Adjust OIDC tests based on breaking change

Username defaults to SUB claim, not preferred_username [#148658595] https://www.pivotaltracker.com/story/show/148658595
cloudfoundry · Aug 28, 2017 · 07c2545 · 07c2545
1 parent 19d9a23
commit 07c2545
Showing 1 changed file with 46 additions and 13 deletions.
diff --git a/...st/java/org/cloudfoundry/identity/uaa/provider/oauth/XOAuthAuthenticationManagerTest.java b/...st/java/org/cloudfoundry/identity/uaa/provider/oauth/XOAuthAuthenticationManagerTest.java
@@ -37,7 +37,11 @@
 import org.cloudfoundry.identity.uaa.provider.IdentityProviderProvisioning;
 import org.cloudfoundry.identity.uaa.provider.OIDCIdentityProviderDefinition;
 import org.cloudfoundry.identity.uaa.provider.RawXOAuthIdentityProviderDefinition;
-import org.cloudfoundry.identity.uaa.user.*;
+import org.cloudfoundry.identity.uaa.user.InMemoryUaaUserDatabase;
+import org.cloudfoundry.identity.uaa.user.UaaAuthority;
+import org.cloudfoundry.identity.uaa.user.UaaUser;
+import org.cloudfoundry.identity.uaa.user.UaaUserPrototype;
+import org.cloudfoundry.identity.uaa.user.UserInfo;
 import org.cloudfoundry.identity.uaa.util.JsonUtils;
 import org.cloudfoundry.identity.uaa.util.RestTemplateFactory;
 import org.cloudfoundry.identity.uaa.util.TimeServiceImpl;
@@ -78,7 +82,12 @@
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.time.Instant;
-import java.util.*;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.stream.Collectors;
 
@@ -87,18 +96,40 @@
 import static org.cloudfoundry.identity.uaa.provider.ExternalIdentityProviderDefinition.USER_NAME_ATTRIBUTE_NAME;
 import static org.cloudfoundry.identity.uaa.util.UaaMapUtils.entry;
 import static org.cloudfoundry.identity.uaa.util.UaaMapUtils.map;
-import static org.hamcrest.Matchers.*;
-import static org.junit.Assert.*;
+import static org.hamcrest.Matchers.containsInAnyOrder;
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.instanceOf;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.nullValue;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 import static org.mockito.Matchers.anyBoolean;
 import static org.mockito.Matchers.anyObject;
 import static org.mockito.Matchers.anyString;
 import static org.mockito.Matchers.eq;
 import static org.mockito.Matchers.same;
-import static org.mockito.Mockito.*;
+import static org.mockito.Mockito.atLeast;
+import static org.mockito.Mockito.doAnswer;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.reset;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
 import static org.springframework.http.HttpStatus.OK;
 import static org.springframework.http.MediaType.APPLICATION_JSON;
-import static org.springframework.test.web.client.match.MockRestRequestMatchers.*;
-import static org.springframework.test.web.client.response.MockRestResponseCreators.*;
+import static org.springframework.test.web.client.match.MockRestRequestMatchers.content;
+import static org.springframework.test.web.client.match.MockRestRequestMatchers.header;
+import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo;
+import static org.springframework.test.web.client.response.MockRestResponseCreators.withBadRequest;
+import static org.springframework.test.web.client.response.MockRestResponseCreators.withServerError;
+import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus;
 
 public class XOAuthAuthenticationManagerTest {
 
@@ -145,6 +176,7 @@ public class XOAuthAuthenticationManagerTest {
     @After
     public void clearContext() {
         SecurityContextHolder.clearContext();
+        IdentityZoneHolder.clear();
         header = map(
             entry("alg", "HS256"),
             entry("kid", "testKey"),
@@ -366,7 +398,8 @@ public void unable_to_resolve_to_single_provider() throws Exception {
         xCodeToken = new XOAuthCodeToken(null,null,null,token.getIdTokenValue(),null,null);
         exception.expect(InsufficientAuthenticationException.class);
         exception.expectMessage(String.format("Unable to map issuer, %s , to a single registered provider", issuer));
-        when(provisioning.retrieveAll(eq(true), eq(IdentityZoneHolder.get().getId()))).thenReturn(emptyList());
+        String zoneId = IdentityZoneHolder.get().getId();
+        when(provisioning.retrieveAll(eq(true), eq(zoneId))).thenReturn(emptyList());
         getAuthenticationData(xCodeToken);
     }
 
@@ -594,7 +627,7 @@ public void assertUserCreated(NewUserAuthenticatedEvent event) {
         assertEquals("marissa@bloggs.com", uaaUser.getEmail());
         assertEquals("the_origin", uaaUser.getOrigin());
         assertEquals("1234567890", uaaUser.getPhoneNumber());
-        assertEquals("marissa",uaaUser.getUsername());
+        assertEquals("12345",uaaUser.getUsername());
         assertEquals(OriginKeys.UAA, uaaUser.getZoneId());
     }
 
@@ -679,7 +712,7 @@ public void updateShadowUser_IfAlreadyExists() throws MalformedURLException {
         mockToken();
 
         UaaUser existingShadowUser = new UaaUser(new UaaUserPrototype()
-            .withUsername("marissa")
+            .withUsername("12345")
             .withPassword("")
             .withEmail("marissa_old@bloggs.com")
             .withGivenName("Marissa_Old")
@@ -705,7 +738,7 @@ public void updateShadowUser_IfAlreadyExists() throws MalformedURLException {
         assertEquals("marissa@bloggs.com", uaaUser.getEmail());
         assertEquals("the_origin", uaaUser.getOrigin());
         assertEquals("1234567890", uaaUser.getPhoneNumber());
-        assertEquals("marissa", uaaUser.getUsername());
+        assertEquals("12345", uaaUser.getUsername());
         assertEquals(OriginKeys.UAA, uaaUser.getZoneId());
     }
 
@@ -770,7 +803,7 @@ public void loginAndValidateSignatureUsingTokenKeyEndpoint() throws Exception {
         mockToken();
 
         UaaUser existingShadowUser = new UaaUser(new UaaUserPrototype()
-                .withUsername("marissa")
+                .withUsername("12345")
                 .withPassword("")
                 .withEmail("marissa_old@bloggs.com")
                 .withGivenName("Marissa_Old")
@@ -834,7 +867,7 @@ public void getUserWithNullEmail() throws MalformedURLException {
         mockToken();
         UaaUser user = xoAuthAuthenticationManager.getUser(xCodeToken, getAuthenticationData(xCodeToken));
 
-        assertEquals("marissa@user.from.the_origin.cf", user.getEmail());
+        assertEquals("12345@user.from.the_origin.cf", user.getEmail());
     }
 
     private XOAuthAuthenticationManager.AuthenticationData getAuthenticationData(XOAuthCodeToken xCodeToken) {