@SuppressWarnings("unchecked")
@Test
public void testAuthenticateTMForController_noControllerSettings() throws Throwable {
// given
VOUserDetails manager = createVOUserDetails(10000, "user", "tp123");
Mockito.doThrow(new ConfigurationException("test"))
.when(configService)
.getAuthenticationForBESTechnologyManager(
Matchers.anyString(), Matchers.any(ServiceInstance.class), Matchers.anyMap());
Mockito.doReturn(null)
.when(authService)
.getAuthenticatedTMForController(
Matchers.anyString(), Matchers.any(PasswordAuthentication.class));
ArgumentCaptor<PasswordAuthentication> ac =
ArgumentCaptor.forClass(PasswordAuthentication.class);
// when
authenticateTMForController(CTRL_ID, manager.getUserId(), "pass");
// then
Mockito.verify(authService).getAuthenticatedTMForController(Matchers.anyString(), ac.capture());
assertEquals(manager.getUserId(), ac.getValue().getUserName());
assertEquals("pass", ac.getValue().getPassword());
}
private void addUser(VOUserDetails user, String password) {
if (user != null) {
if (user.getKey() != 0 && user.getUserId() != null) {
byId.put(user.getUserId(), user);
byKey.put(Long.valueOf(user.getKey()), user);
passwordsByKey.put(Long.valueOf(user.getKey()), password);
} else {
throw new IllegalArgumentException("User must have ID and key!");
}
}
}
@SuppressWarnings("unchecked")
@Test
public void testAuthenticateAdministrator_SSO() throws Throwable {
// given
Map<String, String> settings = getProxySettingsForMode("SAML_SP");
VOUserDetails admin = createVOUserDetails(1000, "admin", "org");
admin.setUserRoles(Collections.singleton(UserRoleType.ORGANIZATION_ADMIN));
Mockito.doReturn(admin)
.when(besDAO)
.getUserDetails(
Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class), Matchers.anyString());
Mockito.doReturn(new PasswordAuthentication("nobody", ""))
.when(configService)
.getWebServiceAuthentication(Matchers.any(ServiceInstance.class), Matchers.anyMap());
Mockito.doReturn(settings).when(configService).getAllProxyConfigurationSettings();
// when
authService.authenticateAdministrator(
new PasswordAuthentication(admin.getUserId(), "admin123"));
// then
Mockito.verify(besDAO, Mockito.times(0))
.getUser(Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class));
}
@Test
public void testAuthenticateTMForController_SSO() throws Throwable {
// given
Map<String, String> proxySettings = getProxySettingsForMode("SAML_SP");
Map<String, Setting> controlleSettings = getControllerSettingsForOrg("tp123");
VOUserDetails manager = createVOUserDetails(10001, "user", "tp123");
manager.setUserRoles(Collections.singleton(UserRoleType.TECHNOLOGY_MANAGER));
Mockito.doReturn(proxySettings).when(configService).getAllProxyConfigurationSettings();
Mockito.doReturn(controlleSettings)
.when(configService)
.getControllerConfigurationSettings(Matchers.anyString());
Mockito.doReturn(manager)
.when(besDAO)
.getUserDetails(
Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class), Matchers.anyString());
// when
authenticateTMForController(CTRL_ID, manager.getUserId(), "pass");
// then
Mockito.verify(besDAO, Mockito.times(0))
.getUser(Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class));
Mockito.verify(besDAO, Mockito.times(1))
.getUserDetails(
Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class), Matchers.anyString());
}
@SuppressWarnings("unchecked")
@Test
public void testAuthenticateTMForInstance_SSO() throws Throwable {
// given
Map<String, String> settings = getProxySettingsForMode("SAML_SP");
createServiceInstance(
ProvisioningStatus.COMPLETED, InstanceParameter.BSS_USER, InstanceParameter.BSS_USER_PWD);
VOUserDetails manager = createVOUserDetails(10000, "user", "tp123");
manager.setUserRoles(Collections.singleton(UserRoleType.TECHNOLOGY_MANAGER));
Mockito.doReturn(manager)
.when(besDAO)
.getUserDetails(
Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class), Matchers.anyString());
Mockito.doReturn(new PasswordAuthentication("nobody", ""))
.when(configService)
.getWebServiceAuthentication(Matchers.any(ServiceInstance.class), Matchers.anyMap());
Mockito.doReturn(settings).when(configService).getAllProxyConfigurationSettings();
// when
authenticateTMForInstance(CTRL_ID, "appInstanceId", manager.getUserId(), "pass");
// then
Mockito.verify(besDAO, Mockito.times(0))
.getUser(Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class));
Mockito.verify(besDAO, Mockito.times(2))
.getUserDetails(
Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class), Matchers.anyString());
}
@Test(expected = ConfigurationException.class)
public void testAuthenticateTMForController_noOrgId() throws Throwable {
// given
Map<String, String> controllerSettings = new HashMap<>();
VOUserDetails manager = createVOUserDetails(10000, "user", "tp123");
Mockito.doReturn(controllerSettings)
.when(configService)
.getControllerConfigurationSettings(Matchers.anyString());
// when
authenticateTMForController(CTRL_ID, manager.getUserId(), "pass");
}
@Ignore
// TODO test in besDAO
@Test(expected = ConfigurationException.class)
public void testAuthenticateTMForInstance_SSO_withoutConfiguredPassword() throws Throwable {
proxyConfigSettings.put(PlatformConfigurationKey.BSS_AUTH_MODE.name(), "SAML_SP");
VOUserDetails supplier = createVOUserDetails(10000, "supplier", "tp123");
controllerConfigSettings.put(ControllerConfigurationKey.BSS_USER_PWD.name(), null);
// do not add instance specific TP credentials
createServiceInstance(ProvisioningStatus.COMPLETED, InstanceParameter.PUBLIC_IP);
authenticateTMForInstance(CTRL_ID, "appInstanceId", supplier.getUserId(), "secret");
UserBase userBase = new UserBase();
userBase.addUser(supplier, "secret");
identityService = userBase.mockIdentityService();
}
@Test(expected = AuthenticationException.class)
public void testAuthenticateTMForInstance_wrongOrg() throws Throwable {
// given
createServiceInstance(ProvisioningStatus.COMPLETED, InstanceParameter.PUBLIC_IP);
VOUserDetails org = createVOUserDetails(10000, "supplier", "tp123");
VOUserDetails wrongOrg = createVOUserDetails(20001, "user", "customer");
Mockito.doReturn(org)
.doReturn(wrongOrg)
.when(besDAO)
.getUserDetails(
Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class), Matchers.anyString());
// when
authenticateTMForInstance(
CTRL_ID, "appInstanceId", new PasswordAuthentication(wrongOrg.getUserId(), "secret"));
}
@SuppressWarnings("unchecked")
@Test(expected = APPlatformException.class)
public void testAuthenticateTMForInstance_OperationNotPermitted() throws Throwable {
// given
createServiceInstance(ProvisioningStatus.COMPLETED, InstanceParameter.PUBLIC_IP);
VOUserDetails currentUserDetails =
createVOUserDetails(1000, defaultAuth.getUserName(), "orgid");
Mockito.doReturn(currentUserDetails)
.when(besDAO)
.getUserDetails(
Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class), Matchers.anyString());
Mockito.doReturn(new PasswordAuthentication(currentUserDetails.getUserId(), "pass"))
.when(configService)
.getWebServiceAuthentication(Matchers.any(ServiceInstance.class), Matchers.anyMap());
Mockito.doThrow(new APPlatformException("any"))
.when(besDAO)
.getUser(Matchers.any(ServiceInstance.class), Matchers.any(VOUser.class));
// when
authenticateTMForInstance(CTRL_ID, "appInstanceId", defaultAuth);
}