@Test
public void testSuccessfulValidation() throws Exception {
IdentityManager identityManager = getIdentityManager();
String accountName = "someUser";
Account user = createAccount(accountName);
Digest digestPassword = new Digest();
digestPassword.setRealm("pl-idm");
digestPassword.setUsername(accountName);
digestPassword.setPassword("somePassword");
identityManager.updateCredential(user, digestPassword);
digestPassword.setDigest(
DigestUtil.calculateA1(
accountName, digestPassword.getRealm(), digestPassword.getPassword().toCharArray()));
DigestCredentials credential = new DigestCredentials(digestPassword);
identityManager.validateCredentials(credential);
assertEquals(Credentials.Status.VALID, credential.getStatus());
assertNotNull(credential.getValidatedAccount());
assertEquals(user.getId(), credential.getValidatedAccount().getId());
}
@Test
public void testUserDisabled() throws Exception {
IdentityManager identityManager = getIdentityManager();
String accountName = "someUser";
Account user = createAccount(accountName);
Digest digestPassword = new Digest();
digestPassword.setRealm("pl-idm");
digestPassword.setUsername(accountName);
digestPassword.setPassword("somePassword");
identityManager.updateCredential(user, digestPassword);
digestPassword.setDigest(
DigestUtil.calculateA1(
accountName, digestPassword.getRealm(), digestPassword.getPassword().toCharArray()));
DigestCredentials credential = new DigestCredentials(digestPassword);
identityManager.validateCredentials(credential);
assertEquals(Credentials.Status.VALID, credential.getStatus());
user.setEnabled(false);
identityManager.update(user);
identityManager.validateCredentials(credential);
assertEquals(Credentials.Status.ACCOUNT_DISABLED, credential.getStatus());
}
@Test
@Configuration(exclude = LDAPStoreConfigurationTester.class)
public void testRetrieveCurrentCredential() throws Exception {
IdentityManager identityManager = getIdentityManager();
String accountName = "someUser";
Account user = createAccount(accountName);
Digest realmAPassword = new Digest();
realmAPassword.setRealm("Realm A");
realmAPassword.setUsername(accountName);
realmAPassword.setPassword("somePassword");
identityManager.updateCredential(user, realmAPassword);
DigestCredentialStorage currentStorage =
identityManager.retrieveCurrentCredential(user, DigestCredentialStorage.class);
assertNotNull(currentStorage);
assertTrue(CredentialUtils.isCurrentCredential(currentStorage));
assertNotNull(currentStorage.getEffectiveDate());
assertNotNull(currentStorage.getHa1());
assertNotNull(currentStorage.getRealm());
}
private String buildAuthorizationHeader(Digest digest, String userName, String password) {
String clientResponse = null;
digest.setUsername(userName);
digest.setMethod("GET");
digest.setUri("/digestProtectedUri/");
digest.setNonce(digest.getNonce());
digest.setClientNonce(digest.getNonce());
digest.setNonceCount("00001");
clientResponse = HTTPDigestUtil.clientResponseValue(digest, password.toCharArray());
StringBuilder str = new StringBuilder();
str.append("Digest ")
.append("username=\"")
.append(digest.getUsername())
.append("\",")
.append("realm=\"")
.append(digest.getRealm())
.append("\",")
.append("nonce=\"")
.append(digest.getNonce())
.append("\",")
.append("cnonce=\"")
.append(digest.getClientNonce())
.append("\",")
.append("uri=\"")
.append(digest.getUri())
.append("\",")
.append("qop=")
.append(digest.getQop())
.append(",")
.append("nc=")
.append(digest.getNonceCount())
.append(",")
.append("response=\"")
.append(clientResponse)
.append("\"");
return str.toString();
}
@Test
public void testMultipleRealms() throws Exception {
IdentityManager identityManager = getIdentityManager();
String accountName = "someUser";
Account user = createAccount(accountName);
Digest realmAPassword = new Digest();
realmAPassword.setRealm("Realm A");
realmAPassword.setUsername(accountName);
realmAPassword.setPassword("somePassword");
identityManager.updateCredential(user, realmAPassword);
Digest realmBPassword = new Digest();
realmBPassword.setRealm("Realm B");
realmBPassword.setUsername(accountName);
realmBPassword.setPassword("somePassword");
identityManager.updateCredential(user, realmBPassword);
realmAPassword.setDigest(
DigestUtil.calculateA1(
accountName, realmAPassword.getRealm(), realmAPassword.getPassword().toCharArray()));
DigestCredentials realmACredentials = new DigestCredentials(realmAPassword);
identityManager.validateCredentials(realmACredentials);
assertEquals(Credentials.Status.VALID, realmACredentials.getStatus());
realmBPassword.setDigest(
DigestUtil.calculateA1(
accountName, realmBPassword.getRealm(), realmBPassword.getPassword().toCharArray()));
DigestCredentials realmBCredentials = new DigestCredentials(realmBPassword);
identityManager.validateCredentials(realmBCredentials);
assertEquals(Credentials.Status.VALID, realmBCredentials.getStatus());
realmBPassword.setDigest(
DigestUtil.calculateA1(
accountName, realmAPassword.getRealm(), realmBPassword.getPassword().toCharArray()));
realmBCredentials = new DigestCredentials(realmBPassword);
identityManager.validateCredentials(realmBCredentials);
assertEquals(Credentials.Status.INVALID, realmBCredentials.getStatus());
}
@Test
public void testResetCredential() throws Exception {
IdentityManager identityManager = getIdentityManager();
String accountName = "someUser";
Account user = createAccount(accountName);
Digest digest = new Digest();
digest.setRealm("pl-idm");
digest.setUsername(accountName);
digest.setPassword("somePassword");
Calendar expirationDate = Calendar.getInstance();
expirationDate.add(Calendar.MINUTE, -1);
identityManager.updateCredential(user, digest, new Date(), expirationDate.getTime());
DigestCredentials credential = new DigestCredentials(digest);
digest.setDigest(
DigestUtil.calculateA1(accountName, digest.getRealm(), digest.getPassword().toCharArray()));
identityManager.validateCredentials(credential);
assertEquals(Credentials.Status.EXPIRED, credential.getStatus());
digest.setDigest(
DigestUtil.calculateA1(accountName, digest.getRealm(), "bad_password".toCharArray()));
identityManager.validateCredentials(credential);
assertEquals(Credentials.Status.INVALID, credential.getStatus());
Digest newPassword = new Digest();
newPassword.setRealm("pl-idm");
newPassword.setUsername(accountName);
newPassword.setPassword("someNewPassword");
identityManager.updateCredential(user, newPassword);
credential = new DigestCredentials(newPassword);
newPassword.setDigest(
DigestUtil.calculateA1(
accountName, newPassword.getRealm(), newPassword.getPassword().toCharArray()));
identityManager.validateCredentials(credential);
assertEquals(Credentials.Status.VALID, credential.getStatus());
}
