@Test public void noActiveIdps_ReturnsEmptyResources() throws Exception { when(provisioning.retrieveActive(anyString())).thenReturn(Collections.emptyList()); SearchResults<?> searchResults = endpoints.findUsers("username eq \"foo\"", "ascending", 0, 100, false); assertTrue(searchResults.getResources().isEmpty()); }
@SuppressWarnings("unchecked") @Before public void init() { endpoints.setScimUserEndpoints(scimUserEndpoints); endpoints.setEnabled(true); when(securityContextAccessor.getAuthorities()).thenReturn(authorities); when(securityContextAccessor.getAuthenticationInfo()).thenReturn("mock object"); when(provisioning.retrieveActive(anyString())) .thenReturn( Collections.singletonList(MultitenancyFixture.identityProvider("test-origin", "uaa"))); endpoints.setSecurityContextAccessor(securityContextAccessor); }
@RequestMapping( value = "/invite_users", method = RequestMethod.POST, consumes = "application/json") public ResponseEntity<InvitationsResponse> inviteUsers( @RequestBody InvitationsRequest invitations, @RequestParam(value = "client_id", required = false) String clientId, @RequestParam(value = "redirect_uri") String redirectUri) { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication instanceof OAuth2Authentication) { OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication; if (clientId == null) { clientId = oAuth2Authentication.getOAuth2Request().getClientId(); } } InvitationsResponse invitationsResponse = new InvitationsResponse(); DomainFilter filter = new DomainFilter(); List<IdentityProvider> activeProviders = providers.retrieveActive(IdentityZoneHolder.get().getId()); ClientDetails client = clients.loadClientByClientId(clientId); for (String email : invitations.getEmails()) { try { List<IdentityProvider> providers = filter.filter(activeProviders, client, email); if (providers.size() == 1) { ScimUser user = findOrCreateUser(email, providers.get(0).getOriginKey()); String accountsUrl = UaaUrlUtils.getUaaUrl("/invitations/accept"); Map<String, String> data = new HashMap<>(); data.put(InvitationConstants.USER_ID, user.getId()); data.put(InvitationConstants.EMAIL, user.getPrimaryEmail()); data.put(CLIENT_ID, clientId); data.put(REDIRECT_URI, redirectUri); data.put(ORIGIN, user.getOrigin()); Timestamp expiry = new Timestamp( System.currentTimeMillis() + (INVITATION_EXPIRY_DAYS * 24 * 60 * 60 * 1000)); ExpiringCode code = expiringCodeStore.generateCode(JsonUtils.writeValueAsString(data), expiry, null); String invitationLink = accountsUrl + "?code=" + code.getCode(); try { URL inviteLink = new URL(invitationLink); invitationsResponse .getNewInvites() .add( InvitationsResponse.success( user.getPrimaryEmail(), user.getId(), user.getOrigin(), inviteLink)); } catch (MalformedURLException mue) { invitationsResponse .getFailedInvites() .add( InvitationsResponse.failure( email, "invitation.exception.url", String.format("Malformed url", invitationLink))); } } else if (providers.size() == 0) { invitationsResponse .getFailedInvites() .add( InvitationsResponse.failure( email, "provider.non-existent", "No authentication provider found.")); } else { invitationsResponse .getFailedInvites() .add( InvitationsResponse.failure( email, "provider.ambiguous", "Multiple authentication providers found.")); } } catch (ScimResourceConflictException x) { invitationsResponse .getFailedInvites() .add( InvitationsResponse.failure( email, "user.ambiguous", "Multiple users with the same origin matched to the email address.")); } catch (UaaException uaae) { invitationsResponse .getFailedInvites() .add(InvitationsResponse.failure(email, "invitation.exception", uaae.getMessage())); } } return new ResponseEntity<>(invitationsResponse, HttpStatus.OK); }