@Test public void test_cannot_delete_uaa_zone_users() throws Exception { ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User"); user.addEmail("*****@*****.**"); user.setOrigin(UAA); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertEquals(UAA, created.getOrigin()); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {UAA, IdentityZone.getUaa().getId()}, Integer.class), is(3)); IdentityProvider loginServer = new IdentityProvider().setOriginKey(UAA).setIdentityZoneId(IdentityZone.getUaa().getId()); db.onApplicationEvent(new EntityDeletedEvent<>(loginServer)); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {UAA, IdentityZone.getUaa().getId()}, Integer.class), is(3)); }
@Test public void validateOriginAndExternalIDDuringCreateAndUpdate() { String origin = "test"; String externalId = "testId"; ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User"); user.setOrigin(origin); user.setExternalId(externalId); user.addEmail("*****@*****.**"); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertNotSame(user.getId(), created.getId()); Map<String, Object> map = template.queryForMap("select * from users where id=?", created.getId()); assertEquals(user.getUserName(), map.get("userName")); assertEquals(user.getUserType(), map.get(UaaAuthority.UAA_USER.getUserType())); assertNull(created.getGroups()); assertEquals(origin, created.getOrigin()); assertEquals(externalId, created.getExternalId()); String origin2 = "test2"; String externalId2 = "testId2"; created.setOrigin(origin2); created.setExternalId(externalId2); ScimUser updated = db.update(created.getId(), created); assertEquals(origin2, updated.getOrigin()); assertEquals(externalId2, updated.getExternalId()); }
@Test public void test_cannot_delete_uaa_provider_users_in_other_zone() throws Exception { String id = generator.generate(); IdentityZone zone = MultitenancyFixture.identityZone(id, id); IdentityZoneHolder.set(zone); ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User"); user.addEmail("*****@*****.**"); user.setOrigin(UAA); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertEquals(UAA, created.getOrigin()); assertEquals(zone.getId(), created.getZoneId()); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {UAA, zone.getId()}, Integer.class), is(1)); IdentityProvider loginServer = new IdentityProvider().setOriginKey(UAA).setIdentityZoneId(zone.getId()); db.onApplicationEvent(new EntityDeletedEvent<>(loginServer)); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {UAA, zone.getId()}, Integer.class), is(1)); }
@Test(expected = InvalidScimResourceException.class) public void updateWithBadUsernameIsError() { ScimUser jo = new ScimUser(null, "jo$ephine", "Jo", "NewUser"); jo.addEmail("*****@*****.**"); jo.setVersion(1); ScimUser joe = db.update(JOE_ID, jo); assertEquals("joe", joe.getUserName()); }
@Test public void updateWithEmptyPhoneNumberWorks() { ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser"); PhoneNumber emptyNumber = new PhoneNumber(); jo.addEmail("*****@*****.**"); jo.setPhoneNumbers(Arrays.asList(emptyNumber)); ScimUser joe = db.update(JOE_ID, jo); }
private ScimUser getScimUser() { String email = "joe@" + generator.generate().toLowerCase() + ".com"; ScimUser user = new ScimUser(); user.setUserName(email); user.setName(new ScimUser.Name("Joe", "User")); user.addEmail(email); return user; }
@Test public void canCreateUserWithExclamationMarkInUsername() { String userName = "******"; ScimUser user = new ScimUser(null, userName, "Jo", "User"); user.addEmail(userName); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals(userName, created.getUserName()); }
@Test(expected = OptimisticLockingFailureException.class) public void updateWithWrongVersionIsError() { ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser"); jo.addEmail("*****@*****.**"); jo.setVersion(1); ScimUser joe = db.update(JOE_ID, jo); assertEquals("joe", joe.getUserName()); }
@Test public void test_Create_User_More_Than_One_Email() throws Exception { ScimUser scimUser = getScimUser(); String secondEmail = "joe@" + generator.generate().toLowerCase() + ".com"; scimUser.addEmail(secondEmail); createUserAndReturnResult(scimUser, scimReadWriteToken, null, null) .andExpect(status().isBadRequest()); }
private ResponseEntity<ScimUser> createUser( String username, String firstName, String lastName, String email) { ScimUser user = new ScimUser(); user.setUserName(username); user.setName(new ScimUser.Name(firstName, lastName)); user.addEmail(email); user.setPassword("pas5Word"); user.setVerified(true); return client.postForEntity(serverRunning.getUrl(userEndpoint), user, ScimUser.class); }
@Before public void setup() { JdbcTemplate jdbcTemplate = new JdbcTemplate(database); JdbcScimUserProvisioning dao = new JdbcScimUserProvisioning( jdbcTemplate, new JdbcPagingListFactory(jdbcTemplate, new DefaultLimitSqlAdapter())); dao.setPasswordEncoder(NoOpPasswordEncoder.getInstance()); endpoints = new PasswordChangeEndpoint(); endpoints.setScimUserProvisioning(dao); joel = new ScimUser(null, "jdsa", "Joel", "D'sa"); joel.addEmail("*****@*****.**"); dale = new ScimUser(null, "olds", "Dale", "Olds"); dale.addEmail("*****@*****.**"); joel = dao.createUser(joel, "password"); dale = dao.createUser(dale, "password"); }
@Test public void updateCannotModifyGroups() { ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser"); jo.addEmail("*****@*****.**"); jo.setGroups(Collections.singleton(new Group(null, "dash/user"))); ScimUser joe = db.update(JOE_ID, jo); assertEquals(JOE_ID, joe.getId()); assertNull(joe.getGroups()); }
@Test public void test_can_delete_zone_users() throws Exception { String id = generator.generate(); IdentityZone zone = MultitenancyFixture.identityZone(id, id); IdentityZoneHolder.set(zone); ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User"); user.addEmail("*****@*****.**"); user.setOrigin(UAA); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertEquals(UAA, created.getOrigin()); assertEquals(zone.getId(), created.getZoneId()); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {UAA, zone.getId()}, Integer.class), is(1)); addApprovalAndMembership(created.getId(), created.getOrigin()); assertThat( jdbcTemplate.queryForObject( "select count(*) from authz_approvals where user_id=?", new Object[] {created.getId()}, Integer.class), is(1)); assertThat( jdbcTemplate.queryForObject( "select count(*) from group_membership where member_id=?", new Object[] {created.getId()}, Integer.class), is(1)); db.onApplicationEvent(new EntityDeletedEvent<>(zone)); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {UAA, zone.getId()}, Integer.class), is(0)); assertThat( jdbcTemplate.queryForObject( "select count(*) from authz_approvals where user_id=?", new Object[] {created.getId()}, Integer.class), is(0)); assertThat( jdbcTemplate.queryForObject( "select count(*) from group_membership where member_id=?", new Object[] {created.getId()}, Integer.class), is(0)); }
@Test public void test_can_delete_provider_users_in_default_zone() throws Exception { ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User"); user.addEmail("*****@*****.**"); user.setOrigin(LOGIN_SERVER); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertEquals(LOGIN_SERVER, created.getOrigin()); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {LOGIN_SERVER, IdentityZone.getUaa().getId()}, Integer.class), is(1)); addApprovalAndMembership(created.getId(), created.getOrigin()); assertThat( jdbcTemplate.queryForObject( "select count(*) from authz_approvals where user_id=?", new Object[] {created.getId()}, Integer.class), is(1)); assertThat( jdbcTemplate.queryForObject( "select count(*) from group_membership where member_id=?", new Object[] {created.getId()}, Integer.class), is(1)); IdentityProvider loginServer = new IdentityProvider() .setOriginKey(LOGIN_SERVER) .setIdentityZoneId(IdentityZone.getUaa().getId()); db.onApplicationEvent(new EntityDeletedEvent<>(loginServer)); assertThat( jdbcTemplate.queryForObject( "select count(*) from users where origin=? and identity_zone_id=?", new Object[] {LOGIN_SERVER, IdentityZone.getUaa().getId()}, Integer.class), is(0)); assertThat( jdbcTemplate.queryForObject( "select count(*) from authz_approvals where user_id=?", new Object[] {created.getId()}, Integer.class), is(0)); assertThat( jdbcTemplate.queryForObject( "select count(*) from group_membership where member_id=?", new Object[] {created.getId()}, Integer.class), is(0)); }
@Test public void canCreateUserWithoutGivenNameAndFamilyName() { ScimUser user = new ScimUser(null, "*****@*****.**", null, null); user.addEmail("*****@*****.**"); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertNotSame(user.getId(), created.getId()); Map<String, Object> map = template.queryForMap("select * from users where id=?", created.getId()); assertEquals(user.getUserName(), map.get("userName")); assertEquals(user.getUserType(), map.get(UaaAuthority.UAA_USER.getUserType())); assertNull(created.getGroups()); }
private ScimUser setUpScimUser(IdentityZone zone) { IdentityZone original = IdentityZoneHolder.get(); try { IdentityZoneHolder.set(zone); String email = "joe@" + generator.generate().toLowerCase() + ".com"; ScimUser joel = new ScimUser(null, email, "Joel", "D'sa"); joel.setVerified(false); joel.addEmail(email); joel = usersRepository.createUser(joel, USER_PASSWORD); return joel; } finally { IdentityZoneHolder.set(original); } }
@Test public void updateModifiesExpectedData() { ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser"); jo.addEmail("*****@*****.**"); jo.setUserType(UaaAuthority.UAA_ADMIN.getUserType()); ScimUser joe = db.update(JOE_ID, jo); // Can change username assertEquals("josephine", joe.getUserName()); assertEquals("*****@*****.**", joe.getPrimaryEmail()); assertEquals("Jo", joe.getGivenName()); assertEquals("NewUser", joe.getFamilyName()); assertEquals(1, joe.getVersion()); assertEquals(JOE_ID, joe.getId()); assertNull(joe.getGroups()); }
protected ScimUser updateUser(String token, int status) throws Exception { ScimUserProvisioning usersRepository = getWebApplicationContext().getBean(ScimUserProvisioning.class); String email = "otheruser@" + generator.generate().toLowerCase() + ".com"; ScimUser user = new ScimUser(null, email, "Other", "User"); user.addEmail(email); user = usersRepository.createUser(user, "pas5Word"); if (status == HttpStatus.BAD_REQUEST.value()) { user.setUserName(null); } else { String username2 = "ou" + generator.generate().toLowerCase(); user.setUserName(username2); } user.setName(new ScimUser.Name("Joe", "Smith")); return updateUser(token, status, user); }
private ScimUser createUnapprovedUser() throws Exception { String userName = "******" + new RandomValueStringGenerator().generate(); String userEmail = userName + "@example.com"; RestOperations restTemplate = serverRunning.getRestTemplate(); ScimUser user = new ScimUser(); user.setUserName(userName); user.setPassword("s3Cretsecret"); user.addEmail(userEmail); user.setActive(true); user.setVerified(true); ResponseEntity<ScimUser> result = restTemplate.postForEntity(serverRunning.getUrl("/Users"), user, ScimUser.class); assertEquals(HttpStatus.CREATED, result.getStatusCode()); return user; }
@Test public void canCreateUserInOtherIdentityZone() { String otherZoneId = "my-zone-id"; createOtherIdentityZone(otherZoneId); String idpId = createOtherIdentityProvider(OriginKeys.UAA, otherZoneId); ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User"); user.addEmail("*****@*****.**"); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertNotSame(user.getId(), created.getId()); Map<String, Object> map = jdbcTemplate.queryForMap("select * from users where id=?", created.getId()); assertEquals(user.getUserName(), map.get("userName")); assertEquals(user.getUserType(), map.get(UaaAuthority.UAA_USER.getUserType())); assertNull(created.getGroups()); assertEquals(OriginKeys.UAA, created.getOrigin()); assertEquals("my-zone-id", map.get("identity_zone_id")); }
@Override public ScimUser mapRow(ResultSet rs, int rowNum) throws SQLException { String id = rs.getString(1); int version = rs.getInt(2); Date created = rs.getTimestamp(3); Date lastModified = rs.getTimestamp(4); String userName = rs.getString(5); String email = rs.getString(6); String givenName = rs.getString(7); String familyName = rs.getString(8); boolean active = rs.getBoolean(9); String phoneNumber = rs.getString(10); boolean verified = rs.getBoolean(11); String origin = rs.getString(12); String externalId = rs.getString(13); String zoneId = rs.getString(14); String salt = rs.getString(15); Date passwordLastModified = rs.getTimestamp(16); ScimUser user = new ScimUser(); user.setId(id); ScimMeta meta = new ScimMeta(); meta.setVersion(version); meta.setCreated(created); meta.setLastModified(lastModified); user.setMeta(meta); user.setUserName(userName); user.addEmail(email); if (phoneNumber != null) { user.addPhoneNumber(phoneNumber); } Name name = new Name(); name.setGivenName(givenName); name.setFamilyName(familyName); user.setName(name); user.setActive(active); user.setVerified(verified); user.setOrigin(origin); user.setExternalId(externalId); user.setZoneId(zoneId); user.setSalt(salt); user.setPasswordLastModified(passwordLastModified); return user; }
@Test public void canModifyPassword() throws Exception { ScimUser user = new ScimUser(null, generator.generate() + "@foo.com", "Jo", "User"); user.addEmail(user.getUserName()); ScimUser created = db.createUser(user, "j7hyqpassX"); assertNull(user.getPasswordLastModified()); assertNotNull(created.getPasswordLastModified()); assertEquals( (created.getMeta().getCreated().getTime() / 1000l) * 1000l, created.getPasswordLastModified().getTime()); Thread.sleep(10); db.changePassword(created.getId(), "j7hyqpassX", "j7hyqpassXXX"); user = db.retrieve(created.getId()); assertNotNull(user.getPasswordLastModified()); assertEquals( (user.getMeta().getLastModified().getTime() / 1000l) * 1000l, user.getPasswordLastModified().getTime()); }
@Test public void canCreateUserInDefaultIdentityZone() { ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User"); user.addEmail("*****@*****.**"); ScimUser created = db.createUser(user, "j7hyqpassX"); assertEquals("*****@*****.**", created.getUserName()); assertNotNull(created.getId()); assertNotSame(user.getId(), created.getId()); Map<String, Object> map = jdbcTemplate.queryForMap("select * from users where id=?", created.getId()); assertEquals(user.getUserName(), map.get("userName")); assertEquals(user.getUserType(), map.get(UaaAuthority.UAA_USER.getUserType())); assertNull(created.getGroups()); assertEquals(OriginKeys.UAA, created.getOrigin()); assertEquals("uaa", map.get("identity_zone_id")); assertNull(user.getPasswordLastModified()); assertNotNull(created.getPasswordLastModified()); assertEquals( (created.getMeta().getCreated().getTime() / 1000l) * 1000l, created.getPasswordLastModified().getTime()); }
private void verifyUser(String token) throws Exception { ScimUserProvisioning usersRepository = getWebApplicationContext().getBean(ScimUserProvisioning.class); String email = "joe@" + generator.generate().toLowerCase() + ".com"; ScimUser joel = new ScimUser(null, email, "Joel", "D'sa"); joel.addEmail(email); joel = usersRepository.createUser(joel, "pas5Word"); MockHttpServletRequestBuilder get = MockMvcRequestBuilders.get("/Users/" + joel.getId() + "/verify") .header("Authorization", "Bearer " + token) .accept(APPLICATION_JSON); getMockMvc() .perform(get) .andExpect(status().isOk()) .andExpect(header().string("ETag", "\"0\"")) .andExpect(jsonPath("$.userName").value(email)) .andExpect(jsonPath("$.emails[0].value").value(email)) .andExpect(jsonPath("$.name.familyName").value("D'sa")) .andExpect(jsonPath("$.name.givenName").value("Joel")) .andExpect(jsonPath("$.verified").value(true)); }
@Test public void canCreateUserWithSingleQuoteInEmailAndUsername() { ScimUser user = new ScimUser(null, "ro'*****@*****.**", "Rob", "O'Gallagher"); user.addEmail("ro'*****@*****.**"); db.createUser(user, "j7hyqpassX"); }
@Test(expected = InvalidScimResourceException.class) public void cannotCreateUserWithNonAsciiUsername() { ScimUser user = new ScimUser(null, "joe$eph", "Jo", "User"); user.addEmail("*****@*****.**"); db.createUser(user, "j7hyqpassX"); }