@Test
public void createUserInOtherZoneWithUaaAdminTokenFromNonDefaultZone() throws Exception {
IdentityZone identityZone = getIdentityZone();
String authorities = "uaa.admin";
clientDetails =
utils()
.createClient(
this.getMockMvc(),
uaaAdminToken,
"testClientId",
"testClientSecret",
null,
null,
Collections.singletonList("client_credentials"),
authorities,
null,
identityZone);
String uaaAdminTokenFromOtherZone =
testClient.getClientCredentialsOAuthAccessToken(
"testClientId", "testClientSecret", "uaa.admin", identityZone.getSubdomain());
byte[] requestBody = JsonUtils.writeValueAsBytes(getScimUser());
MockHttpServletRequestBuilder post =
post("/Users")
.header("Authorization", "Bearer " + uaaAdminTokenFromOtherZone)
.contentType(APPLICATION_JSON)
.content(requestBody);
post.with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost"));
post.header(IdentityZoneSwitchingFilter.HEADER, IdentityZone.getUaa().getId());
getMockMvc().perform(post).andExpect(status().isForbidden());
}
private MvcResult sendPingWithTraceId(String headerName, Long correlationId, boolean sampling)
throws Exception {
MockHttpServletRequestBuilder request =
MockMvcRequestBuilders.get("/ping")
.accept(MediaType.TEXT_PLAIN)
.header(headerName, Span.toHex(correlationId))
.header(Span.SPAN_ID_NAME, Span.toHex(new Random().nextLong()));
if (!sampling) {
request.header(Span.NOT_SAMPLED_NAME, "true");
}
return this.mockMvc.perform(request).andReturn();
}
private ResultActions createUserAndReturnResult(
ScimUser user, String token, String subdomain, String switchZone) throws Exception {
byte[] requestBody = JsonUtils.writeValueAsBytes(user);
MockHttpServletRequestBuilder post =
post("/Users")
.header("Authorization", "Bearer " + token)
.contentType(APPLICATION_JSON)
.content(requestBody);
if (subdomain != null && !subdomain.equals(""))
post.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));
if (switchZone != null) post.header(IdentityZoneSwitchingFilter.HEADER, switchZone);
return getMockMvc().perform(post);
}