@Test
public void testCreateUserWithDuplicateUsernameInOtherIdp() throws Exception {
addUser(
"cba09242-aa43-4247-9aa0-b5c75c281f94",
"*****@*****.**",
"password",
"*****@*****.**",
"first",
"user",
"90438",
defaultIdentityProviderId,
"uaa");
String origin = "test-origin";
createOtherIdentityProvider(origin, IdentityZone.getUaa().getId());
ScimUser scimUser = new ScimUser(null, "*****@*****.**", "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue("*****@*****.**");
scimUser.setEmails(Arrays.asList(email));
scimUser.setPassword("password");
scimUser.setOrigin(origin);
String userId2 = db.create(scimUser).getId();
assertNotNull(userId2);
assertNotEquals("cba09242-aa43-4247-9aa0-b5c75c281f94", userId2);
}
@Test
public void testUpdateUserPasswordDoesntChange() throws Exception {
String username = "******" + new RandomValueStringGenerator().generate() + "@test.org";
ScimUser scimUser = new ScimUser(null, username, "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue(username);
scimUser.setEmails(Arrays.asList(email));
scimUser.setSalt("salt");
scimUser = db.createUser(scimUser, "password");
assertNotNull(scimUser);
assertEquals("salt", scimUser.getSalt());
scimUser.setSalt("newsalt");
String passwordHash =
jdbcTemplate.queryForObject(
"select password from users where id=?", new Object[] {scimUser.getId()}, String.class);
assertNotNull(passwordHash);
db.changePassword(scimUser.getId(), null, "password");
assertEquals(
passwordHash,
jdbcTemplate.queryForObject(
"select password from users where id=?",
new Object[] {scimUser.getId()},
String.class));
db.changePassword(scimUser.getId(), "password", "password");
assertEquals(
passwordHash,
jdbcTemplate.queryForObject(
"select password from users where id=?",
new Object[] {scimUser.getId()},
String.class));
}
@Test
public void testCreateUserWithDuplicateUsername() throws Exception {
addUser(
"cba09242-aa43-4247-9aa0-b5c75c281f94",
"*****@*****.**",
"password",
"*****@*****.**",
"first",
"user",
"90438",
defaultIdentityProviderId,
"uaa");
ScimUser scimUser = new ScimUser("user-id-2", "*****@*****.**", "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue("*****@*****.**");
scimUser.setEmails(Arrays.asList(email));
scimUser.setPassword("password");
try {
db.create(scimUser);
fail("Should have thrown an exception");
} catch (ScimResourceAlreadyExistsException e) {
Map<String, Object> userDetails = new HashMap<>();
userDetails.put("active", true);
userDetails.put("verified", false);
userDetails.put("user_id", "cba09242-aa43-4247-9aa0-b5c75c281f94");
assertEquals(HttpStatus.CONFLICT, e.getStatus());
assertEquals("Username already in use: [email protected]", e.getMessage());
assertEquals(userDetails, e.getExtraInfo());
}
}
@Test
public void testCreateUserCheckSalt() throws Exception {
ScimUser scimUser = new ScimUser("user-id-3", "*****@*****.**", "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue("*****@*****.**");
scimUser.setEmails(Arrays.asList(email));
scimUser.setPassword("password");
scimUser.setSalt("salt");
scimUser = db.create(scimUser);
assertNotNull(scimUser);
assertEquals("salt", scimUser.getSalt());
scimUser.setSalt("newsalt");
scimUser = db.update(scimUser.getId(), scimUser);
assertNotNull(scimUser);
assertEquals("newsalt", scimUser.getSalt());
}
@Test
public void create_user_then_update_without_email() throws Exception {
ScimUser user = setUpScimUser();
user.setEmails(null);
getMockMvc()
.perform(
put("/Users/" + user.getId())
.header("Authorization", "Bearer " + scimReadWriteToken)
.header("If-Match", "\"" + user.getVersion() + "\"")
.contentType(APPLICATION_JSON)
.content(JsonUtils.writeValueAsString(user)))
.andExpect(status().isBadRequest())
.andExpect(
content()
.string(
JsonObjectMatcherUtils.matchesJsonObject(
new JSONObject()
.put("error_description", "Exactly one email must be provided.")
.put("message", "Exactly one email must be provided.")
.put("error", "invalid_scim_resource"))));
}