Пример #1
0
  private void initializeUserAccount(RestOperations client) {

    if (this.user == null) {

      UaaUser user = testAccounts.getUser();
      @SuppressWarnings("rawtypes")
      ResponseEntity<Map> results =
          client.getForEntity(
              serverRunning.getUserUri() + "?filter=userName eq '" + user.getUsername() + "'",
              Map.class);
      assertEquals(HttpStatus.OK, results.getStatusCode());
      @SuppressWarnings("unchecked")
      List<Map<String, ?>> resources = (List<Map<String, ?>>) results.getBody().get("resources");
      Map<String, ?> map;
      if (!resources.isEmpty()) {
        map = resources.get(0);
      } else {
        map = getUserAsMap(user);
        @SuppressWarnings("rawtypes")
        ResponseEntity<Map> response =
            client.postForEntity(serverRunning.getUserUri(), map, Map.class);
        Assert.state(
            response.getStatusCode() == HttpStatus.CREATED,
            "User account not created: status was " + response.getStatusCode());
        @SuppressWarnings("unchecked")
        Map<String, ?> value = response.getBody();
        map = value;
      }
      this.user = getUserFromMap(map);
    }
  }
Пример #2
0
 @Test
 public void addUsersWithSameUsername() throws Exception {
   String origin = "testOrigin";
   String email = "*****@*****.**";
   String firstName = "FirstName";
   String lastName = "LastName";
   String password = "";
   String externalId = null;
   String userId = new RandomValueStringGenerator().generate();
   String username = new RandomValueStringGenerator().generate();
   UaaUser user =
       getUaaUser(
           new String[0],
           origin,
           email,
           firstName,
           lastName,
           password,
           externalId,
           userId,
           username);
   ScimUserBootstrap bootstrap = new ScimUserBootstrap(db, gdb, mdb, Arrays.asList(user));
   bootstrap.afterPropertiesSet();
   user = user.modifySource("newOrigin", "");
   bootstrap.addUser(user);
   assertEquals(2, db.retrieveAll().size());
 }
Пример #3
0
 @Override
 public void userAuthenticationSuccess(UaaUser user, UaaAuthenticationDetails details) {
   Assert.notNull(user, "UaaUser cannot be null");
   createAuditRecord(
       user.getId(),
       AuditEventType.UserAuthenticationSuccess,
       getOrigin(details),
       user.getUsername());
 }
Пример #4
0
  @Override
  public Authentication authenticate(Authentication req) throws AuthenticationException {
    logger.debug("Processing authentication request for " + req.getName());

    if (req.getCredentials() == null) {
      BadCredentialsException e = new BadCredentialsException("No password supplied");
      publish(new AuthenticationFailureBadCredentialsEvent(req, e));
      throw e;
    }

    UaaUser user;
    try {
      user = userDatabase.retrieveUserByName(req.getName().toLowerCase(Locale.US));
    } catch (UsernameNotFoundException e) {
      user = dummyUser;
    }

    final boolean passwordMatches =
        encoder.matches((CharSequence) req.getCredentials(), user.getPassword());

    if (!accountLoginPolicy.isAllowed(user, req)) {
      logger.warn(
          "Login policy rejected authentication for "
              + user.getUsername()
              + ", "
              + user.getId()
              + ". Ignoring login request.");
      BadCredentialsException e =
          new BadCredentialsException("Login policy rejected authentication");
      publish(new AuthenticationFailureLockedEvent(req, e));
      throw e;
    }

    if (passwordMatches) {
      logger.debug("Password successfully matched");
      Authentication success =
          new UaaAuthentication(
              new UaaPrincipal(user),
              user.getAuthorities(),
              (UaaAuthenticationDetails) req.getDetails());
      publish(new UserAuthenticationSuccessEvent(user, success));

      return success;
    }

    if (user == dummyUser) {
      logger.debug("No user named '" + req.getName() + "' was found");
      publish(new UserNotFoundEvent(req));
    } else {
      logger.debug("Password did not match for user " + req.getName());
      publish(new UserAuthenticationFailureEvent(user, req));
    }
    BadCredentialsException e = new BadCredentialsException("Bad credentials");
    publish(new AuthenticationFailureBadCredentialsEvent(req, e));
    throw e;
  }
Пример #5
0
 @Override
 public void userAuthenticationFailure(UaaUser user, UaaAuthenticationDetails details) {
   if (user == null) {
     userNotFound("<UNKNOWN>", details);
     return;
   }
   createAuditRecord(
       user.getId(),
       AuditEventType.UserAuthenticationFailure,
       getOrigin(details),
       user.getUsername());
 }
Пример #6
0
 private Map<String, ?> getUserAsMap(UaaUser user) {
   HashMap<String, Object> result = new HashMap<String, Object>();
   if (user.getId() != null) {
     result.put("id", user.getId());
   }
   if (user.getUsername() != null) {
     result.put("userName", user.getUsername());
   }
   String email = user.getEmail();
   if (email != null) {
     @SuppressWarnings("unchecked")
     List<Map<String, String>> emails = Arrays.asList(Collections.singletonMap("value", email));
     result.put("emails", emails);
   }
   String givenName = user.getGivenName();
   if (givenName != null) {
     Map<String, String> name = new HashMap<String, String>();
     name.put("givenName", givenName);
     if (user.getFamilyName() != null) {
       name.put("familyName", user.getFamilyName());
     }
     result.put("name", name);
   }
   return result;
 }
Пример #7
0
  @Test
  public void canAddUserWithAuthorities() throws Exception {
    UaaUser joe = new UaaUser("joe", "password", "*****@*****.**", "Joe", "User");
    joe = joe.authorities(AuthorityUtils.commaSeparatedStringToAuthorityList("openid,read"));
    ScimUserBootstrap bootstrap = new ScimUserBootstrap(db, gdb, mdb, Arrays.asList(joe));
    bootstrap.afterPropertiesSet();
    @SuppressWarnings("unchecked")
    Collection<Map<String, Object>> users =
        (Collection<Map<String, Object>>)
            userEndpoints.findUsers("id", "id pr", "id", "ascending", 1, 100).getResources();
    assertEquals(1, users.size());

    String id = (String) users.iterator().next().get("id");
    ScimUser user = userEndpoints.getUser(id, new MockHttpServletResponse());
    // uaa.user is always added
    assertEquals(3, user.getGroups().size());
  }
Пример #8
0
  @Test
  public void canRemoveAuthorities() throws Exception {
    UaaUser joe = new UaaUser("joe", "password", "*****@*****.**", "Joe", "User");
    joe = joe.authorities(AuthorityUtils.commaSeparatedStringToAuthorityList("openid,read"));
    ScimUserBootstrap bootstrap = new ScimUserBootstrap(db, gdb, mdb, Arrays.asList(joe));
    bootstrap.afterPropertiesSet();
    joe = joe.authorities(AuthorityUtils.commaSeparatedStringToAuthorityList("openid"));
    JdbcTemplate jdbcTemplate = new JdbcTemplate(database);
    System.err.println(jdbcTemplate.queryForList("SELECT * FROM group_membership"));
    bootstrap = new ScimUserBootstrap(db, gdb, mdb, Arrays.asList(joe));
    bootstrap.setOverride(true);
    bootstrap.afterPropertiesSet();
    @SuppressWarnings("unchecked")
    Collection<Map<String, Object>> users =
        (Collection<Map<String, Object>>)
            userEndpoints.findUsers("id", "id pr", "id", "ascending", 1, 100).getResources();
    assertEquals(1, users.size());

    String id = (String) users.iterator().next().get("id");
    ScimUser user = userEndpoints.getUser(id, new MockHttpServletResponse());
    // uaa.user is always added
    assertEquals(2, user.getGroups().size());
  }
Пример #9
0
  @Before
  public void createDatasource() {

    template = new JdbcTemplate(dataSource);
    marissa = userDao.retrieveUserByName("marissa");

    dao = new JdbcApprovalStore(template, new SimpleSearchQueryConverter());
    endpoints = new ApprovalsAdminEndpoints();
    endpoints.setApprovalStore(dao);
    endpoints.setUaaUserDatabase(userDao);
    InMemoryClientDetailsService clientDetailsService = new InMemoryClientDetailsService();
    BaseClientDetails details =
        new BaseClientDetails(
            "c1",
            "scim,clients",
            "read,write",
            "authorization_code, password, implicit, client_credentials",
            "update");
    details.addAdditionalInformation("autoapprove", "true");
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("c1", details));
    endpoints.setClientDetailsService(clientDetailsService);

    endpoints.setSecurityContextAccessor(mockSecurityContextAccessor(marissa.getUsername()));
  }
Пример #10
0
 @Test(expected = InvalidTokenException.class)
 public void revokingScopesFromUser_invalidatesToken() throws Exception {
   user = user.authorities(UaaAuthority.NONE_AUTHORITIES);
   mockUserDatabase(userId, user);
   endpoint.checkToken(accessToken.getValue());
 }