptCap);
userDao.merge(userEntity);
if (userEntity.isDisabled()) {
logger.warn("Failed OTP attempt - user_id={}, login_counter={}. Invalid second factor in an account currently locked", userEntity.getExternalId(), userEntity.getLoginCounter());
} else {
logger.info("Failed OTP attempt - user_id={}, login_counter={}. Invalid second factor attempt.", userEntity.getExternalId(), userEntity.getLoginCounter());
}
return Optional.<User>empty();
}
}).orElseGet(() -> {
// this cannot happen unless a bug in selfservice
logger.error("Authenticate 2FA token attempted for non-existent User [{}]", externalId);
return Optional.empty();
});
}
use of uk.gov.pay.adminusers.model.User in project pay-adminusers by alphagov.
the class UserResourceSecondFactorAuthenticationIT method createValidUser.
@BeforeEach
public void createValidUser() {
String username = randomUuid();
String email = username + "@example.com";
User user = userDbFixture(databaseHelper).withOtpKey(OTP_KEY).withUsername(username).withEmail(email).insertUser();
this.externalId = user.getExternalId();
this.username = user.getUsername();
}
use of uk.gov.pay.adminusers.model.User in project pay-adminusers by alphagov.
the class UserResourceUpdateServiceRoleIT method shouldUpdateUserServiceRole.
@Test
public void shouldUpdateUserServiceRole() {
Role role = roleDbFixture(databaseHelper).insertAdmin();
Service service = serviceDbFixture(databaseHelper).insertService();
String serviceExternalId = service.getExternalId();
String username1 = randomUuid();
String email1 = username1 + "@example.com";
User user = userDbFixture(databaseHelper).withServiceRole(service, role.getId()).withUsername(username1).withEmail(email1).insertUser();
String username2 = randomUuid();
String email2 = username2 + "@example.com";
userDbFixture(databaseHelper).withServiceRole(service, role.getId()).withUsername(username2).withEmail(email2).insertUser();
JsonNode payload = mapper.valueToTree(Map.of("role_name", "view-and-refund"));
givenSetup().when().contentType(JSON).body(payload).put(format(USER_SERVICE_RESOURCE, user.getExternalId(), serviceExternalId)).then().statusCode(200).body("username", is(user.getUsername())).body("service_roles[0].role.name", is("view-and-refund")).body("service_roles[0].role.description", is("View and Refund"));
}
use of uk.gov.pay.adminusers.model.User in project pay-adminusers by alphagov.
the class UserCreatorTest method shouldSaveAndReturnUser_forValidUserCreationRequest.
@Test
public void shouldSaveAndReturnUser_forValidUserCreationRequest() {
String validRole = "validRole";
when(mockRoleDao.findByRoleName(validRole)).thenReturn(Optional.of(mock(RoleEntity.class)));
CreateUserRequest request = CreateUserRequest.from("email@example.com", "password", "email@example.com", null, null, "otpKey", "3745838475", null);
User user = userCreator.doCreate(request, validRole);
verify(mockUserDao).persist(expectedUser.capture());
assertThat(expectedUser.getValue().getEmail(), is("email@example.com"));
assertThat(user.getEmail(), is("email@example.com"));
assertThat(user.getSecondFactor(), is(SecondFactorMethod.SMS));
assertThat(user.getServiceRoles().size(), is(0));
}
use of uk.gov.pay.adminusers.model.User in project pay-adminusers by alphagov.
the class LinksBuilderTest method shouldConstruct_userSelfLinkCorrectly.
@Test
void shouldConstruct_userSelfLinkCorrectly() throws Exception {
Service service = Service.from(2, "34783g87ebg764r", new ServiceName(Service.DEFAULT_NAME_VALUE));
Role role = Role.role(2, "blah", "blah");
ServiceRole serviceRole = ServiceRole.from(service, role);
User user = User.from(randomInt(), randomUuid(), "a-username", "a-password", "email@example.com", "4wrwef", "123435", Collections.singletonList(serviceRole), null, SecondFactorMethod.SMS, null, null, null);
User decoratedUser = linksBuilder.decorate(user);
String linkJson = objectMapper.writeValueAsString(decoratedUser.getLinks().get(0));
assertThat(linkJson, is("{\"rel\":\"self\",\"method\":\"GET\",\"href\":\"http://localhost:8080/v1/api/users/" + decoratedUser.getExternalId() + "\"}"));
}
Aggregations