Beispiel #1
0
 @Before
 public void setUp() throws Exception {
   ((RestTemplate) restOperations)
       .setRequestFactory(new IntegrationTestUtils.StatelessRequestFactory());
   ClientCredentialsResourceDetails clientCredentials =
       getClientCredentialsResource(
           new String[] {"scim.write"},
           testAccounts.getAdminClientId(),
           testAccounts.getAdminClientSecret());
   client = IntegrationTestUtils.getClientCredentialsTempate(clientCredentials);
   user =
       createUser(
           new RandomValueStringGenerator().generate(),
           "openiduser",
           "openidlast",
           "test@openid,com",
           true);
 }
  @Test
  public void testCreateZone() throws Exception {
    String zoneId = UUID.randomUUID().toString();
    String requestBody =
        "{\"id\":\""
            + zoneId
            + "\", \"subdomain\":\""
            + zoneId
            + "\", \"name\":\"testCreateZone() "
            + zoneId
            + "\"}";

    HttpHeaders headers = new HttpHeaders();
    headers.add("Accept", MediaType.APPLICATION_JSON_VALUE);
    headers.add("Content-Type", MediaType.APPLICATION_JSON_VALUE);

    ResponseEntity<Void> response =
        client.exchange(
            serverRunning.getUrl("/identity-zones"),
            HttpMethod.POST,
            new HttpEntity<>(requestBody, headers),
            new ParameterizedTypeReference<Void>() {});

    assertEquals(HttpStatus.CREATED, response.getStatusCode());

    RestTemplate adminClient =
        IntegrationTestUtils.getClientCredentialsTemplate(
            IntegrationTestUtils.getClientCredentialsResource(
                serverRunning.getBaseUrl(), new String[0], "admin", "adminsecret"));
    String email = new RandomValueStringGenerator().generate() + "@samltesting.org";
    ScimUser user =
        IntegrationTestUtils.createUser(
            adminClient, serverRunning.getBaseUrl(), email, "firstname", "lastname", email, true);
    IntegrationTestUtils.makeZoneAdmin(client, serverRunning.getBaseUrl(), user.getId(), zoneId);

    String zoneAdminToken =
        IntegrationTestUtils.getAuthorizationCodeToken(
            serverRunning,
            UaaTestAccounts.standard(serverRunning),
            "identity",
            "identitysecret",
            email,
            "secr3T");

    headers.add("Authorization", "bearer " + zoneAdminToken);
    headers.add(IdentityZoneSwitchingFilter.HEADER, zoneId);
    ResponseEntity<List<IdentityProvider>> idpList =
        new RestTemplate()
            .exchange(
                serverRunning.getUrl("/identity-providers"),
                HttpMethod.GET,
                new HttpEntity<>(null, headers),
                new ParameterizedTypeReference<List<IdentityProvider>>() {});

    IdentityProvider identityProvider = idpList.getBody().get(0);
    assertThat(identityProvider.getIdentityZoneId(), is(zoneId));
    assertThat(identityProvider.getOriginKey(), is(Origin.UAA));

    // the default created zone does have a definition, but no policy
    assertNotNull(identityProvider.getConfigValue(UaaIdentityProviderDefinition.class));
    assertNull(
        identityProvider.getConfigValue(UaaIdentityProviderDefinition.class).getPasswordPolicy());
  }
Beispiel #3
0
 private ScimUser createUser(
     String username, String firstName, String lastName, String email, boolean verified) {
   return IntegrationTestUtils.createUser(
       client, uaaUrl, username, firstName, lastName, email, verified);
 }
Beispiel #4
0
  private void doOpenIdHybridFlowIdTokenAndCode(
      Set<String> responseTypes, String responseTypeMatcher) throws Exception {

    HttpHeaders headers = new HttpHeaders();
    // TODO: should be able to handle just TEXT_HTML
    headers.setAccept(Arrays.asList(MediaType.TEXT_HTML, MediaType.ALL));

    StringBuilder responseType = new StringBuilder();
    Iterator<String> rTypes = responseTypes.iterator();
    while (rTypes.hasNext()) {
      String type = rTypes.next();
      responseType.append(type);
      if (rTypes.hasNext()) {
        responseType.append(" ");
      }
    }
    String state = new RandomValueStringGenerator().generate();
    String clientId = "app";
    String clientSecret = "appclientsecret";
    String redirectUri = "http://*****:*****@SuppressWarnings("rawtypes")
    ResponseEntity<Map> tokenResponse =
        restOperations.exchange(
            loginUrl + "/oauth/token",
            HttpMethod.POST,
            new HttpEntity<>(formData, tokenHeaders),
            Map.class);
    assertEquals(HttpStatus.OK, tokenResponse.getStatusCode());
    @SuppressWarnings("unchecked")
    Map<String, String> body = tokenResponse.getBody();
    Jwt token = JwtHelper.decode(body.get("access_token"));
    assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"aud\""));
    assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"user_id\""));
  }
Beispiel #5
0
 private ClientCredentialsResourceDetails getClientCredentialsResource(
     String[] scope, String clientId, String clientSecret) {
   return IntegrationTestUtils.getClientCredentialsResource(uaaUrl, scope, clientId, clientSecret);
 }