Пример #1
0
 @Test
 public void test_cannot_delete_uaa_zone_users() throws Exception {
   ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User");
   user.addEmail("*****@*****.**");
   user.setOrigin(UAA);
   ScimUser created = db.createUser(user, "j7hyqpassX");
   assertEquals("*****@*****.**", created.getUserName());
   assertNotNull(created.getId());
   assertEquals(UAA, created.getOrigin());
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from users where origin=? and identity_zone_id=?",
           new Object[] {UAA, IdentityZone.getUaa().getId()},
           Integer.class),
       is(3));
   IdentityProvider loginServer =
       new IdentityProvider().setOriginKey(UAA).setIdentityZoneId(IdentityZone.getUaa().getId());
   db.onApplicationEvent(new EntityDeletedEvent<>(loginServer));
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from users where origin=? and identity_zone_id=?",
           new Object[] {UAA, IdentityZone.getUaa().getId()},
           Integer.class),
       is(3));
 }
Пример #2
0
 @Test
 public void test_cannot_delete_uaa_provider_users_in_other_zone() throws Exception {
   String id = generator.generate();
   IdentityZone zone = MultitenancyFixture.identityZone(id, id);
   IdentityZoneHolder.set(zone);
   ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User");
   user.addEmail("*****@*****.**");
   user.setOrigin(UAA);
   ScimUser created = db.createUser(user, "j7hyqpassX");
   assertEquals("*****@*****.**", created.getUserName());
   assertNotNull(created.getId());
   assertEquals(UAA, created.getOrigin());
   assertEquals(zone.getId(), created.getZoneId());
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from users where origin=? and identity_zone_id=?",
           new Object[] {UAA, zone.getId()},
           Integer.class),
       is(1));
   IdentityProvider loginServer =
       new IdentityProvider().setOriginKey(UAA).setIdentityZoneId(zone.getId());
   db.onApplicationEvent(new EntityDeletedEvent<>(loginServer));
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from users where origin=? and identity_zone_id=?",
           new Object[] {UAA, zone.getId()},
           Integer.class),
       is(1));
 }
Пример #3
0
  @Test
  public void testUpdateUserPasswordDoesntChange() throws Exception {
    String username = "******" + new RandomValueStringGenerator().generate() + "@test.org";
    ScimUser scimUser = new ScimUser(null, username, "User", "Example");
    ScimUser.Email email = new ScimUser.Email();
    email.setValue(username);
    scimUser.setEmails(Arrays.asList(email));
    scimUser.setSalt("salt");
    scimUser = db.createUser(scimUser, "password");
    assertNotNull(scimUser);
    assertEquals("salt", scimUser.getSalt());
    scimUser.setSalt("newsalt");

    String passwordHash =
        jdbcTemplate.queryForObject(
            "select password from users where id=?", new Object[] {scimUser.getId()}, String.class);
    assertNotNull(passwordHash);

    db.changePassword(scimUser.getId(), null, "password");
    assertEquals(
        passwordHash,
        jdbcTemplate.queryForObject(
            "select password from users where id=?",
            new Object[] {scimUser.getId()},
            String.class));

    db.changePassword(scimUser.getId(), "password", "password");
    assertEquals(
        passwordHash,
        jdbcTemplate.queryForObject(
            "select password from users where id=?",
            new Object[] {scimUser.getId()},
            String.class));
  }
 @Test
 public void validateOriginAndExternalIDDuringCreateAndUpdate() {
   String origin = "test";
   String externalId = "testId";
   ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User");
   user.setOrigin(origin);
   user.setExternalId(externalId);
   user.addEmail("*****@*****.**");
   ScimUser created = db.createUser(user, "j7hyqpassX");
   assertEquals("*****@*****.**", created.getUserName());
   assertNotNull(created.getId());
   assertNotSame(user.getId(), created.getId());
   Map<String, Object> map =
       template.queryForMap("select * from users where id=?", created.getId());
   assertEquals(user.getUserName(), map.get("userName"));
   assertEquals(user.getUserType(), map.get(UaaAuthority.UAA_USER.getUserType()));
   assertNull(created.getGroups());
   assertEquals(origin, created.getOrigin());
   assertEquals(externalId, created.getExternalId());
   String origin2 = "test2";
   String externalId2 = "testId2";
   created.setOrigin(origin2);
   created.setExternalId(externalId2);
   ScimUser updated = db.update(created.getId(), created);
   assertEquals(origin2, updated.getOrigin());
   assertEquals(externalId2, updated.getExternalId());
 }
 @Test
 public void canDeleteExistingUser() {
   String tmpUserId = createUserForDelete();
   db.setDeactivateOnDelete(false);
   db.delete(tmpUserId, 0);
   assertEquals(0, template.queryForList("select * from users where id=?", tmpUserId).size());
   assertEquals(0, db.query("username eq \"" + tmpUserId + "\"").size());
 }
 @Test
 public void testUpdatedVersionedUserVerified() {
   String tmpUserIdString = createUserForDelete();
   ScimUser user = db.retrieve(tmpUserIdString);
   assertFalse(user.isVerified());
   user = db.verifyUser(tmpUserIdString, user.getVersion());
   assertTrue(user.isVerified());
   removeUser(tmpUserIdString);
 }
 @Test
 public void testUserVerifiedThroughUpdate() {
   String tmpUserIdString = createUserForDelete();
   ScimUser user = db.retrieve(tmpUserIdString);
   assertFalse(user.isVerified());
   user.setVerified(true);
   user = db.update(tmpUserIdString, user);
   assertTrue(user.isVerified());
   removeUser(tmpUserIdString);
 }
Пример #8
0
 @Test
 public void countUsersAcrossAllZones() {
   IdentityZoneHolder.clear();
   int beginningCount = db.getTotalCount();
   canCreateUserInDefaultIdentityZone();
   IdentityZoneHolder.clear();
   assertEquals(beginningCount + 1, db.getTotalCount());
   canCreateUserInOtherIdentityZone();
   IdentityZoneHolder.clear();
   assertEquals(beginningCount + 2, db.getTotalCount());
 }
Пример #9
0
  @Test
  public void test_can_delete_zone_users() throws Exception {
    String id = generator.generate();
    IdentityZone zone = MultitenancyFixture.identityZone(id, id);
    IdentityZoneHolder.set(zone);
    ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User");
    user.addEmail("*****@*****.**");
    user.setOrigin(UAA);
    ScimUser created = db.createUser(user, "j7hyqpassX");
    assertEquals("*****@*****.**", created.getUserName());
    assertNotNull(created.getId());
    assertEquals(UAA, created.getOrigin());
    assertEquals(zone.getId(), created.getZoneId());
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from users where origin=? and identity_zone_id=?",
            new Object[] {UAA, zone.getId()},
            Integer.class),
        is(1));
    addApprovalAndMembership(created.getId(), created.getOrigin());
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from authz_approvals where user_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(1));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where member_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(1));

    db.onApplicationEvent(new EntityDeletedEvent<>(zone));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from users where origin=? and identity_zone_id=?",
            new Object[] {UAA, zone.getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from authz_approvals where user_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where member_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(0));
  }
Пример #10
0
  @Test
  public void test_can_delete_provider_users_in_default_zone() throws Exception {
    ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User");
    user.addEmail("*****@*****.**");
    user.setOrigin(LOGIN_SERVER);
    ScimUser created = db.createUser(user, "j7hyqpassX");
    assertEquals("*****@*****.**", created.getUserName());
    assertNotNull(created.getId());
    assertEquals(LOGIN_SERVER, created.getOrigin());
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from users where origin=? and identity_zone_id=?",
            new Object[] {LOGIN_SERVER, IdentityZone.getUaa().getId()},
            Integer.class),
        is(1));
    addApprovalAndMembership(created.getId(), created.getOrigin());
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from authz_approvals where user_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(1));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where member_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(1));

    IdentityProvider loginServer =
        new IdentityProvider()
            .setOriginKey(LOGIN_SERVER)
            .setIdentityZoneId(IdentityZone.getUaa().getId());
    db.onApplicationEvent(new EntityDeletedEvent<>(loginServer));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from users where origin=? and identity_zone_id=?",
            new Object[] {LOGIN_SERVER, IdentityZone.getUaa().getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from authz_approvals where user_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where member_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(0));
  }
 @Test(expected = OptimisticLockingFailureException.class)
 public void testUpdatedIncorrectVersionUserVerified() {
   String tmpUserIdString = createUserForDelete();
   try {
     ScimUser user = db.retrieve(tmpUserIdString);
     assertFalse(user.isVerified());
     user = db.verifyUser(tmpUserIdString, user.getVersion() + 50);
     assertTrue(user.isVerified());
   } finally {
     removeUser(tmpUserIdString);
   }
 }
 @Test(expected = ScimResourceAlreadyExistsException.class)
 public void cannotDeactivateExistingUserAndThenCreateHimAgain() {
   String tmpUserId = createUserForDelete();
   ScimUser deletedUser = db.delete(tmpUserId, 0);
   deletedUser.setActive(true);
   try {
     db.createUser(deletedUser, "foobarspam1234");
   } catch (ScimResourceAlreadyExistsException e) {
     removeUser(tmpUserId);
     throw e;
   }
 }
 @Test(expected = ScimResourceNotFoundException.class)
 public void testUserVerifiedInvalidUserId() {
   String tmpUserIdString = createUserForDelete();
   try {
     ScimUser user = db.retrieve(tmpUserIdString);
     assertFalse(user.isVerified());
     user = db.verifyUser("-1-1-1", -1);
     assertTrue(user.isVerified());
   } finally {
     removeUser(tmpUserIdString);
   }
 }
Пример #14
0
  @Test
  public void canAddNonExistentGroupThroughEvent() throws Exception {
    String[] externalAuthorities = new String[] {"extTest1", "extTest2", "extTest3"};
    String[] userAuthorities = new String[] {"usrTest1", "usrTest2", "usrTest3"};
    String origin = "testOrigin";
    String email = "*****@*****.**";
    String firstName = "FirstName";
    String lastName = "LastName";
    String password = "";
    String externalId = null;
    String userId = new RandomValueStringGenerator().generate();
    String username = new RandomValueStringGenerator().generate();
    UaaUser user =
        getUaaUser(
            userAuthorities,
            origin,
            email,
            firstName,
            lastName,
            password,
            externalId,
            userId,
            username);
    ScimUserBootstrap bootstrap = new ScimUserBootstrap(db, gdb, mdb, Arrays.asList(user));
    bootstrap.afterPropertiesSet();

    List<ScimUser> users =
        db.query("userName eq \"" + username + "\" and origin eq \"" + origin + "\"");
    assertEquals(1, users.size());
    userId = users.get(0).getId();
    user =
        getUaaUser(
            userAuthorities,
            origin,
            email,
            firstName,
            lastName,
            password,
            externalId,
            userId,
            username);
    bootstrap.onApplicationEvent(
        new ExternalGroupAuthorizationEvent(user, getAuthorities(externalAuthorities)));

    users = db.query("userName eq \"" + username + "\" and origin eq \"" + origin + "\"");
    assertEquals(1, users.size());
    ScimUser created = users.get(0);
    Set<ScimGroup> groups = mdb.getGroupsWithMember(created.getId(), true);
    String[] expected = merge(externalAuthorities, userAuthorities);
    String[] actual = getGroupNames(groups);
    assertThat(actual, IsArrayContainingInAnyOrder.arrayContainingInAnyOrder(expected));
  }
 @Test
 public void canDeactivateExistingUser() {
   String tmpUserId = createUserForDelete();
   ScimUser deletedUser = db.delete(tmpUserId, 0);
   assertEquals(
       1,
       template
           .queryForList("select * from users where id=? and active=?", tmpUserId, false)
           .size());
   assertFalse(deletedUser.isActive());
   assertEquals(1, db.query("username eq \"" + tmpUserId + "\" and active eq false").size());
   removeUser(tmpUserId);
 }
Пример #16
0
 @Test
 public void testCreateUserCheckSalt() throws Exception {
   ScimUser scimUser = new ScimUser("user-id-3", "*****@*****.**", "User", "Example");
   ScimUser.Email email = new ScimUser.Email();
   email.setValue("*****@*****.**");
   scimUser.setEmails(Arrays.asList(email));
   scimUser.setPassword("password");
   scimUser.setSalt("salt");
   scimUser = db.create(scimUser);
   assertNotNull(scimUser);
   assertEquals("salt", scimUser.getSalt());
   scimUser.setSalt("newsalt");
   scimUser = db.update(scimUser.getId(), scimUser);
   assertNotNull(scimUser);
   assertEquals("newsalt", scimUser.getSalt());
 }
Пример #17
0
  @Test
  public void testCreateUserWithDuplicateUsername() throws Exception {
    addUser(
        "cba09242-aa43-4247-9aa0-b5c75c281f94",
        "*****@*****.**",
        "password",
        "*****@*****.**",
        "first",
        "user",
        "90438",
        defaultIdentityProviderId,
        "uaa");
    ScimUser scimUser = new ScimUser("user-id-2", "*****@*****.**", "User", "Example");
    ScimUser.Email email = new ScimUser.Email();
    email.setValue("*****@*****.**");
    scimUser.setEmails(Arrays.asList(email));
    scimUser.setPassword("password");

    try {
      db.create(scimUser);
      fail("Should have thrown an exception");
    } catch (ScimResourceAlreadyExistsException e) {
      Map<String, Object> userDetails = new HashMap<>();
      userDetails.put("active", true);
      userDetails.put("verified", false);
      userDetails.put("user_id", "cba09242-aa43-4247-9aa0-b5c75c281f94");
      assertEquals(HttpStatus.CONFLICT, e.getStatus());
      assertEquals("Username already in use: [email protected]", e.getMessage());
      assertEquals(userDetails, e.getExtraInfo());
    }
  }
  @Test
  // (expected = ScimResourceAlreadyExistsException.class)
  public void canDeleteExistingUserAndThenCreateHimAgain() {
    String tmpUserId = createUserForDelete();
    db.setDeactivateOnDelete(false);
    ScimUser deletedUser = db.delete(tmpUserId, 0);
    assertEquals(0, template.queryForList("select * from users where id=?", tmpUserId).size());

    deletedUser.setActive(true);
    ScimUser user = db.createUser(deletedUser, "foobarspam1234");
    assertNotNull(user);
    assertNotNull(user.getId());
    assertNotSame(tmpUserId, user.getId());
    assertEquals(1, db.query("username eq \"" + tmpUserId + "\"").size());
    removeUser(user.getId());
  }
Пример #19
0
  @Test
  public void testCreateUserWithDuplicateUsernameInOtherIdp() throws Exception {
    addUser(
        "cba09242-aa43-4247-9aa0-b5c75c281f94",
        "*****@*****.**",
        "password",
        "*****@*****.**",
        "first",
        "user",
        "90438",
        defaultIdentityProviderId,
        "uaa");

    String origin = "test-origin";
    createOtherIdentityProvider(origin, IdentityZone.getUaa().getId());

    ScimUser scimUser = new ScimUser(null, "*****@*****.**", "User", "Example");
    ScimUser.Email email = new ScimUser.Email();
    email.setValue("*****@*****.**");
    scimUser.setEmails(Arrays.asList(email));
    scimUser.setPassword("password");
    scimUser.setOrigin(origin);
    String userId2 = db.create(scimUser).getId();
    assertNotNull(userId2);
    assertNotEquals("cba09242-aa43-4247-9aa0-b5c75c281f94", userId2);
  }
 @Test
 public void canChangePasswordWithCorrectOldPassword() throws Exception {
   db.changePassword(JOE_ID, "joespassword", "koala123$marissa");
   String storedPassword =
       template.queryForObject("SELECT password from users where ID=?", String.class, JOE_ID);
   assertTrue(BCrypt.checkpw("koala123$marissa", storedPassword));
 }
Пример #21
0
 @Test
 public void addUsersWithSameUsername() throws Exception {
   String origin = "testOrigin";
   String email = "*****@*****.**";
   String firstName = "FirstName";
   String lastName = "LastName";
   String password = "";
   String externalId = null;
   String userId = new RandomValueStringGenerator().generate();
   String username = new RandomValueStringGenerator().generate();
   UaaUser user =
       getUaaUser(
           new String[0],
           origin,
           email,
           firstName,
           lastName,
           password,
           externalId,
           userId,
           username);
   ScimUserBootstrap bootstrap = new ScimUserBootstrap(db, gdb, mdb, Arrays.asList(user));
   bootstrap.afterPropertiesSet();
   user = user.modifySource("newOrigin", "");
   bootstrap.addUser(user);
   assertEquals(2, db.retrieveAll().size());
 }
Пример #22
0
 @Test
 public void canRetrieveUsersWithGroupsFilter() {
   List<ScimUser> users = db.query("groups.display co \"uaa.user\"");
   assertEquals(2 + existingUserCount, users.size());
   for (int i = 0; i < users.size(); i++) {
     assertNotNull(users.get(i));
   }
 }
Пример #23
0
 @Test
 public void canCreateUserWithExclamationMarkInUsername() {
   String userName = "******";
   ScimUser user = new ScimUser(null, userName, "Jo", "User");
   user.addEmail(userName);
   ScimUser created = db.createUser(user, "j7hyqpassX");
   assertEquals(userName, created.getUserName());
 }
 @Test(expected = InvalidScimResourceException.class)
 public void updateWithBadUsernameIsError() {
   ScimUser jo = new ScimUser(null, "jo$ephine", "Jo", "NewUser");
   jo.addEmail("*****@*****.**");
   jo.setVersion(1);
   ScimUser joe = db.update(JOE_ID, jo);
   assertEquals("joe", joe.getUserName());
 }
 @Test(expected = OptimisticLockingFailureException.class)
 public void updateWithWrongVersionIsError() {
   ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser");
   jo.addEmail("*****@*****.**");
   jo.setVersion(1);
   ScimUser joe = db.update(JOE_ID, jo);
   assertEquals("joe", joe.getUserName());
 }
 @Test
 public void updateWithEmptyPhoneNumberWorks() {
   ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser");
   PhoneNumber emptyNumber = new PhoneNumber();
   jo.addEmail("*****@*****.**");
   jo.setPhoneNumbers(Arrays.asList(emptyNumber));
   ScimUser joe = db.update(JOE_ID, jo);
 }
Пример #27
0
 @Test
 public void canAddUsers() throws Exception {
   UaaUser joe = new UaaUser("joe", "password", "*****@*****.**", "Joe", "User");
   UaaUser mabel = new UaaUser("mabel", "password", "*****@*****.**", "Mabel", "User");
   ScimUserBootstrap bootstrap = new ScimUserBootstrap(db, gdb, mdb, Arrays.asList(joe, mabel));
   bootstrap.afterPropertiesSet();
   Collection<ScimUser> users = db.retrieveAll();
   assertEquals(2, users.size());
 }
 @Test
 public void testCreatedUserNotVerified() {
   String tmpUserIdString = createUserForDelete();
   boolean verified = template.queryForObject(verifyUserSqlFormat, Boolean.class, tmpUserIdString);
   assertFalse(verified);
   ScimUser user = db.retrieve(tmpUserIdString);
   assertFalse(user.isVerified());
   removeUser(tmpUserIdString);
 }
Пример #29
0
 @Test
 public void testCreatedUserNotVerified() {
   String tmpUserIdString = createUserForDelete();
   boolean verified =
       jdbcTemplate.queryForObject(VERIFY_USER_SQL_FORMAT, Boolean.class, tmpUserIdString);
   assertFalse(verified);
   ScimUser user = db.retrieve(tmpUserIdString);
   assertFalse(user.isVerified());
   removeUser(tmpUserIdString);
 }
 @Test
 public void testUpdatedUserVerified() {
   String tmpUserIdString = createUserForDelete();
   boolean verified = template.queryForObject(verifyUserSqlFormat, Boolean.class, tmpUserIdString);
   assertFalse(verified);
   db.verifyUser(tmpUserIdString, -1);
   verified = template.queryForObject(verifyUserSqlFormat, Boolean.class, tmpUserIdString);
   assertTrue(verified);
   removeUser(tmpUserIdString);
 }