@Test
public void testCreateUserInZoneUsingAdminClient() throws Exception {
String subdomain = generator.generate();
mockMvcUtils.createOtherIdentityZone(subdomain, getMockMvc(), getWebApplicationContext());
String zoneAdminToken =
testClient.getClientCredentialsOAuthAccessToken(
"admin", "admin-secret", "scim.write", subdomain);
createUser(zoneAdminToken, subdomain);
}
@Test
public void testCreateUserInOtherZoneIsUnauthorized() throws Exception {
String subdomain = generator.generate();
mockMvcUtils.createOtherIdentityZone(subdomain, getMockMvc(), getWebApplicationContext());
String otherSubdomain = generator.generate();
mockMvcUtils.createOtherIdentityZone(otherSubdomain, getMockMvc(), getWebApplicationContext());
String zoneAdminToken =
testClient.getClientCredentialsOAuthAccessToken(
"admin", "admin-secret", "scim.write", subdomain);
ScimUser user = getScimUser();
byte[] requestBody = JsonUtils.writeValueAsBytes(user);
MockHttpServletRequestBuilder post =
post("/Users")
.with(new SetServerNameRequestPostProcessor(otherSubdomain + ".localhost"))
.header("Authorization", "Bearer " + zoneAdminToken)
.contentType(APPLICATION_JSON)
.content(requestBody);
getMockMvc().perform(post).andExpect(status().isUnauthorized());
}
private IdentityZone getIdentityZone() throws Exception {
String subdomain = generator.generate();
return mockMvcUtils.createOtherIdentityZone(
subdomain, getMockMvc(), getWebApplicationContext());
}
