public static MultiValueMap<String, String> plain_text() {
MultiValueMap<String, String> header = new HttpHeaders();
header.put("Content-Type", Arrays.asList("plain/text"));
return header;
}
private <T> ResponseEntity<T> createResponse(Class<T> clazz, Object instance, Response response) {
MultiValueMap<String, String> headers = new LinkedMultiValueMap<>();
for (String key : response.headers().keySet()) {
headers.put(key, new LinkedList<>(response.headers().get(key)));
}
return new ResponseEntity<T>(
clazz.cast(instance), headers, HttpStatus.valueOf(response.status()));
}
private MultiValueMap<String, String> revertHeaders(Header[] headers) {
MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>();
for (Header header : headers) {
String name = header.getName();
if (!map.containsKey(name)) {
map.put(name, new ArrayList<String>());
}
map.get(name).add(header.getValue());
}
return map;
}
private String normalizeParameters(MultiValueMap<String, String> collectedParameters) {
// Normalizes the collected parameters for baseString calculation, per
// http://tools.ietf.org/html/rfc5849#section-3.4.1.3.2
MultiValueMap<String, String> sortedEncodedParameters = new TreeMultiValueMap<String, String>();
for (Iterator<Entry<String, List<String>>> entryIt = collectedParameters.entrySet().iterator();
entryIt.hasNext(); ) {
Entry<String, List<String>> entry = entryIt.next();
String collectedName = entry.getKey();
List<String> collectedValues = entry.getValue();
List<String> encodedValues = new ArrayList<String>(collectedValues.size());
sortedEncodedParameters.put(oauthEncode(collectedName), encodedValues);
for (Iterator<String> valueIt = collectedValues.iterator(); valueIt.hasNext(); ) {
String value = valueIt.next();
encodedValues.add(value != null ? oauthEncode(value) : "");
}
Collections.sort(encodedValues);
}
StringBuilder paramsBuilder = new StringBuilder();
for (Iterator<Entry<String, List<String>>> entryIt =
sortedEncodedParameters.entrySet().iterator();
entryIt.hasNext(); ) {
Entry<String, List<String>> entry = entryIt.next();
String name = entry.getKey();
List<String> values = entry.getValue();
for (Iterator<String> valueIt = values.iterator(); valueIt.hasNext(); ) {
String value = valueIt.next();
paramsBuilder.append(name).append('=').append(value);
if (valueIt.hasNext()) {
paramsBuilder.append("&");
}
}
if (entryIt.hasNext()) {
paramsBuilder.append("&");
}
}
return paramsBuilder.toString();
}
public FacilityReferenceData addPrograms(List<Program> programs) {
referenceData.put(PROGRAMS, programs);
return this;
}
public FacilityReferenceData addGeographicZones(List<GeographicZone> allZones) {
referenceData.put(GEOGRAPHIC_ZONES, allZones);
return this;
}
public FacilityReferenceData addFacilityOperators(List<FacilityOperator> allOperators) {
referenceData.put(FACILITY_OPERATORS, allOperators);
return this;
}
public FacilityReferenceData addFacilityTypes(List<FacilityType> facilityTypes) {
referenceData.put(FACILITY_TYPES, facilityTypes);
return this;
}
@Test
@OAuth2ContextConfiguration(
resource = OAuth2ContextConfiguration.ClientCredentials.class,
initialize = false)
public void testUserAccountGetsUnlockedAfterPasswordChange() throws Exception {
HttpHeaders headers = new HttpHeaders();
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.set("Authorization", testAccounts.getAuthorizationHeader("app", "appclientsecret"));
MultiValueMap<String, String> data = new LinkedMultiValueMap<String, String>();
data.put("grant_type", Collections.singletonList("password"));
data.put("username", Collections.singletonList(joe.getUserName()));
data.put("password", Collections.singletonList("pas5Word"));
ResponseEntity<Map> result =
serverRunning.postForMap(
serverRunning.buildUri("/oauth/token").build().toString(), data, headers);
assertEquals(HttpStatus.OK, result.getStatusCode());
// Lock out the account
data.put("password", Collections.singletonList("randomPassword1"));
for (int i = 0; i < 5; i++) {
result =
serverRunning.postForMap(
serverRunning.buildUri("/oauth/token").build().toString(), data, headers);
assertEquals(HttpStatus.UNAUTHORIZED, result.getStatusCode());
}
// Check that it is locked
result =
serverRunning.postForMap(
serverRunning.buildUri("/oauth/token").build().toString(), data, headers);
assertEquals("Login policy rejected authentication", result.getBody().get("error_description"));
assertEquals(HttpStatus.UNAUTHORIZED, result.getStatusCode());
PasswordChangeRequest change = new PasswordChangeRequest();
change.setPassword("Newpasswo3d");
MultiValueMap<String, String> parameters = new LinkedMultiValueMap<String, String>();
parameters.set("grant_type", "client_credentials");
parameters.set("username", "admin");
parameters.set("password", "adminsecret");
context.getAccessTokenRequest().putAll(parameters);
// Change the password
HttpHeaders passwordChangeHeaders = new HttpHeaders();
ResponseEntity<Void> passwordChangeResult =
client.exchange(
serverRunning.getUrl(userEndpoint) + "/{id}/password",
HttpMethod.PUT,
new HttpEntity<>(change, passwordChangeHeaders),
Void.class,
joe.getId());
assertEquals(HttpStatus.OK, passwordChangeResult.getStatusCode());
MultiValueMap<String, String> newData = new LinkedMultiValueMap<String, String>();
newData.put("grant_type", Collections.singletonList("password"));
newData.put("username", Collections.singletonList(joe.getUserName()));
newData.put("password", Collections.singletonList("Newpasswo3d"));
ResponseEntity<Map> updatedResult =
serverRunning.postForMap(
serverRunning.buildUri("/oauth/token").build().toString(), newData, headers);
assertEquals(HttpStatus.OK, updatedResult.getStatusCode());
}
