@Test
public void testCreateUserCheckSalt() throws Exception {
ScimUser scimUser = new ScimUser("user-id-3", "*****@*****.**", "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue("*****@*****.**");
scimUser.setEmails(Arrays.asList(email));
scimUser.setPassword("password");
scimUser.setSalt("salt");
scimUser = db.create(scimUser);
assertNotNull(scimUser);
assertEquals("salt", scimUser.getSalt());
scimUser.setSalt("newsalt");
scimUser = db.update(scimUser.getId(), scimUser);
assertNotNull(scimUser);
assertEquals("newsalt", scimUser.getSalt());
}
@Test
public void testUpdateUserPasswordDoesntChange() throws Exception {
String username = "******" + new RandomValueStringGenerator().generate() + "@test.org";
ScimUser scimUser = new ScimUser(null, username, "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue(username);
scimUser.setEmails(Arrays.asList(email));
scimUser.setSalt("salt");
scimUser = db.createUser(scimUser, "password");
assertNotNull(scimUser);
assertEquals("salt", scimUser.getSalt());
scimUser.setSalt("newsalt");
String passwordHash =
jdbcTemplate.queryForObject(
"select password from users where id=?", new Object[] {scimUser.getId()}, String.class);
assertNotNull(passwordHash);
db.changePassword(scimUser.getId(), null, "password");
assertEquals(
passwordHash,
jdbcTemplate.queryForObject(
"select password from users where id=?",
new Object[] {scimUser.getId()},
String.class));
db.changePassword(scimUser.getId(), "password", "password");
assertEquals(
passwordHash,
jdbcTemplate.queryForObject(
"select password from users where id=?",
new Object[] {scimUser.getId()},
String.class));
}
@Test
public void createUserWithNoZoneDefaultsToUAAZone() {
String id = UUID.randomUUID().toString();
jdbcTemplate.execute(
String.format(
OLD_ADD_USER_SQL_FORMAT,
id,
"test-username",
"password",
"*****@*****.**",
"givenName",
"familyName",
"1234567890"));
ScimUser user = db.retrieve(id);
assertEquals("uaa", user.getZoneId());
assertNull(user.getSalt());
}
@Test
public void updateModifiesExpectedData() {
ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser");
jo.addEmail("*****@*****.**");
jo.setUserType(UaaAuthority.UAA_ADMIN.getUserType());
jo.setSalt("salt");
ScimUser joe = db.update(JOE_ID, jo);
// Can change username
assertEquals("josephine", joe.getUserName());
assertEquals("*****@*****.**", joe.getPrimaryEmail());
assertEquals("Jo", joe.getGivenName());
assertEquals("NewUser", joe.getFamilyName());
assertEquals(1, joe.getVersion());
assertEquals(JOE_ID, joe.getId());
assertNull(joe.getGroups());
assertEquals("salt", joe.getSalt());
}