@Test public void testCreateExternalGroupMapNameIsNull() throws Exception { String externalGroup = "cn=developers,ou=scopes,dc=test,dc=com"; ResultActions result = createGroup(null, null, externalGroup); result.andExpect(status().isNotFound()); }
@Test public void requestWhenUsingDebugFilterAndPatternIsNotConfigureForSecurityThenRespondsOk() throws Exception { this.spring.configLocations(xml("NoSecurityForPattern")).autowire(); this.mvc.perform(get("/unprotected")) .andExpect(status().isNotFound()); this.mvc.perform(get("/nomatch")) .andExpect(status().isNotFound()); }
@Test public void testCreatingAPasswordResetWhenTheUserDoesNotExist() throws Exception { when(scimUserProvisioning.query("userName eq \"user@example.com\" and origin eq \"" + OriginKeys.UAA + "\"", IdentityZoneHolder.get().getId())) .thenReturn(Arrays.<ScimUser>asList()); MockHttpServletRequestBuilder post = post("/password_resets") .contentType(APPLICATION_JSON) .content("user@example.com") .accept(APPLICATION_JSON); mockMvc.perform(post) .andExpect(status().isNotFound()); }
/** * SEC-1152 */ @Test public void requestWhenUsingMinimalConfigurationThenHonorsAnonymousEndpoints() throws Exception { this.spring.configLocations(xml("AnonymousEndpoints")).autowire(); this.mvc.perform(get("/protected")) .andExpect(status().isUnauthorized()); this.mvc.perform(get("/unprotected")) .andExpect(status().isNotFound()); assertThat(getFilter(AnonymousAuthenticationFilter.class)).isNotNull(); }
@Test void test_delete_with_invalid_id_returns_404() throws Exception { String accessToken = setUpAccessToken(); mockMvc.perform( delete("/identity-providers/invalid-id") .header("Authorization", "Bearer" + accessToken) ).andExpect(status().isNotFound()); }
@Test public void testSwitchingToInvalidSubDomain() throws Exception{ IdentityZone identityZone = createZone(identityToken); String zoneAdminToken = MockMvcUtils.getZoneAdminToken(getMockMvc(),adminToken, identityZone.getId()); createClientInOtherZone(zoneAdminToken, status().isNotFound(), SUBDOMAIN_HEADER, "InvalidSubDomain"); }
@ParameterizedTest @ValueSource(strings = {"notlocalhost", "testsomeother2.ip.com"}) void isNotFound(String hostname) throws Exception { mockMvc.perform( get("/login") .header("Host", hostname) ) .andExpect(status().isNotFound()); } }
@Test public void delete_member_from_nonexistent_group() throws Exception { ScimUser user = createUserAndAddToGroups(IdentityZone.getUaa(), Collections.singleton("scim.read")); getMockMvc().perform(delete("/Groups/nonexistent-group/members/" + user.getId()) .header("Authorization", "Bearer " + scimWriteToken) .header("Content-Type", APPLICATION_JSON_VALUE)) .andExpect(status().isNotFound()); }
@Test public void testDeleteExternalGroupMapUsingNonExistentId() throws Exception { String externalGroup = "cn=developers,ou=scopes,dc=test,dc=com"; String groupId = "non-existent"; MockHttpServletRequestBuilder post = MockMvcRequestBuilders.delete("/Groups/External/groupId/" + groupId + "/externalGroup/" + externalGroup + "/origin/ldap") .header("Authorization", "Bearer " + scimWriteToken) .accept(APPLICATION_JSON); ResultActions result = getMockMvc().perform(post); result.andExpect(status().isNotFound()); }
@Test public void get_group_memberships_for_nonexistent_group() throws Exception { MockHttpServletRequestBuilder get = get("/Groups/nonexistent-group-id/members/") .header("Authorization", "Bearer " + scimReadToken); getMockMvc().perform(get) .andExpect(status().isNotFound()) .andReturn(); }
@Test public void get_group_membership_nonexistent_user() throws Exception { String groupId = getGroupId("scim.read"); MockHttpServletRequestBuilder get = get("/Groups/" + groupId + "/members/non-existent-user") .header("Authorization", "Bearer " + scimReadToken); getMockMvc().perform(get) .andExpect(status().isNotFound()) .andReturn(); }
@Test public void get_group_membership_user_not_member_of_group() throws Exception { String groupId = getGroupId("scim.read"); MockHttpServletRequestBuilder get = get("/Groups/" + groupId + "/members/id-of-random-user") .header("Authorization", "Bearer " + scimReadToken); getMockMvc().perform(get) .andExpect(status().isNotFound()) .andReturn(); }
@Test public void delete_user_not_member_of_group() throws Exception { String groupId = getGroupId("acme"); getMockMvc().perform(delete("/Groups/" + groupId + "/members/" + scimUser.getId()) .header("Authorization", "Bearer " + scimWriteToken) .header("Content-Type", APPLICATION_JSON_VALUE)) .andExpect(status().isNotFound()); }
@Test public void requestWhenHttpPatternUsesRegexMatchingThenMatchesAccordingly() throws Exception { this.spring.configLocations(xml("RegexSecurityPattern")).autowire(); this.mvc.perform(get("/protected")) .andExpect(status().isUnauthorized()); this.mvc.perform(get("/unprotected")) .andExpect(status().isNotFound()); }
@Test public void requestWhenHttpPatternUsesCiRegexMatchingThenMatchesAccordingly() throws Exception { this.spring.configLocations(xml("CiRegexSecurityPattern")).autowire(); this.mvc.perform(get("/ProTectEd")) .andExpect(status().isUnauthorized()); this.mvc.perform(get("/UnProTectEd")) .andExpect(status().isNotFound()); }
@Test public void requestWhenHttpPatternUsesCustomRequestMatcherThenMatchesAccordingly() throws Exception { this.spring.configLocations(xml("CustomRequestMatcher")).autowire(); this.mvc.perform(get("/protected")) .andExpect(status().isUnauthorized()); this.mvc.perform(get("/unprotected")) .andExpect(status().isNotFound()); }
@Test public void add_member_to_nonexistent_group() throws Exception { ScimUser user = createUserAndAddToGroups(IdentityZone.getUaa(), Collections.EMPTY_SET); ScimGroupMember scimGroupMember = new ScimGroupMember(user.getId(), ScimGroupMember.Type.USER); MockHttpServletRequestBuilder post = post("/Groups/nonexistent-group-id/members") .header("Authorization", "Bearer " + scimWriteToken) .header("Content-Type", APPLICATION_JSON_VALUE) .content(JsonUtils.writeValueAsString(scimGroupMember)); getMockMvc().perform(post) .andExpect(status().isNotFound()); }
@Test public void testForgotPasswordWithSelfServiceDisabled() throws Exception { IdentityZone zone = MultitenancyFixture.identityZone("test-zone-id", "testsubdomain"); zone.getConfig().getLinks().getSelfService().setSelfServiceLinksEnabled(false); IdentityZoneHolder.set(zone); mockMvc.perform(get("/forgot_password") .param("client_id", "example") .param("redirect_uri", "http://example.com")) .andExpect(status().isNotFound()) .andExpect(view().name("error")) .andExpect(model().attribute("error_message_code", "self_service_disabled")); }
/** * http/http-basic@entry-point-ref */ @Test public void basicAuthenticationWhenUsingEntryPointRefThenMatchesNamespace() throws Exception { this.spring.register(EntryPointRefHttpBasicConfig.class, UserConfig.class).autowire(); this.mvc.perform(get("/")) .andExpect(status().is(999)); this.mvc.perform(get("/") .with(httpBasic("user", "invalid"))) .andExpect(status().is(999)); this.mvc.perform(get("/") .with(httpBasic("user", "password"))) .andExpect(status().isNotFound()); }
/** * http/http-basic equivalent */ @Test public void basicAuthenticationWhenUsingDefaultsThenMatchesNamespace() throws Exception { this.spring.register(HttpBasicConfig.class, UserConfig.class).autowire(); this.mvc.perform(get("/")) .andExpect(status().isUnauthorized()); this.mvc.perform(get("/") .with(httpBasic("user", "invalid"))) .andExpect(status().isUnauthorized()) .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"Realm\"")); this.mvc.perform(get("/") .with(httpBasic("user", "password"))) .andExpect(status().isNotFound()); }