Skip to content

Commit

Permalink
Allow link generation to take into account zone switching
Browse files Browse the repository at this point in the history 
Remain backwards compatible with previous API
[#119769891] https://www.pivotaltracker.com/story/show/119769891
  • Loading branch information
@fhanik
fhanik committed May 17, 2016
1 parent 5f7c74a commit 0c32886
Show file tree
Hide file tree
Showing 4 changed files with 68 additions and 5 deletions.
2 changes: 1 addition & 1 deletion server/src/main/java/org/cloudfoundry/identity/uaa/scim/util/ScimUtils.java
View file
Expand Up @@ -81,7 +81,7 @@ public static ExpiringCode getExpiringCode(ExpiringCodeStore codeStore, String u
public static URL getVerificationURL(ExpiringCode expiringCode) {
String url = "";
try {
url = UaaUrlUtils.getUaaUrl("/verify_user");
url = UaaUrlUtils.getUaaUrl("/verify_user", true);

if (expiringCode != null) {
url += "?code=" + expiringCode.getCode();
Expand Down
21 changes: 19 additions & 2 deletions server/src/main/java/org/cloudfoundry/identity/uaa/util/UaaUrlUtils.java
View file
Expand Up @@ -14,6 +14,7 @@
*/
package org.cloudfoundry.identity.uaa.util;

import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.StringUtils;
Expand All @@ -32,15 +33,31 @@ public static String getUaaUrl() {
}

public static String getUaaUrl(String path) {
return getURIBuilder(path).build().toUriString();
return getUaaUrl(path, false);
}
public static String getUaaUrl(String path, boolean zoneSwitchPossible) {
return getURIBuilder(path, zoneSwitchPossible).build().toUriString();
}

public static String getUaaHost() {
return getURIBuilder("").build().getHost();
}

private static UriComponentsBuilder getURIBuilder(String path) {
public static UriComponentsBuilder getURIBuilder(String path) {
return getURIBuilder(path, false);
}
public static UriComponentsBuilder getURIBuilder(String path, boolean zoneSwitchPossible) {
UriComponentsBuilder builder = ServletUriComponentsBuilder.fromCurrentContextPath().path(path);
if (zoneSwitchPossible) {
String host = builder.build().getHost();
IdentityZone current = IdentityZoneHolder.get();
if (host != null && !IdentityZoneHolder.isUaa()) {
if (!host.startsWith(current.getSubdomain() + ".")) {
host = current.getSubdomain() + "." + host;
builder.host(host);
}
}
}
return builder;
}

Expand Down
13 changes: 11 additions & 2 deletions server/src/test/java/org/cloudfoundry/identity/uaa/util/UaaUrlUtilsTest.java
View file
Expand Up @@ -41,13 +41,23 @@ public void setUp() throws Exception {
@After
public void tearDown() throws Exception {
IdentityZoneHolder.clear();
RequestContextHolder.setRequestAttributes(null);
}

@Test
public void testGetUaaUrl() throws Exception {
assertEquals("http://localhost", UaaUrlUtils.getUaaUrl());
}

@Test
public void test_ZoneAware_UaaUrl() throws Exception {
IdentityZone zone = MultitenancyFixture.identityZone("id","subdomain");
IdentityZoneHolder.set(zone);
assertEquals("http://localhost", UaaUrlUtils.getUaaUrl(""));
assertEquals("http://subdomain.localhost", UaaUrlUtils.getUaaUrl("",true));
}


@Test
public void testGetUaaUrlWithPath() throws Exception {
assertEquals("http://localhost/login", UaaUrlUtils.getUaaUrl("/login"));
Expand Down Expand Up @@ -206,8 +216,7 @@ public void findMatchingRedirectUri_usesAntPathMatching() {
}

private void setIdentityZone(String subdomain) {
IdentityZone zone = new IdentityZone();
zone.setSubdomain(subdomain);
IdentityZone zone = MultitenancyFixture.identityZone(subdomain, subdomain);
IdentityZoneHolder.set(zone);
}
}
37 changes: 37 additions & 0 deletions ...test/java/org/cloudfoundry/identity/uaa/scim/endpoints/ScimUserEndpointsMockMvcTests.java
View file
Expand Up @@ -273,6 +273,43 @@ public void verification_link_in_non_default_zone() throws Exception {
assertThat(data.get(REDIRECT_URI), is(HTTP_REDIRECT_EXAMPLE_COM));
}

@Test
public void verification_link_in_non_default_zone_using_switch() throws Exception {
String subdomain = generator.generate().toLowerCase();
MockMvcUtils.IdentityZoneCreationResult zoneResult = utils().createOtherIdentityZoneAndReturnResult(subdomain, getMockMvc(), getWebApplicationContext(), null);
String zonedClientId = "admin";
String zonedClientSecret = "adminsecret";
String zonedScimCreateToken = utils().getClientCredentialsOAuthAccessToken(getMockMvc(), zonedClientId, zonedClientSecret, "uaa.admin", null);

ScimUser joel = setUpScimUser(zoneResult.getIdentityZone());

MockHttpServletRequestBuilder get = MockMvcRequestBuilders.get("/Users/" + joel.getId() + "/verify-link")
.header("Host", "localhost")
.header("Authorization", "Bearer " + zonedScimCreateToken)
.header(IdentityZoneSwitchingFilter.SUBDOMAIN_HEADER, subdomain)
.param("redirect_uri", HTTP_REDIRECT_EXAMPLE_COM)
.accept(APPLICATION_JSON);

MvcResult result = getMockMvc().perform(get)
.andExpect(status().isOk())
.andReturn();
VerificationResponse verificationResponse = JsonUtils.readValue(result.getResponse().getContentAsString(), VerificationResponse.class);
assertThat(verificationResponse.getVerifyLink().toString(), startsWith("http://" + subdomain + ".localhost/verify_user"));

String query = verificationResponse.getVerifyLink().getQuery();

String code = getQueryStringParam(query, "code");
assertThat(code, is(notNullValue()));

ExpiringCode expiringCode = codeStore.retrieveCode(code);
assertThat(expiringCode.getExpiresAt().getTime(), is(greaterThan(System.currentTimeMillis())));
assertThat(expiringCode.getIntent(), is(REGISTRATION.name()));
Map<String, String> data = JsonUtils.readValue(expiringCode.getData(), new TypeReference<Map<String, String>>() {});
assertThat(data.get(InvitationConstants.USER_ID), is(notNullValue()));
assertThat(data.get(CLIENT_ID), is("admin"));
assertThat(data.get(REDIRECT_URI), is(HTTP_REDIRECT_EXAMPLE_COM));
}

@Test
public void create_user_without_email() throws Exception {
ScimUser joel = new ScimUser(null, "a_user", "Joel", "D'sa");
Expand Down

0 comments on commit 0c32886

Please sign in to comment.