@Test public void testCreateSyncedIdentityLocalUser() throws Exception { User u = getTestUser(); SyncedIdentity si = DefaultSyncContext.createSyncedIdentity(u); assertNotNull(si); assertEquals(u.getID(), si.getId()); assertNull(si.getExternalIdRef()); assertFalse(si.isGroup()); assertEquals(-1, si.lastSynced()); }
@Nullable @Override public String apply(@Nullable SyncedIdentity syncedIdentity) { if (syncedIdentity != null && isMyIDP(syncedIdentity)) { ExternalIdentityRef ref = syncedIdentity.getExternalIdRef(); try { ExternalIdentity extId = (ref == null) ? null : idp.getIdentity(ref); if (extId == null) { return syncedIdentity.getId(); } } catch (ExternalIdentityException e) { log.error("Error while fetching external identity {}", syncedIdentity, e); } } return null; } }), Predicates.notNull());
/** * {@inheritDoc} */ @Override public boolean requiresSync(@NotNull SyncedIdentity identity) { if (identity.getExternalIdRef() == null || identity.lastSynced() < 0) { return true; } final long now = System.currentTimeMillis(); final long expirationTime = identity.isGroup() ? config.group().getExpirationTime() : config.user().getExpirationTime(); return now - identity.lastSynced() > expirationTime; }
@Override protected SyncedIdentity getNext() { while (iter.hasNext()) { try { SyncedIdentity id = DefaultSyncContext.createSyncedIdentity(iter.next()); if (id != null && id.getExternalIdRef() != null) { return id; } } catch (RepositoryException e) { log.error("Error while fetching authorizables", e); break; } } return null; } };
@Test public void testFindGroupIdentity() throws Exception { SyncedIdentity si = syncHandler.findIdentity(userManager, "c"); assertNull(si); sync("c", true); si = syncHandler.findIdentity(userManager, "c"); assertNotNull(si); assertTrue(si.isGroup()); assertNotNull(si.getExternalIdRef()); }
/** * @see SynchronizationMBean#syncAllUsers(boolean) */ @NotNull String[] syncAllUsers(boolean purge) { try { List<String> list = new ArrayList<>(); context.setKeepMissing(!purge) .setForceGroupSync(true) .setForceUserSync(true); Iterator<SyncedIdentity> it = handler.listIdentities(userMgr); List<SyncResult> results = new ArrayList<>(batchSize); while (it.hasNext()) { SyncedIdentity id = it.next(); if (isMyIDP(id)) { results = syncUser(id.getId(), false, results, list); } } commit(list, results, NO_BATCH_SIZE); return list.toArray(new String[0]); } catch (RepositoryException e) { throw new IllegalStateException("Error retrieving users for syncing", e); } }
@Test public void testLastSynced() { assertEquals(234, si.lastSynced()); assertEquals(234, siGroup.lastSynced()); SyncedIdentity siNeverSynced = new DefaultSyncedIdentity(TestIdentityProvider.ID_TEST_USER, externalUser.getExternalId(), false, -1); assertEquals(-1, siNeverSynced.lastSynced()); } }
private static void append(@NotNull List<String> list, @Nullable SyncedIdentity syncedIdentity, @NotNull String op, @Nullable String msg) { String uid = JsonUtil.getJsonString((syncedIdentity == null ? null : syncedIdentity.getId())); ExternalIdentityRef externalIdentityRef = (syncedIdentity == null) ? null : syncedIdentity.getExternalIdRef(); String eid = (externalIdentityRef == null) ? "\"\"" : JsonUtil.getJsonString(externalIdentityRef.getString()); if (msg == null) { list.add(String.format("{op:\"%s\",uid:%s,eid:%s}", op, uid, eid)); } else { list.add(String.format("{op:\"%s\",uid:%s,eid:%s,msg:%s}", op, uid, eid, JsonUtil.getJsonString(msg))); } }
private boolean isMyIDP(@NotNull SyncedIdentity id) { ExternalIdentityRef ref = id.getExternalIdRef(); String providerName = (ref == null) ? null : ref.getProviderName(); return providerName != null && (providerName.isEmpty() || providerName.equals(idp.getName())); }
@Test public void testSyncByForeignUserId() throws Exception { SyncResult result = syncCtx.sync(getTestUser().getID()); assertEquals(SyncResult.Status.FOREIGN, result.getStatus()); SyncedIdentity si = result.getIdentity(); assertNotNull(si); assertNull(si.getExternalIdRef()); assertFalse(si.isGroup()); }
@Test public void testCreateSyncedIdentityEmptyLastSyncedProperty() throws Exception { Group gr = createTestGroup(); gr.setProperty(DefaultSyncContext.REP_LAST_SYNCED, new Value[0]); SyncedIdentity si = DefaultSyncContext.createSyncedIdentity(gr); assertNotNull(si); assertEquals(-1, si.lastSynced()); }
@Test public void testRequiresSyncGroup() throws Exception { sync("c", true); SyncedIdentity si = syncHandler.findIdentity(userManager, "c"); assertNotNull(si); assertTrue(si.isGroup()); assertFalse(syncHandler.requiresSync(si)); }
@Test public void testCreateSyncedIdentityLocalGroup() throws Exception { Group gr = createTestGroup(); SyncedIdentity si = DefaultSyncContext.createSyncedIdentity(gr); assertNotNull(si); assertEquals(gr.getID(), si.getId()); assertNull(si.getExternalIdRef()); assertTrue(si.isGroup()); assertEquals(-1, si.lastSynced()); }
private boolean ignore(@Nullable SyncedIdentity syncedIdentity, @Nullable PreAuthenticatedLogin preAuthLogin) { if (syncedIdentity != null) { ExternalIdentityRef externalIdRef = syncedIdentity.getExternalIdRef(); if (externalIdRef == null) { debug("ignoring local user: {}", syncedIdentity.getId()); return true; } else if (!idp.getName().equals(externalIdRef.getProviderName())) { debug("ignoring foreign identity: {} (idp={})", externalIdRef.getString(), idp.getName()); return true; } if (preAuthLogin != null && !syncHandler.requiresSync(syncedIdentity)) { debug("pre-authenticated external user {} does not require syncing.", syncedIdentity.toString()); return true; } } return false; }
@Test public void testGetExternalIdRef() { assertEquals(externalUser.getExternalId(), si.getExternalIdRef()); assertEquals(externalGroup.getExternalId(), siGroup.getExternalIdRef()); SyncedIdentity siNullExtRef = new DefaultSyncedIdentity(TestIdentityProvider.ID_TEST_USER, null, false, 234); assertNull(siNullExtRef.getExternalIdRef()); }
@Test public void testSyncByForeignGroupId() throws Exception { SyncResult result = syncCtx.sync(createTestGroup().getID()); assertEquals(SyncResult.Status.FOREIGN, result.getStatus()); SyncedIdentity si = result.getIdentity(); assertNotNull(si); assertNull(si.getExternalIdRef()); assertTrue(si.isGroup()); }
@Test public void testForeign() throws Exception { // sync foreign user into the repository // NOTE: that should be considered a bug by the tool that does the sync // as it uses an IDP that is not configured with the login-chain! ExternalIdentityProvider foreign = new TestIdentityProvider("foreign"); SyncContext syncContext = new DefaultSyncContext(syncConfig, foreign, getUserManager(root), getValueFactory(root)); SyncResult result = syncContext.sync(foreign.getUser(TestIdentityProvider.ID_TEST_USER)); long lastSynced = result.getIdentity().lastSynced(); root.commit(); PreAuthCredentials creds = new PreAuthCredentials(TestIdentityProvider.ID_TEST_USER); ContentSession cs = null; try { // login should succeed due the fact that the _LoginModuleImpl_ succeeds for // an existing authorizable if _pre_auth_ is enabled. cs = login(creds); assertEquals(PreAuthCredentials.PRE_AUTH_DONE, creds.getMessage()); // foreign user _must_ not have been touched by the _ExternalLoginModule_ root.refresh(); User u = getUserManager(root).getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class); assertNotNull(u); assertEquals(lastSynced, DefaultSyncContext.createSyncedIdentity(u).lastSynced()); } finally { if (cs != null) { cs.close(); } } }