fix for tests of authentication evaluators

Evolveum · Mar 6, 2023 · 91a9b17 · 91a9b17
1 parent 8a5ede0
commit 91a9b17
Show file tree

Hide file tree

Showing 7 changed files with 202 additions and 62 deletions.
diff --git a/...ain/java/com/evolveum/midpoint/authentication/impl/FocusAuthenticationResultRecorder.java b/...ain/java/com/evolveum/midpoint/authentication/impl/FocusAuthenticationResultRecorder.java
@@ -22,8 +22,10 @@
 import com.evolveum.midpoint.security.api.ConnectionEnvironment;
 import com.evolveum.midpoint.security.api.MidPointPrincipal;
 import com.evolveum.midpoint.security.api.SecurityUtil;
+import com.evolveum.midpoint.util.exception.*;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
 
+import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
@@ -162,6 +164,13 @@ public void recordSequenceAuthenticationSuccess(MidPointPrincipal principal, Con
 
     public void recordSequenceAuthenticationFailure(String username, MidPointPrincipal principal, CredentialPolicyType credentialsPolicy, String reason, ConnectionEnvironment connEnv) {
         FocusType focusType = null;
+        if (principal == null && StringUtils.isNotEmpty(username)) {
+            try {
+                principal = focusProfileService.getPrincipal(username, FocusType.class);
+            } catch (CommonException e) {
+                //ignore error
+            }
+        }
         if (principal != null) {
             focusType = principal.getFocus();
             processFocusChange(principal, credentialsPolicy, connEnv);

diff --git a/...l/src/main/java/com/evolveum/midpoint/authentication/impl/filter/SequenceAuditFilter.java b/...l/src/main/java/com/evolveum/midpoint/authentication/impl/filter/SequenceAuditFilter.java
@@ -12,13 +12,13 @@
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 
 import com.evolveum.midpoint.authentication.impl.FocusAuthenticationResultRecorder;
 
 import com.evolveum.midpoint.security.api.ConnectionEnvironment;
 import com.evolveum.midpoint.security.api.MidPointPrincipal;
 
+import org.jetbrains.annotations.VisibleForTesting;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.web.filter.OncePerRequestFilter;
@@ -53,6 +53,11 @@ public class SequenceAuditFilter extends OncePerRequestFilter {
     public SequenceAuditFilter() {
     }
 
+    @VisibleForTesting
+    public SequenceAuditFilter(FocusAuthenticationResultRecorder authenticationRecorder) {
+        this.authenticationRecorder = authenticationRecorder;
+    }
+
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
@@ -72,6 +77,13 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             return;
         }
 
+        writeRecord(mpAuthentication);
+
+        filterChain.doFilter(request, response);
+    }
+
+    @VisibleForTesting
+    public void writeRecord(MidpointAuthentication mpAuthentication) {
         MidPointPrincipal mpPrincipal = mpAuthentication.getPrincipal() instanceof MidPointPrincipal ? (MidPointPrincipal) mpAuthentication.getPrincipal() : null;
         boolean isAuthenticated = mpAuthentication.isAuthenticated();
         if (isAuthenticated) {
@@ -84,7 +96,6 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             mpAuthentication.setAlreadyAudited(true);
             LOGGER.trace("Authentication sequence {} evaluated as failed.", mpAuthentication.getSequenceIdentifier());
         }
-        filterChain.doFilter(request, response);
     }
 
     private ConnectionEnvironment createConnectionEnvironment(MidpointAuthentication mpAuthentication) {

diff --git a/...m/evolveum/midpoint/authentication/impl/handler/MidpointAuthenticationFailureHandler.java b/...m/evolveum/midpoint/authentication/impl/handler/MidpointAuthenticationFailureHandler.java
@@ -67,6 +67,7 @@ public void onAuthenticationFailure(HttpServletRequest request, HttpServletRespo
             }
 
             if (!mpAuthentication.isOverLockoutMaxAttempts()) {
+                saveException(request, exception);
                 getRedirectStrategy().sendRedirect(request, response, mpAuthentication.getAuthenticationChannel().getPathDuringProccessing());
                 return;
             }

diff --git a/...ion-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthModuleImpl.java b/...ion-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthModuleImpl.java
@@ -13,6 +13,7 @@
 import com.evolveum.midpoint.authentication.api.ModuleWebSecurityConfiguration;
 
 import org.apache.commons.lang3.Validate;
+import org.jetbrains.annotations.VisibleForTesting;
 import org.springframework.security.web.SecurityFilterChain;
 
 /**
@@ -21,7 +22,8 @@
 
 public class AuthModuleImpl implements AuthModule {
 
-    private AuthModuleImpl(){
+    @VisibleForTesting
+    public AuthModuleImpl(){
 
     }