@Override public ExpiringCode mapRow(ResultSet rs, int rowNum) throws SQLException { String code = rs.getString("code"); Timestamp expiresAt = new Timestamp(rs.getLong("expiresat")); String intent = rs.getString("intent"); String data = rs.getString("data"); return new ExpiringCode(code, expiresAt, data, intent); }
@Test(expected = InvalidPasswordException.class) public void resetPassword_validatesNewPassword() { doThrow(new InvalidPasswordException("foo")).when(passwordValidator).validate("new_secret"); ExpiringCode code1 = new ExpiringCode("secret_code", new Timestamp(System.currentTimeMillis() + 1000*60*10), "{}", null); uaaResetPasswordService.resetPassword(code1, "new_secret"); }
@Test(expected = InvalidCodeException.class) public void authentication_fails_withCodeIntendedForDifferentPurpose() { Map<String,String> codeData = new HashMap<>(); codeData.put("user_id", "test-user-id"); codeData.put("client_id", clientId); codeData.put("username", "test-username"); codeData.put(OriginKeys.ORIGIN, OriginKeys.UAA); when(codeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(123), JsonUtils.writeValueAsString(codeData), null)); manager.authenticate(authenticationToken); }
@Test(expected = BadCredentialsException.class) public void authentication_fails_withInvalidClient() { Map<String,String> codeData = new HashMap<>(); codeData.put("user_id", "test-user-id"); codeData.put("client_id", "actual-client-id"); codeData.put("username", "test-username"); codeData.put(OriginKeys.ORIGIN, OriginKeys.UAA); codeData.put("action", ExpiringCodeType.AUTOLOGIN.name()); when(codeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(123), JsonUtils.writeValueAsString(codeData), null)); manager.authenticate(authenticationToken); }
@Test(expected = BadCredentialsException.class) public void authentication_fails_withNoClientId() { Map<String,String> codeData = new HashMap<>(); codeData.put("user_id", "test-user-id"); codeData.put("username", "test-username"); codeData.put(OriginKeys.ORIGIN, OriginKeys.UAA); codeData.put("action", ExpiringCodeType.AUTOLOGIN.name()); when(codeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(123), JsonUtils.writeValueAsString(codeData), null)); manager.authenticate(authenticationToken); }
@Test public void forgotPasswordFallsBackToUsernameIfNoPrimaryEmail() throws Exception { ScimUser user = new ScimUser("user-id-001", "user@example.com", "firstName", "lastName"); String zoneID = IdentityZoneHolder.get().getId(); when(scimUserProvisioning.query(contains("origin"), eq(zoneID))).thenReturn(Arrays.asList(user)); Timestamp expiresAt = new Timestamp(System.currentTimeMillis()); when(codeStore.generateCode(anyString(), any(Timestamp.class), anyString(), anyString())) .thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null)); ForgotPasswordInfo forgotPasswordInfo = uaaResetPasswordService.forgotPassword("exampleUser", "example", "redirect.example.com"); assertThat(forgotPasswordInfo.getEmail(), equalTo("user@example.com")); }
@Test(expected = InvalidCodeException.class) public void authentication_fails_withInvalidCode() { Map<String,String> codeData = new HashMap<>(); codeData.put("action", "someotheraction"); when(codeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(123), JsonUtils.writeValueAsString(codeData), null)); manager.authenticate(authenticationToken); }
@Test public void nonMatchingCodeIntent() { Map<String,String> userData = new HashMap<>(); userData.put(USER_ID, "user-id-001"); userData.put(EMAIL, "user@example.com"); when(expiringCodeStore.retrieveCode(anyString(), eq(IdentityZoneHolder.get().getId()))).thenReturn(new ExpiringCode("code", new Timestamp(System.currentTimeMillis()), JsonUtils.writeValueAsString(userData), "wrong-intent")); HttpClientErrorException httpClientErrorException = Assertions.assertThrows(HttpClientErrorException.class, () -> emailInvitationsService.acceptInvitation("code", "password").getRedirectUri()); assertThat(httpClientErrorException.getMessage(), CoreMatchers.containsString("400 BAD_REQUEST")); }
@Test public void testStoreLargeData() { char[] oneMb = new char[1024 * 1024]; Arrays.fill(oneMb, 'a'); String data = new String(oneMb); Timestamp expiresAt = new Timestamp(currentTime.get() + 60000); ExpiringCode expiringCode = new ExpiringCode(null, expiresAt, data, null); ExpiringCode generatedCode = codeStoreEndpoints.generateCode(expiringCode); String code = generatedCode.getCode(); ExpiringCode actualCode = codeStoreEndpoints.retrieveCode(code); assertEquals(generatedCode, actualCode); }
@Test public void testCompleteVerificationWithInvalidIntent() throws Exception { when(codeStore.retrieveCode("invalid_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("invalid_code", new Timestamp(System.currentTimeMillis()), null, "invalid-intent")); Assertions.assertThrows(UaaException.class, () -> emailChangeEmailService.completeVerification("invalid_code")); }
@Test public void incorrectCodeIntent() throws Exception { Map<String,String> codeData = new HashMap<>(); codeData.put("user_id", "user-id-001"); codeData.put("email", "user@example.com"); codeData.put("client_id", "client-id"); codeData.put("redirect_uri", "blah.test.com"); when(expiringCodeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("code", new Timestamp(System.currentTimeMillis()), JsonUtils.writeValueAsString(codeData), "incorrect-code-intent"));; MockHttpServletRequestBuilder get = get("/invitations/accept") .param("code", "the_secret_code"); mockMvc.perform(get).andExpect(status().isUnprocessableEntity()); }
@Test public void testGenerateCodeWithNullData() { Timestamp expiresAt = new Timestamp(currentTime.get() + 60000); ExpiringCode expiringCode = new ExpiringCode(null, expiresAt, null, null); try { codeStoreEndpoints.generateCode(expiringCode); fail("code is null, should throw CodeStoreException."); } catch (CodeStoreException e) { assertEquals(e.getStatus(), HttpStatus.BAD_REQUEST); } }
@Test public void testGenerateCodeWithExpiresAtInThePast() { String data = "{}"; Timestamp expiresAt = new Timestamp(currentTime.get() - 60000); ExpiringCode expiringCode = new ExpiringCode(null, expiresAt, data, null); try { codeStoreEndpoints.generateCode(expiringCode); fail("expiresAt is in the past, should throw CodeStoreException."); } catch (CodeStoreException e) { assertEquals(e.getStatus(), HttpStatus.BAD_REQUEST); } }
@Test public void testIsExpired() throws Exception { ExpiringCode expiringCode = new ExpiringCode(); assertFalse(expiringCode.isExpired()); expiringCode.setExpiresAt(new Timestamp(System.currentTimeMillis() - 1000)); assertTrue(expiringCode.isExpired()); expiringCode.setExpiresAt(new Timestamp(System.currentTimeMillis() + 1000)); assertFalse(expiringCode.isExpired()); } }
@Test public void changeEmail_withIncorrectCode() throws Exception { when(expiringCodeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())) .thenReturn(new ExpiringCode("the_secret_code", new Timestamp(System.currentTimeMillis()), "{\"userId\":\"user-id-001\",\"email\":\"new@example.com\",\"client_id\":null}", "incorrect-code")); mockMvc.perform(post("/email_changes") .contentType(APPLICATION_JSON) .content("the_secret_code") .accept(APPLICATION_JSON)) .andExpect(MockMvcResultMatchers.status().isUnprocessableEntity()); } }
@Test public void testGenerateCode() { String data = "{}"; Timestamp expiresAt = new Timestamp(currentTime.get() + 60000); ExpiringCode expiringCode = new ExpiringCode(null, expiresAt, data, null); ExpiringCode result = codeStoreEndpoints.generateCode(expiringCode); assertNotNull(result); assertNotNull(result.getCode()); assertTrue(result.getCode().trim().length() == 10); assertEquals(expiresAt, result.getExpiresAt()); assertEquals(data, result.getData()); }
@Test public void testGenerateCodeWithNullExpiresAt() { String data = "{}"; ExpiringCode expiringCode = new ExpiringCode(null, null, data, null); try { codeStoreEndpoints.generateCode(expiringCode); fail("expiresAt is null, should throw CodeStoreException."); } catch (CodeStoreException e) { assertEquals(e.getStatus(), HttpStatus.BAD_REQUEST); } }
@Test void testGenerateCodeAnonymous() throws Exception { Timestamp ts = new Timestamp(System.currentTimeMillis() + 60000); ExpiringCode code = new ExpiringCode(null, ts, "{}", null); String requestBody = JsonUtils.writeValueAsString(code); MockHttpServletRequestBuilder post = post("/Codes") .contentType(APPLICATION_JSON) .accept(MediaType.APPLICATION_JSON) .content(requestBody); mockMvc.perform(post) .andExpect(status().isUnauthorized()); }
@Test void testGenerateCodeWithExpiresAtInThePast() throws Exception { Timestamp ts = new Timestamp(System.currentTimeMillis() - 60000); ExpiringCode code = new ExpiringCode(null, ts, null, null); String requestBody = JsonUtils.writeValueAsString(code); MockHttpServletRequestBuilder post = post("/Codes") .header("Authorization", "Bearer " + loginToken) .contentType(APPLICATION_JSON) .accept(MediaType.APPLICATION_JSON) .content(requestBody); mockMvc.perform(post) .andExpect(status().isBadRequest()); }
@Test void testGenerateCodeWithNullExpiresAt() throws Exception { ExpiringCode code = new ExpiringCode(null, null, "{}", null); String requestBody = JsonUtils.writeValueAsString(code); MockHttpServletRequestBuilder post = post("/Codes") .header("Authorization", "Bearer " + loginToken) .contentType(APPLICATION_JSON) .accept(MediaType.APPLICATION_JSON) .content(requestBody); mockMvc.perform(post) .andExpect(status().isBadRequest()); }