@Test public void test_update_user() { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.PASSWORD) .name("user1") .password("password") .enabled(true) .build(); subjectCredentialsService.save(subjectCredentials); subjectCredentials.setPassword("new password"); subjectCredentialsService.save(subjectCredentials); List<SubjectCredentials> list = newArrayList( subjectCredentialsService.getSubjectCredentials( SubjectCredentials.AuthenticationType.PASSWORD)); assertThat(list).hasSize(1); assertSubjectEquals(subjectCredentials, list.get(0)); SubjectCredentials found = subjectCredentialsService.getSubjectCredentials(subjectCredentials.getName()); assertSubjectEquals(subjectCredentials, found); Asserts.assertUpdatedTimestamps(subjectCredentials, found); }
@Test public void test_create_new_application() throws IOException { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.CERTIFICATE) .name("app1") .certificate(getCertificate()) .enabled(true) .build(); subjectCredentialsService.save(subjectCredentials); List<SubjectCredentials> list = newArrayList( subjectCredentialsService.getSubjectCredentials( SubjectCredentials.AuthenticationType.CERTIFICATE)); assertThat(list).hasSize(1); assertSubjectEquals(subjectCredentials, list.get(0)); SubjectCredentials found = subjectCredentialsService.getSubjectCredentials(subjectCredentials.getName()); assertSubjectEquals(subjectCredentials, found); OpalKeyStore keyStore = credentialsKeyStoreService.getKeyStore(); assertThat(keyStore.aliasExists(subjectCredentials.getCertificateAlias())).isTrue(); assertThat(keyStore.getKeyType(subjectCredentials.getCertificateAlias())) .isEqualTo(OpalKeyStore.KeyType.CERTIFICATE); }
@Test public void test_delete_group() { Group group = Group.Builder.create().name("group1").build(); subjectCredentialsService.createGroup(group.getName()); subjectCredentialsService.delete(group); assertThat(subjectCredentialsService.getGroups()).isEmpty(); }
@Test(expected = PasswordNotChangedException.class) public void test_change_password_with_password_unchanged() { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.PASSWORD) .name("user1") .password(subjectCredentialsService.hashPassword("password")) .build(); subjectCredentialsService.save(subjectCredentials); subjectCredentialsService.changePassword("user1", "password", "password"); }
@Test public void test_create_new_group() { Group group = Group.Builder.create().name("group1").build(); subjectCredentialsService.createGroup(group.getName()); List<Group> groups = newArrayList(subjectCredentialsService.getGroups()); assertThat(groups).hasSize(1); assertGroupEquals(group, groups.get(0)); Group found = subjectCredentialsService.getGroup(group.getName()); assertGroupEquals(group, found); }
@Test public void test_delete_user() { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.PASSWORD) .name("user1") .password("password") .build(); subjectCredentialsService.save(subjectCredentials); subjectCredentialsService.delete(subjectCredentials); assertThat( subjectCredentialsService.getSubjectCredentials( SubjectCredentials.AuthenticationType.PASSWORD)) .isEmpty(); }
@Test public void test_change_password_with_password_changed() { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.PASSWORD) .name("user1") .password(subjectCredentialsService.hashPassword("password")) .build(); subjectCredentialsService.save(subjectCredentials); subjectCredentialsService.changePassword("user1", "password", "password1"); SubjectCredentials subjectCredentials1 = subjectCredentialsService.getSubjectCredentials("user1"); assertThat( subjectCredentials1 .getPassword() .equals(subjectCredentialsService.hashPassword("password1"))) .isTrue(); }
@Test public void test_delete_application() throws IOException { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.CERTIFICATE) .name("app1") .certificate(getCertificate()) .enabled(true) .build(); subjectCredentialsService.save(subjectCredentials); subjectCredentialsService.delete(subjectCredentials); assertThat( subjectCredentialsService.getSubjectCredentials( SubjectCredentials.AuthenticationType.CERTIFICATE)) .isEmpty(); OpalKeyStore keyStore = credentialsKeyStoreService.getKeyStore(); assertThat(keyStore.aliasExists(subjectCredentials.getName())).isFalse(); }
@Test public void test_remove_groups_from_user() { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.PASSWORD) .name("user1") .password("password") .groups(Sets.newHashSet("group1", "group2")) .build(); subjectCredentialsService.save(subjectCredentials); subjectCredentials.removeGroup("group1"); subjectCredentialsService.save(subjectCredentials); SubjectCredentials found = subjectCredentialsService.getSubjectCredentials(subjectCredentials.getName()); assertSubjectEquals(subjectCredentials, found); assertThat(subjectCredentialsService.getGroups()).hasSize(2); Group group1 = subjectCredentialsService.getGroup("group1"); assertThat(group1).isNotNull(); assertThat(group1.getSubjectCredentials()).isEmpty(); Group group2 = subjectCredentialsService.getGroup("group2"); assertThat(group2).isNotNull(); assertThat(group2.getSubjectCredentials()).hasSize(1); assertThat(group2.getSubjectCredentials()).contains(subjectCredentials.getName()); }
@Test public void test_delete_user_with_groups() { SubjectCredentials subjectCredentials = SubjectCredentials.Builder.create() .authenticationType(SubjectCredentials.AuthenticationType.PASSWORD) .name("user1") .password("password") .groups(Sets.newHashSet("group1", "group2")) .build(); subjectCredentialsService.save(subjectCredentials); subjectCredentialsService.delete(subjectCredentials); assertThat( subjectCredentialsService.getSubjectCredentials( SubjectCredentials.AuthenticationType.PASSWORD)) .isEmpty(); Group group1 = subjectCredentialsService.getGroup("group1"); assertThat(group1.getSubjectCredentials()).isEmpty(); Group group2 = subjectCredentialsService.getGroup("group2"); assertThat(group2.getSubjectCredentials()).isEmpty(); }
@Test(expected = SubjectPrincipalNotFoundException.class) public void test_change_password_with_wrong_principal() { subjectCredentialsService.changePassword("kuser", "password", "password"); }