@Test
public void createUserInOtherZoneWithUaaAdminTokenFromNonDefaultZone() throws Exception {
IdentityZone identityZone = getIdentityZone();
String authorities = "uaa.admin";
clientDetails =
utils()
.createClient(
this.getMockMvc(),
uaaAdminToken,
"testClientId",
"testClientSecret",
null,
null,
Collections.singletonList("client_credentials"),
authorities,
null,
identityZone);
String uaaAdminTokenFromOtherZone =
testClient.getClientCredentialsOAuthAccessToken(
"testClientId", "testClientSecret", "uaa.admin", identityZone.getSubdomain());
byte[] requestBody = JsonUtils.writeValueAsBytes(getScimUser());
MockHttpServletRequestBuilder post =
post("/Users")
.header("Authorization", "Bearer " + uaaAdminTokenFromOtherZone)
.contentType(APPLICATION_JSON)
.content(requestBody);
post.with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost"));
post.header(IdentityZoneSwitchingFilter.HEADER, IdentityZone.getUaa().getId());
getMockMvc().perform(post).andExpect(status().isForbidden());
}
private ResultActions createUserAndReturnResult(
ScimUser user, String token, String subdomain, String switchZone) throws Exception {
byte[] requestBody = JsonUtils.writeValueAsBytes(user);
MockHttpServletRequestBuilder post =
post("/Users")
.header("Authorization", "Bearer " + token)
.contentType(APPLICATION_JSON)
.content(requestBody);
if (subdomain != null && !subdomain.equals(""))
post.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));
if (switchZone != null) post.header(IdentityZoneSwitchingFilter.HEADER, switchZone);
return getMockMvc().perform(post);
}