diff --git a/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZone.java b/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZone.java index 307d9f45574..04e5aef3c94 100644 --- a/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZone.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZone.java @@ -4,39 +4,21 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; +import lombok.Data; +import lombok.EqualsAndHashCode; import org.cloudfoundry.identity.uaa.constants.OriginKeys; import javax.validation.constraints.NotNull; import java.util.Calendar; import java.util.Date; +@Data +@EqualsAndHashCode(onlyExplicitlyIncluded = true) @JsonInclude(JsonInclude.Include.NON_NULL) @JsonIgnoreProperties(ignoreUnknown = true) public class IdentityZone { - public static IdentityZone getUaa() { - Calendar calendar = Calendar.getInstance(); - calendar.clear(); - calendar.set(Calendar.YEAR, 2000); - IdentityZone uaa = new IdentityZone(); - uaa.setCreated(calendar.getTime()); - uaa.setLastModified(calendar.getTime()); - uaa.setVersion(0); - uaa.setId(OriginKeys.UAA); - uaa.setName(OriginKeys.UAA); - uaa.setDescription("The system zone for backwards compatibility"); - uaa.setSubdomain(""); - return uaa; - } - - public static String getUaaZoneId() { - return getUaa().getId(); - } - - @JsonIgnore - public boolean isUaa() { - return this.equals(getUaa()); - } + @EqualsAndHashCode.Include private String id; @NotNull @@ -58,97 +40,27 @@ public boolean isUaa() { private boolean active = true; - public Date getCreated() { - return created; - } - - public void setCreated(Date created) { - this.created = created; - } - - public Date getLastModified() { - return lastModified; - } - - public void setLastModified(Date lastModified) { - this.lastModified = lastModified; - } - - public void setVersion(int version) { - this.version = version; - } - - public int getVersion() { - return version; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getSubdomain() { - return subdomain; - } - - public void setSubdomain(String subdomain) { - this.subdomain = subdomain; - } - - public String getId() { - return id; - } - - public void setId(String id) { - this.id = id; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public boolean isActive() { - return active; - } - - public void setActive(boolean active) { - this.active = active; - } - - public IdentityZoneConfiguration getConfig() { - return config; - } - - public void setConfig(IdentityZoneConfiguration config) { - this.config = config; + public static IdentityZone getUaa() { + Calendar calendar = Calendar.getInstance(); + calendar.clear(); + calendar.set(Calendar.YEAR, 2000); + IdentityZone uaa = new IdentityZone(); + uaa.setCreated(calendar.getTime()); + uaa.setLastModified(calendar.getTime()); + uaa.setVersion(0); + uaa.setId(OriginKeys.UAA); + uaa.setName(OriginKeys.UAA); + uaa.setDescription("The system zone for backwards compatibility"); + uaa.setSubdomain(""); + return uaa; } - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((id == null) ? 0 : id.hashCode()); - return result; + public static String getUaaZoneId() { + return getUaa().getId(); } - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - IdentityZone other = (IdentityZone) obj; - if (id == null) { - return other.id == null; - } else return id.equals(other.id); + @JsonIgnore + public boolean isUaa() { + return this.equals(getUaa()); } } diff --git a/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneConfiguration.java b/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneConfiguration.java index 79cfd45c6ef..9b08a30b84e 100644 --- a/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneConfiguration.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneConfiguration.java @@ -15,6 +15,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonInclude; +import lombok.Data; import org.cloudfoundry.identity.uaa.login.Prompt; import java.net.MalformedURLException; @@ -22,6 +23,7 @@ import java.util.Arrays; import java.util.List; +@Data @JsonInclude(JsonInclude.Include.NON_NULL) @JsonIgnoreProperties(ignoreUnknown = true) public class IdentityZoneConfiguration { @@ -32,118 +34,44 @@ public class IdentityZoneConfiguration { private CorsPolicy corsPolicy = new CorsPolicy(); private Links links = new Links(); private List prompts = Arrays.asList( - new Prompt("username", "text", "Email"), - new Prompt("password", "password", "Password"), - new Prompt("passcode", "password", "Temporary Authentication Code (Get on at /passcode)") + new Prompt("username", "text", "Email"), + new Prompt("password", "password", "Password"), + new Prompt("passcode", "password", "Temporary Authentication Code (Get on at /passcode)") ); private boolean idpDiscoveryEnabled = false; private BrandingInformation branding; private boolean accountChooserEnabled; private UserConfig userConfig = new UserConfig(); + @JsonInclude(JsonInclude.Include.NON_NULL) private String issuer; private String defaultIdentityProvider; - public IdentityZoneConfiguration() {} - - public IdentityZoneConfiguration(TokenPolicy tokenPolicy) { - this.tokenPolicy = tokenPolicy; - } - - public ClientSecretPolicy getClientSecretPolicy() { - return clientSecretPolicy; + public IdentityZoneConfiguration() { } - public void setClientSecretPolicy(ClientSecretPolicy clientSecretPolicy) { - this.clientSecretPolicy = clientSecretPolicy; - } - - public TokenPolicy getTokenPolicy() { - return tokenPolicy; - } - - public void setTokenPolicy(TokenPolicy tokenPolicy) { + public IdentityZoneConfiguration(TokenPolicy tokenPolicy) { this.tokenPolicy = tokenPolicy; } - public SamlConfig getSamlConfig() { - return samlConfig; - } - public IdentityZoneConfiguration setSamlConfig(SamlConfig samlConfig) { this.samlConfig = samlConfig; return this; } - public Links getLinks() { - return links; - } - public IdentityZoneConfiguration setLinks(Links links) { this.links = links; return this; } - public List getPrompts() { - return prompts; - } - public IdentityZoneConfiguration setPrompts(List prompts) { this.prompts = prompts; return this; } - public boolean isIdpDiscoveryEnabled() { - return idpDiscoveryEnabled; - } - - public void setIdpDiscoveryEnabled(boolean idpDiscoveryEnabled) { - this.idpDiscoveryEnabled = idpDiscoveryEnabled; - } - - public BrandingInformation getBranding() { - return branding; - } - - public void setBranding(BrandingInformation branding) { - this.branding = branding; - } - - public void setAccountChooserEnabled(boolean accountChooserEnabled) { - this.accountChooserEnabled = accountChooserEnabled; - } - - public CorsPolicy getCorsPolicy() { - return corsPolicy; - } - public IdentityZoneConfiguration setCorsPolicy(CorsPolicy corsPolicy) { this.corsPolicy = corsPolicy; return this; } - public boolean isAccountChooserEnabled() { - return accountChooserEnabled; - } - - public UserConfig getUserConfig() { - return userConfig; - } - - public void setUserConfig(UserConfig userConfig) { - this.userConfig = userConfig; - } - - public String getDefaultIdentityProvider() { - return defaultIdentityProvider; - } - - public void setDefaultIdentityProvider(String defaultIdentityProvider) { - this.defaultIdentityProvider = defaultIdentityProvider; - } - - @JsonInclude(JsonInclude.Include.NON_NULL) - public String getIssuer() { - return issuer; - } @JsonInclude(JsonInclude.Include.NON_NULL) public void setIssuer(String issuer) { diff --git a/model/src/test/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneTest.java b/model/src/test/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneTest.java index ced75d30185..15ebf5bfe7b 100644 --- a/model/src/test/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneTest.java +++ b/model/src/test/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneTest.java @@ -14,16 +14,13 @@ import java.util.Set; import java.util.stream.Stream; +import static org.assertj.core.api.Assertions.assertThat; import static org.cloudfoundry.identity.uaa.test.ModelTestUtils.getResourceAsString; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.is; -import static org.junit.Assert.assertEquals; class IdentityZoneTest { @Test void getUaa() { - Calendar calendar = Calendar.getInstance(); calendar.set(2000, Calendar.JANUARY, 1, 0, 0, 0); calendar.set(Calendar.MILLISECOND, 0); @@ -31,14 +28,14 @@ void getUaa() { IdentityZone actual = IdentityZone.getUaa(); - assertThat(actual.getId(), is("uaa")); - assertThat(actual.getSubdomain(), is("")); - assertThat(actual.getName(), is("uaa")); - assertThat(actual.getVersion(), is(0)); - assertThat(actual.getDescription(), is("The system zone for backwards compatibility")); - assertThat(actual.isActive(), is(true)); - assertThat(actual.getCreated(), is(expectedDate)); - assertThat(actual.getLastModified(), is(expectedDate)); + assertThat(actual.getId()).isEqualTo("uaa"); + assertThat(actual.getSubdomain()).isEmpty(); + assertThat(actual.getName()).isEqualTo("uaa"); + assertThat(actual.getVersion()).isZero(); + assertThat(actual.getDescription()).isEqualTo("The system zone for backwards compatibility"); + assertThat(actual.isActive()).isTrue(); + assertThat(actual.getCreated()).isEqualTo(expectedDate); + assertThat(actual.getLastModified()).isEqualTo(expectedDate); // TODO: Validate that the config is the result of `new IdentityZoneConfiguration()` // Currently this is not possible because not all objects have a `.equals()` method @@ -56,23 +53,23 @@ public Stream provideArguments(ExtensionContext context) { uaa.setId("uaa"); return Stream.of( - Arguments.of(IdentityZone.getUaa(), true), - Arguments.of(uaa, true), - Arguments.of(new IdentityZone(), false), - Arguments.of(notUaa, false) + Arguments.of(IdentityZone.getUaa(), true, "true:getUaa"), + Arguments.of(uaa, true, "true:id=uaa"), + Arguments.of(new IdentityZone(), false, "false:new"), + Arguments.of(notUaa, false, "false:id=something") ); } } - @ParameterizedTest + @ParameterizedTest(name = "[{index}] {2}") @ArgumentsSource(IsUaaArgumentsSource.class) - void isUaa_usesOnlyId(IdentityZone identityZone, boolean isUaa) { - assertThat(identityZone.isUaa(), is(isUaa)); + void isUaa_usesOnlyId(IdentityZone identityZone, boolean isUaa, String ignoredMessage) { + assertThat(identityZone.isUaa()).isEqualTo(isUaa); } @Test void getUaaZoneId() { - assertThat(IdentityZone.getUaaZoneId(), is("uaa")); + assertThat(IdentityZone.getUaaZoneId()).isEqualTo("uaa"); } private static class EqualsArgumentsSource implements ArgumentsProvider { @@ -90,18 +87,21 @@ public Stream provideArguments(ExtensionContext context) { zone2.setSubdomain("subdomain"); return Stream.of( - Arguments.of(new IdentityZone(), new IdentityZone(), true), - Arguments.of(IdentityZone.getUaa(), zoneWithIdUaa, true), - Arguments.of(zone1, zone2, false) + Arguments.of(new IdentityZone(), new IdentityZone(), true, "new=new"), + Arguments.of(IdentityZone.getUaa(), zoneWithIdUaa, true, "uaa=uaa"), + Arguments.of(zone1, zone1, true, "zone1=zone1"), + Arguments.of(zone1, zone2, false, "zone1!=zone2"), + Arguments.of(zone2, zone1, false, "zone2!=zone1"), + Arguments.of(zone1, null, false, "zone1=null"), + Arguments.of(zone1, "blah", false, "zone1=string") ); } } - @ParameterizedTest + @ParameterizedTest(name = "[{index}] {3}") @ArgumentsSource(EqualsArgumentsSource.class) - void equals_usesOnlyId(IdentityZone zone1, IdentityZone zone2, boolean areEqual) { - assertThat(zone1.equals(zone2), is(areEqual)); - assertThat(zone2.equals(zone1), is(areEqual)); + void equals_usesOnlyId(IdentityZone zone1, Object zone2, boolean areEqual, String ignoredMessage) { + assertThat(zone1.equals(zone2)).isEqualTo(areEqual); } private static class HashCodeArgumentsSource implements ArgumentsProvider { @@ -111,34 +111,40 @@ public Stream provideArguments(ExtensionContext context) { IdentityZone zone1 = new IdentityZone(); zone1.setSubdomain("subdomain"); zone1.setId("asdf"); + IdentityZone nullIdZone = new IdentityZone(); + final int prime = 59; + final int nullVal = prime + 43; return Stream.of( - Arguments.of(zone1, 31 + "asdf".hashCode()), - Arguments.of(IdentityZone.getUaa(), 31 + "uaa".hashCode()) + Arguments.of(zone1, prime + "asdf".hashCode(), "asdf"), + Arguments.of(zone1, prime + "asdf".hashCode(), "asdf"), + Arguments.of(IdentityZone.getUaa(), prime + "uaa".hashCode(), "uaa"), + Arguments.of(IdentityZone.getUaa(), prime + "uaa".hashCode(), "uaa"), + Arguments.of(nullIdZone, nullVal, "null id"), + Arguments.of(nullIdZone, nullVal, "null id") ); } } - @ParameterizedTest + @ParameterizedTest(name = "[{index}] {2}") @ArgumentsSource(HashCodeArgumentsSource.class) - void hashCode_usesOnlyId(IdentityZone zone, int expectedHashCode) { - assertThat(zone.hashCode(), is(expectedHashCode)); + void hashCode_usesOnlyId(IdentityZone zone, int expectedHashCode, String ignoredMessage) { + assertThat(zone.hashCode()).isEqualTo(expectedHashCode); } @Test void deserialize() { final String sampleIdentityZoneJson = getResourceAsString(getClass(), "SampleIdentityZone.json"); IdentityZone sampleIdentityZone = JsonUtils.readValue(sampleIdentityZoneJson, IdentityZone.class); - assertEquals("f7758816-ab47-48d9-9d24-25b10b92d4cc", sampleIdentityZone.getId()); - assertEquals("demo", sampleIdentityZone.getSubdomain()); - assertEquals(List.of("openid", "password.write", "uaa.user", "approvals.me", - "profile", "roles", "user_attributes", "uaa.offline_token"), - sampleIdentityZone.getConfig().getUserConfig().getDefaultGroups()); - assertEquals(Set.of("openid", "password.write", "uaa.user", "approvals.me", - "profile", "roles", "user_attributes", "uaa.offline_token", - "scim.me", "cloud_controller.user"), - sampleIdentityZone.getConfig().getUserConfig().resultingAllowedGroups()); - assertEquals(1000, sampleIdentityZone.getConfig().getUserConfig().getMaxUsers()); - assertEquals(true, sampleIdentityZone.getConfig().getUserConfig().isCheckOriginEnabled()); + assertThat(sampleIdentityZone).isNotNull() + .returns("f7758816-ab47-48d9-9d24-25b10b92d4cc", IdentityZone::getId) + .returns("demo", IdentityZone::getSubdomain); + assertThat(sampleIdentityZone.getConfig().getUserConfig().getDefaultGroups()).isEqualTo(List.of("openid", "password.write", "uaa.user", "approvals.me", + "profile", "roles", "user_attributes", "uaa.offline_token")); + assertThat(sampleIdentityZone.getConfig().getUserConfig().resultingAllowedGroups()).isEqualTo(Set.of("openid", "password.write", "uaa.user", "approvals.me", + "profile", "roles", "user_attributes", "uaa.offline_token", + "scim.me", "cloud_controller.user")); + assertThat(sampleIdentityZone.getConfig().getUserConfig().getMaxUsers()).isEqualTo(1000); + assertThat(sampleIdentityZone.getConfig().getUserConfig().isCheckOriginEnabled()).isEqualTo(true); } } \ No newline at end of file diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityProviderBootstrap.java b/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityProviderBootstrap.java index 23a946678b1..1d9219787b6 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityProviderBootstrap.java +++ b/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityProviderBootstrap.java @@ -1,4 +1,5 @@ -/******************************************************************************* +/* + * ***************************************************************************** * Cloud Foundry * Copyright (c) [2009-2016] Pivotal Software, Inc. All Rights Reserved. * @@ -69,6 +70,7 @@ public class IdentityProviderBootstrap private List oauthIdpDefintions; @Setter private Map ldapConfig; + @Setter private Map keystoneConfig; @Setter private PasswordPolicy defaultPasswordPolicy; @@ -182,10 +184,6 @@ protected void populateLdapEnvironment(Map ldapConfig) { } } - public void setKeystoneConfig(HashMap keystoneConfig) { - this.keystoneConfig = keystoneConfig; - } - protected AbstractIdentityProviderDefinition getKeystoneDefinition(Map config) { return new KeystoneIdentityProviderDefinition(config); } @@ -194,13 +192,13 @@ protected void addKeystoneProvider() { boolean keystoneProfile = Arrays.asList(environment.getActiveProfiles()).contains(OriginKeys.KEYSTONE); if (keystoneConfig != null || keystoneProfile) { boolean active = keystoneProfile && keystoneConfig != null; - IdentityProvider provider = new IdentityProvider<>(); + IdentityProvider provider = new IdentityProvider<>(); provider.setOriginKey(OriginKeys.KEYSTONE); provider.setType(OriginKeys.KEYSTONE); provider.setName("UAA Keystone Provider"); provider.setActive(active); provider.setConfig(getKeystoneDefinition(keystoneConfig)); - providers.add(new IdentityProviderWrapper(provider)); + providers.add(new IdentityProviderWrapper<>(provider)); } } diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityZoneConfigurationBootstrap.java b/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityZoneConfigurationBootstrap.java index b084344967b..baaeaf5ebf2 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityZoneConfigurationBootstrap.java +++ b/server/src/main/java/org/cloudfoundry/identity/uaa/impl/config/IdentityZoneConfigurationBootstrap.java @@ -12,6 +12,8 @@ *******************************************************************************/ package org.cloudfoundry.identity.uaa.impl.config; +import lombok.Getter; +import lombok.Setter; import org.cloudfoundry.identity.uaa.login.Prompt; import org.cloudfoundry.identity.uaa.saml.SamlKey; import org.cloudfoundry.identity.uaa.util.JsonUtils; @@ -31,19 +33,21 @@ import java.util.Locale; import java.util.Map; -import static java.util.Collections.EMPTY_MAP; import static java.util.Objects.nonNull; import static java.util.Optional.ofNullable; import static org.springframework.util.StringUtils.hasText; +@Setter public class IdentityZoneConfigurationBootstrap implements InitializingBean { private ClientSecretPolicy clientSecretPolicy; private TokenPolicy tokenPolicy; - private IdentityZoneProvisioning provisioning; + + private final IdentityZoneProvisioning provisioning; private boolean selfServiceLinksEnabled = true; + @Getter private String homeRedirect = null; - private Map selfServiceLinks; + private Map selfServiceLinks; private List logoutRedirectWhitelist; private String logoutRedirectParameterName; private String logoutDefaultRedirectUrl; @@ -60,7 +64,6 @@ public class IdentityZoneConfigurationBootstrap implements InitializingBean { private String activeKeyId; private boolean idpDiscoveryEnabled = false; - private boolean accountChooserEnabled; private Collection defaultUserGroups; @@ -68,12 +71,9 @@ public class IdentityZoneConfigurationBootstrap implements InitializingBean { private Collection allowedUserGroups; private IdentityZoneValidator validator = (config, mode) -> config; + @Getter private Map branding; - public void setValidator(IdentityZoneValidator validator) { - this.validator = validator; - } - public IdentityZoneConfigurationBootstrap(IdentityZoneProvisioning provisioning) { this.provisioning = provisioning; } @@ -93,16 +93,16 @@ public void afterPropertiesSet() throws InvalidIdentityZoneDetailsException { definition.setAccountChooserEnabled(accountChooserEnabled); definition.setDefaultIdentityProvider(defaultIdentityProvider); - samlKeys = ofNullable(samlKeys).orElse(EMPTY_MAP); - for (Map.Entry> entry : samlKeys.entrySet()) { + samlKeys = ofNullable(samlKeys).orElse(Map.of()); + for (Map.Entry> entry : samlKeys.entrySet()) { SamlKey samlKey = new SamlKey(entry.getValue().get("key"), entry.getValue().get("passphrase"), entry.getValue().get("certificate")); definition.getSamlConfig().addKey(ofNullable(entry.getKey()).orElseThrow(() -> new InvalidIdentityZoneDetailsException("SAML key id must not be null.", null)).toLowerCase(Locale.ROOT), samlKey); } definition.getSamlConfig().setActiveKeyId(this.activeKeyId); - if (selfServiceLinks!=null) { - String signup = (String)selfServiceLinks.get("signup"); - String passwd = (String)selfServiceLinks.get("passwd"); + if (selfServiceLinks != null) { + String signup = (String) selfServiceLinks.get("signup"); + String passwd = (String) selfServiceLinks.get("passwd"); if (hasText(signup)) { definition.getLinks().getSelfService().setSignup(signup); } @@ -127,11 +127,11 @@ public void afterPropertiesSet() throws InvalidIdentityZoneDetailsException { BrandingInformation brandingInfo = JsonUtils.convertValue(branding, BrandingInformation.class); definition.setBranding(brandingInfo); - if (defaultUserGroups!=null) { + if (defaultUserGroups != null) { definition.getUserConfig().setDefaultGroups(new LinkedList<>(defaultUserGroups)); } - if (allowedUserGroups!=null) { + if (allowedUserGroups != null) { definition.getUserConfig().setAllowedGroups(new LinkedList<>(allowedUserGroups)); } @@ -141,10 +141,6 @@ public void afterPropertiesSet() throws InvalidIdentityZoneDetailsException { provisioning.update(identityZone); } - public void setClientSecretPolicy(ClientSecretPolicy clientSecretPolicy) { - this.clientSecretPolicy = clientSecretPolicy; - } - public IdentityZoneConfigurationBootstrap setSamlKeys(Map> samlKeys) { this.samlKeys = samlKeys; return this; @@ -154,100 +150,4 @@ public IdentityZoneConfigurationBootstrap setActiveKeyId(String activeKeyId) { this.activeKeyId = activeKeyId != null ? activeKeyId.toLowerCase(Locale.ROOT) : null; return this; } - - public void setTokenPolicy(TokenPolicy tokenPolicy) { - this.tokenPolicy = tokenPolicy; - } - - public void setSelfServiceLinksEnabled(boolean selfServiceLinksEnabled) { - this.selfServiceLinksEnabled = selfServiceLinksEnabled; - } - - public void setHomeRedirect(String homeRedirect) { - this.homeRedirect = homeRedirect; - } - - public String getHomeRedirect() { - return homeRedirect; - } - - public void setSelfServiceLinks(Map links) { - this.selfServiceLinks = links; - } - - public void setLogoutDefaultRedirectUrl(String logoutDefaultRedirectUrl) { - this.logoutDefaultRedirectUrl = logoutDefaultRedirectUrl; - } - - public void setLogoutDisableRedirectParameter(boolean logoutDisableRedirectParameter) { - this.logoutDisableRedirectParameter = logoutDisableRedirectParameter; - } - - public void setLogoutRedirectParameterName(String logoutRedirectParameterName) { - this.logoutRedirectParameterName = logoutRedirectParameterName; - } - - public void setLogoutRedirectWhitelist(List logoutRedirectWhitelist) { - this.logoutRedirectWhitelist = logoutRedirectWhitelist; - } - - public void setPrompts(List prompts) { - this.prompts = prompts; - } - - public void setDefaultIdentityProvider(String defaultIdentityProvider) { - this.defaultIdentityProvider = defaultIdentityProvider; - } - - public void setSamlSpCertificate(String samlSpCertificate) { - this.samlSpCertificate = samlSpCertificate; - } - - public void setSamlSpPrivateKey(String samlSpPrivateKey) { - this.samlSpPrivateKey = samlSpPrivateKey; - } - - public void setSamlSpPrivateKeyPassphrase(String samlSpPrivateKeyPassphrase) { - this.samlSpPrivateKeyPassphrase = samlSpPrivateKeyPassphrase; - } - - public boolean isIdpDiscoveryEnabled() { - return idpDiscoveryEnabled; - } - - public void setIdpDiscoveryEnabled(boolean idpDiscoveryEnabled) { - this.idpDiscoveryEnabled = idpDiscoveryEnabled; - } - - public boolean isAccountChooserEnabled() { - return accountChooserEnabled; - } - - public void setAccountChooserEnabled(boolean accountChooserEnabled) { - this.accountChooserEnabled = accountChooserEnabled; - } - - public void setBranding(Map branding) { - this.branding = branding; - } - - public Map getBranding() { - return branding; - } - - public void setDefaultUserGroups(Collection defaultUserGroups) { - this.defaultUserGroups = defaultUserGroups; - } - - public void setAllowedUserGroups(Collection allowedUserGroups) { - this.allowedUserGroups = allowedUserGroups; - } - - public boolean isDisableSamlInResponseToCheck() { - return disableSamlInResponseToCheck; - } - - public void setDisableSamlInResponseToCheck(boolean disableSamlInResponseToCheck) { - this.disableSamlInResponseToCheck = disableSamlInResponseToCheck; - } } diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java b/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java index 7ba92cf59df..3456ae315aa 100755 --- a/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java +++ b/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java @@ -20,7 +20,6 @@ import org.cloudfoundry.identity.uaa.provider.oauth.OauthIDPWrapperFactoryBean; import org.cloudfoundry.identity.uaa.provider.saml.BootstrapSamlIdentityProviderData; import org.cloudfoundry.identity.uaa.test.TestUtils; -import org.cloudfoundry.identity.uaa.util.PredicateMatcher; import org.cloudfoundry.identity.uaa.zone.IdentityZone; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -43,7 +42,9 @@ import java.util.List; import java.util.Map; -import static java.util.stream.Collectors.toList; +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.fail; import static org.cloudfoundry.identity.uaa.constants.OriginKeys.KEYSTONE; import static org.cloudfoundry.identity.uaa.constants.OriginKeys.LDAP; import static org.cloudfoundry.identity.uaa.constants.OriginKeys.OAUTH20; @@ -53,15 +54,6 @@ import static org.cloudfoundry.identity.uaa.provider.ExternalIdentityProviderDefinition.ATTRIBUTE_MAPPINGS; import static org.cloudfoundry.identity.uaa.provider.ExternalIdentityProviderDefinition.EXTERNAL_GROUPS_WHITELIST; import static org.cloudfoundry.identity.uaa.provider.ExternalIdentityProviderDefinition.STORE_CUSTOM_ATTRIBUTES_NAME; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.containsInAnyOrder; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertFalse; -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.junit.jupiter.api.Assertions.fail; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.reset; import static org.mockito.Mockito.times; @@ -133,18 +125,17 @@ void ldapProfileBootstrap() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider ldapProvider = provisioning.retrieveByOriginIgnoreActiveFlag(LDAP, IdentityZone.getUaaZoneId()); - assertNotNull(ldapProvider); - assertNotNull(ldapProvider.getCreated()); - assertNotNull(ldapProvider.getLastModified()); - assertEquals(LDAP, ldapProvider.getType()); + assertThat(ldapProvider).isNotNull(); + assertThat(ldapProvider.getCreated()).isNotNull(); + assertThat(ldapProvider.getLastModified()).isNotNull(); + assertThat(ldapProvider.getType()).isEqualTo(LDAP); LdapIdentityProviderDefinition definition = ldapProvider.getConfig(); - assertNotNull(definition); - assertFalse(definition.isConfigured()); + assertThat(definition).isNotNull(); + assertThat(definition.isConfigured()).isFalse(); } @Test void ldapBootstrap() throws Exception { - final String idpDescription = "Test LDAP Provider Description"; HashMap ldapConfig = getGenericLdapConfig(); bootstrap.setLdapConfig(ldapConfig); @@ -156,15 +147,15 @@ void ldapBootstrap() throws Exception { private static void validateGenericLdapProvider( IdentityProvider ldapProvider) { - assertNotNull(ldapProvider); - assertNotNull(ldapProvider.getCreated()); - assertNotNull(ldapProvider.getLastModified()); - assertEquals(LDAP, ldapProvider.getType()); - assertThat(ldapProvider.getConfig().getEmailDomain(), containsInAnyOrder("test.domain")); - assertEquals(Collections.singletonList("value"), ldapProvider.getConfig().getExternalGroupsWhitelist()); - assertEquals("first_name", ldapProvider.getConfig().getAttributeMappings().get("given_name")); - assertEquals("Test LDAP Provider Description", ldapProvider.getConfig().getProviderDescription()); - assertFalse(ldapProvider.getConfig().isStoreCustomAttributes()); + assertThat(ldapProvider).isNotNull(); + assertThat(ldapProvider.getCreated()).isNotNull(); + assertThat(ldapProvider.getLastModified()).isNotNull(); + assertThat(ldapProvider.getType()).isEqualTo(LDAP); + assertThat(ldapProvider.getConfig().getEmailDomain()).contains("test.domain"); + assertThat(ldapProvider.getConfig().getExternalGroupsWhitelist()).isEqualTo(Collections.singletonList("value")); + assertThat(ldapProvider.getConfig().getAttributeMappings().get("given_name")).isEqualTo("first_name"); + assertThat(ldapProvider.getConfig().getProviderDescription()).isEqualTo("Test LDAP Provider Description"); + assertThat(ldapProvider.getConfig().isStoreCustomAttributes()).isFalse(); } private static HashMap getGenericLdapConfig() { @@ -213,38 +204,38 @@ void removedLdapBootstrapRemainsActive() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider ldapProvider = provisioning.retrieveByOriginIgnoreActiveFlag(LDAP, IdentityZone.getUaaZoneId()); - assertNotNull(ldapProvider); - assertNotNull(ldapProvider.getCreated()); - assertNotNull(ldapProvider.getLastModified()); - assertEquals(LDAP, ldapProvider.getType()); - assertTrue(ldapProvider.isActive()); + assertThat(ldapProvider).isNotNull(); + assertThat(ldapProvider.getCreated()).isNotNull(); + assertThat(ldapProvider.getLastModified()).isNotNull(); + assertThat(ldapProvider.getType()).isEqualTo(LDAP); + assertThat(ldapProvider.isActive()).isTrue(); bootstrap.setLdapConfig(null); bootstrap.afterPropertiesSet(); ldapProvider = provisioning.retrieveByOriginIgnoreActiveFlag(LDAP, IdentityZone.getUaaZoneId()); - assertNotNull(ldapProvider); - assertNotNull(ldapProvider.getCreated()); - assertNotNull(ldapProvider.getLastModified()); - assertEquals(LDAP, ldapProvider.getType()); - assertFalse(ldapProvider.isActive()); + assertThat(ldapProvider).isNotNull(); + assertThat(ldapProvider.getCreated()).isNotNull(); + assertThat(ldapProvider.getLastModified()).isNotNull(); + assertThat(ldapProvider.getType()).isEqualTo(LDAP); + assertThat(ldapProvider.isActive()).isFalse(); bootstrap.setLdapConfig(ldapConfig); bootstrap.afterPropertiesSet(); ldapProvider = provisioning.retrieveByOriginIgnoreActiveFlag(LDAP, IdentityZone.getUaaZoneId()); - assertNotNull(ldapProvider); - assertNotNull(ldapProvider.getCreated()); - assertNotNull(ldapProvider.getLastModified()); - assertEquals(LDAP, ldapProvider.getType()); - assertTrue(ldapProvider.isActive()); + assertThat(ldapProvider).isNotNull(); + assertThat(ldapProvider.getCreated()).isNotNull(); + assertThat(ldapProvider.getLastModified()).isNotNull(); + assertThat(ldapProvider.getType()).isEqualTo(LDAP); + assertThat(ldapProvider.isActive()).isTrue(); environment.setActiveProfiles("default"); bootstrap.afterPropertiesSet(); ldapProvider = provisioning.retrieveByOriginIgnoreActiveFlag(LDAP, IdentityZone.getUaaZoneId()); - assertNotNull(ldapProvider); - assertNotNull(ldapProvider.getCreated()); - assertNotNull(ldapProvider.getLastModified()); - assertEquals(LDAP, ldapProvider.getType()); - assertFalse(ldapProvider.isActive()); + assertThat(ldapProvider).isNotNull(); + assertThat(ldapProvider.getCreated()).isNotNull(); + assertThat(ldapProvider.getLastModified()).isNotNull(); + assertThat(ldapProvider.getType()).isEqualTo(LDAP); + assertThat(ldapProvider.isActive()).isFalse(); } @Test @@ -253,13 +244,13 @@ void keystoneProfileBootstrap() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider keystoneProvider = provisioning.retrieveByOriginIgnoreActiveFlag(KEYSTONE, IdentityZone.getUaaZoneId()); - assertNotNull(keystoneProvider); - assertEquals(new KeystoneIdentityProviderDefinition(), keystoneProvider.getConfig()); - assertNotNull(keystoneProvider.getCreated()); - assertNotNull(keystoneProvider.getLastModified()); - assertEquals(KEYSTONE, keystoneProvider.getType()); - assertNotNull(keystoneProvider.getConfig()); - assertNull(keystoneProvider.getConfig().getAdditionalConfiguration()); + assertThat(keystoneProvider).isNotNull(); + assertThat(keystoneProvider.getConfig()).isEqualTo(new KeystoneIdentityProviderDefinition()); + assertThat(keystoneProvider.getCreated()).isNotNull(); + assertThat(keystoneProvider.getLastModified()).isNotNull(); + assertThat(keystoneProvider.getType()).isEqualTo(KEYSTONE); + assertThat(keystoneProvider.getConfig()).isNotNull(); + assertThat(keystoneProvider.getConfig().getAdditionalConfiguration()).isNull(); } @Test @@ -270,11 +261,11 @@ void keystoneBootstrap() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider keystoneProvider = provisioning.retrieveByOriginIgnoreActiveFlag(KEYSTONE, IdentityZone.getUaaZoneId()); - assertNotNull(keystoneProvider); - assertEquals(new KeystoneIdentityProviderDefinition(keystoneConfig), keystoneProvider.getConfig()); - assertNotNull(keystoneProvider.getCreated()); - assertNotNull(keystoneProvider.getLastModified()); - assertEquals(KEYSTONE, keystoneProvider.getType()); + assertThat(keystoneProvider).isNotNull(); + assertThat(keystoneProvider.getConfig()).isEqualTo(new KeystoneIdentityProviderDefinition(keystoneConfig)); + assertThat(keystoneProvider.getCreated()).isNotNull(); + assertThat(keystoneProvider.getLastModified()).isNotNull(); + assertThat(keystoneProvider.getType()).isEqualTo(KEYSTONE); } @Test @@ -286,31 +277,31 @@ void removedKeystoneBootstrapIsInactive() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider keystoneProvider = provisioning.retrieveByOriginIgnoreActiveFlag(KEYSTONE, IdentityZone.getUaaZoneId()); - assertNotNull(keystoneProvider); - assertEquals(new KeystoneIdentityProviderDefinition(keystoneConfig), keystoneProvider.getConfig()); - assertNotNull(keystoneProvider.getCreated()); - assertNotNull(keystoneProvider.getLastModified()); - assertEquals(KEYSTONE, keystoneProvider.getType()); - assertTrue(keystoneProvider.isActive()); + assertThat(keystoneProvider).isNotNull(); + assertThat(keystoneProvider.getConfig()).isEqualTo(new KeystoneIdentityProviderDefinition(keystoneConfig)); + assertThat(keystoneProvider.getCreated()).isNotNull(); + assertThat(keystoneProvider.getLastModified()).isNotNull(); + assertThat(keystoneProvider.getType()).isEqualTo(KEYSTONE); + assertThat(keystoneProvider.isActive()).isTrue(); bootstrap.setKeystoneConfig(null); bootstrap.afterPropertiesSet(); keystoneProvider = provisioning.retrieveByOriginIgnoreActiveFlag(KEYSTONE, IdentityZone.getUaaZoneId()); - assertNotNull(keystoneProvider); - assertNotNull(keystoneProvider.getCreated()); - assertNotNull(keystoneProvider.getLastModified()); - assertEquals(KEYSTONE, keystoneProvider.getType()); - assertFalse(keystoneProvider.isActive()); + assertThat(keystoneProvider).isNotNull(); + assertThat(keystoneProvider.getCreated()).isNotNull(); + assertThat(keystoneProvider.getLastModified()).isNotNull(); + assertThat(keystoneProvider.getType()).isEqualTo(KEYSTONE); + assertThat(keystoneProvider.isActive()).isFalse(); bootstrap.setKeystoneConfig(keystoneConfig); bootstrap.afterPropertiesSet(); keystoneProvider = provisioning.retrieveByOriginIgnoreActiveFlag(KEYSTONE, IdentityZone.getUaaZoneId()); - assertNotNull(keystoneProvider); - assertEquals(new KeystoneIdentityProviderDefinition(keystoneConfig), keystoneProvider.getConfig()); - assertNotNull(keystoneProvider.getCreated()); - assertNotNull(keystoneProvider.getLastModified()); - assertEquals(KEYSTONE, keystoneProvider.getType()); - assertTrue(keystoneProvider.isActive()); + assertThat(keystoneProvider).isNotNull(); + assertThat(keystoneProvider.getConfig()).isEqualTo(new KeystoneIdentityProviderDefinition(keystoneConfig)); + assertThat(keystoneProvider.getCreated()).isNotNull(); + assertThat(keystoneProvider.getLastModified()).isNotNull(); + assertThat(keystoneProvider.getType()).isEqualTo(KEYSTONE); + assertThat(keystoneProvider.isActive()).isTrue(); } @Test @@ -330,27 +321,22 @@ void oauthAndOidcProviderDeletion() throws Exception { } private void setOauthIDPWrappers() { - List wrappers = new LinkedList<>(); - oauthProviderConfig - .entrySet() - .forEach( - p -> { - IdentityProvider provider = new IdentityProvider(); - if (p.getValue() instanceof OIDCIdentityProviderDefinition) { - provider.setType(OIDC10); - } else if (p.getValue() instanceof RawExternalOAuthIdentityProviderDefinition) { - provider.setType(OAUTH20); - } - wrappers.add( - OauthIDPWrapperFactoryBean.getIdentityProviderWrapper( - p.getKey(), - p.getValue(), - provider, - true - ) + List wrappers = oauthProviderConfig.entrySet().stream() + .map(e -> { + IdentityProvider provider = new IdentityProvider(); + if (e.getValue() instanceof OIDCIdentityProviderDefinition) { + provider.setType(OIDC10); + } else if (e.getValue() instanceof RawExternalOAuthIdentityProviderDefinition) { + provider.setType(OAUTH20); + } + return + OauthIDPWrapperFactoryBean.getIdentityProviderWrapper( + e.getKey(), + e.getValue(), + provider, + true ); - } - ); + }).toList(); bootstrap.setOauthIdpDefinitions(wrappers); } @@ -369,28 +355,27 @@ void oauthAndOidcProviderActivation() throws Exception { bootstrap.afterPropertiesSet(); for (Map.Entry provider : oauthProviderConfig.entrySet()) { IdentityProvider bootstrapOauthProvider = provisioning.retrieveByOriginIgnoreActiveFlag(provider.getKey(), IdentityZone.getUaaZoneId()); - assertNotNull(bootstrapOauthProvider); - assertThat(oauthProviderConfig.values(), PredicateMatcher.has(c -> c.equals(bootstrapOauthProvider.getConfig()))); - assertNotNull(bootstrapOauthProvider.getCreated()); - assertNotNull(bootstrapOauthProvider.getLastModified()); - assertEquals(provider.getKey(), bootstrapOauthProvider.getType()); - assertTrue(bootstrapOauthProvider.isActive()); + assertThat(bootstrapOauthProvider).isNotNull(); + assertThat(oauthProviderConfig).containsValue(bootstrapOauthProvider.getConfig()); + assertThat(bootstrapOauthProvider.getCreated()).isNotNull(); + assertThat(bootstrapOauthProvider.getLastModified()).isNotNull(); + assertThat(bootstrapOauthProvider.getType()).isEqualTo(provider.getKey()); + assertThat(bootstrapOauthProvider.isActive()).isTrue(); } - } private void validateOauthOidcProvider(Map.Entry provider, IdentityProvider bootstrapOauthProvider) { - assertNotNull(bootstrapOauthProvider); - assertThat(oauthProviderConfig.values(), PredicateMatcher.has(c -> c.equals(bootstrapOauthProvider.getConfig()))); - assertNotNull(bootstrapOauthProvider.getCreated()); - assertNotNull(bootstrapOauthProvider.getLastModified()); - assertEquals(provider.getKey(), bootstrapOauthProvider.getType()); - assertTrue(bootstrapOauthProvider.isActive()); - assertTrue(bootstrapOauthProvider.getConfig().isStoreCustomAttributes()); //default + assertThat(bootstrapOauthProvider).isNotNull(); + assertThat(oauthProviderConfig).containsValue(bootstrapOauthProvider.getConfig()); + assertThat(bootstrapOauthProvider.getCreated()).isNotNull(); + assertThat(bootstrapOauthProvider.getLastModified()).isNotNull(); + assertThat(bootstrapOauthProvider.getType()).isEqualTo(provider.getKey()); + assertThat(bootstrapOauthProvider.isActive()).isTrue(); + assertThat(bootstrapOauthProvider.getConfig().isStoreCustomAttributes()).isTrue(); //default if (OIDC10.equals(provider.getKey())) { - assertEquals("code id_token", bootstrapOauthProvider.getConfig().getResponseType()); + assertThat(bootstrapOauthProvider.getConfig().getResponseType()).isEqualTo("code id_token"); } else { - assertEquals("code", bootstrapOauthProvider.getConfig().getResponseType()); + assertThat(bootstrapOauthProvider.getConfig().getResponseType()).isEqualTo("code"); } } @@ -416,7 +401,7 @@ void bootstrapFailsIfSamlAndOauthHaveTheSameAlias() throws Exception { setOauthIDPWrappers(); bootstrap.setSamlProviders(configurator); - assertThrows(IllegalArgumentException.class, () -> bootstrap.afterPropertiesSet()); + assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> bootstrap.afterPropertiesSet()); } private AbstractExternalOAuthIdentityProviderDefinition setCommonProperties(AbstractExternalOAuthIdentityProviderDefinition definition) throws MalformedURLException { @@ -439,12 +424,12 @@ void samlBootstrap() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); + assertThat(samlProvider).isNotNull(); samlIdentityProviderDefinition.setZoneId(IdentityZone.getUaaZoneId()); - assertEquals(samlIdentityProviderDefinition, samlProvider.getConfig()); - assertNotNull(samlProvider.getCreated()); - assertNotNull(samlProvider.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider.getType()); + assertThat(samlProvider.getConfig()).isEqualTo(samlIdentityProviderDefinition); + assertThat(samlProvider.getCreated()).isNotNull(); + assertThat(samlProvider.getLastModified()).isNotNull(); + assertThat(samlProvider.getType()).isEqualTo(OriginKeys.SAML); } @Test @@ -466,16 +451,13 @@ void providersDeletedAndNotCreated() throws Exception { ArgumentCaptor> captor = ArgumentCaptor.forClass(EntityDeletedEvent.class); verify(publisher, times(2)).publishEvent(captor.capture()); - assertThat( - captor - .getAllValues() - .stream() - .map( - p -> p.getDeleted().getOriginKey() - ).collect(toList() - ), - containsInAnyOrder(originsToDelete.toArray()) - ); + assertThat(captor + .getAllValues() + .stream() + .map( + p -> p.getDeleted().getOriginKey() + ).toList()) + .containsAll(originsToDelete); } private void configureSamlProviders(boolean override, SamlIdentityProviderDefinition... definitions) { @@ -501,10 +483,10 @@ void samlProviderOverrideFalse() throws Exception { IdentityProvider samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); IdentityProvider samlProvider2 = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition1.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); - assertNotNull(samlProvider2); - assertEquals("http://location", samlProvider.getConfig().getMetaDataLocation()); - assertEquals("http://location2", samlProvider2.getConfig().getMetaDataLocation()); + assertThat(samlProvider).isNotNull(); + assertThat(samlProvider2).isNotNull(); + assertThat(samlProvider.getConfig().getMetaDataLocation()).isEqualTo("http://location"); + assertThat(samlProvider2.getConfig().getMetaDataLocation()).isEqualTo("http://location2"); samlIdentityProviderDefinition.setMetaDataLocation("http://some.other.location"); samlIdentityProviderDefinition1.setMetaDataLocation("http://some.other.location"); @@ -514,10 +496,10 @@ void samlProviderOverrideFalse() throws Exception { samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); samlProvider2 = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition1.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); - assertNotNull(samlProvider2); - assertEquals("http://location", samlProvider.getConfig().getMetaDataLocation()); - assertEquals("http://location2", samlProvider2.getConfig().getMetaDataLocation()); + assertThat(samlProvider).isNotNull(); + assertThat(samlProvider.getConfig().getMetaDataLocation()).isEqualTo("http://location"); + assertThat(samlProvider2).isNotNull(); + assertThat(samlProvider2.getConfig().getMetaDataLocation()).isEqualTo("http://location2"); } @@ -529,62 +511,62 @@ void samlProviderNotDeactivated() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); + assertThat(samlProvider).isNotNull(); samlIdentityProviderDefinition.setZoneId(IdentityZone.getUaaZoneId()); - assertEquals(samlIdentityProviderDefinition, samlProvider.getConfig()); - assertNotNull(samlProvider.getCreated()); - assertNotNull(samlProvider.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider.getType()); - assertTrue(samlProvider.isActive()); + assertThat(samlProvider.getConfig()).isEqualTo(samlIdentityProviderDefinition); + assertThat(samlProvider.getCreated()).isNotNull(); + assertThat(samlProvider.getLastModified()).isNotNull(); + assertThat(samlProvider.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider.isActive()).isTrue(); IdentityProvider samlProvider2 = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition1.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider2); + assertThat(samlProvider2).isNotNull(); samlIdentityProviderDefinition1.setZoneId(IdentityZone.getUaaZoneId()); - assertEquals(samlIdentityProviderDefinition1, samlProvider2.getConfig()); - assertNotNull(samlProvider2.getCreated()); - assertNotNull(samlProvider2.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider2.getType()); - assertTrue(samlProvider2.isActive()); + assertThat(samlProvider2.getConfig()).isEqualTo(samlIdentityProviderDefinition1); + assertThat(samlProvider2.getCreated()).isNotNull(); + assertThat(samlProvider2.getLastModified()).isNotNull(); + assertThat(samlProvider2.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider2.isActive()).isTrue(); configureSamlProviders(true, samlIdentityProviderDefinition); bootstrap.setSamlProviders(configurator); bootstrap.afterPropertiesSet(); samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); - assertEquals(samlIdentityProviderDefinition, samlProvider.getConfig()); - assertNotNull(samlProvider.getCreated()); - assertNotNull(samlProvider.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider.getType()); - assertTrue(samlProvider.isActive()); + assertThat(samlProvider).isNotNull(); + assertThat(samlProvider.getConfig()).isEqualTo(samlIdentityProviderDefinition); + assertThat(samlProvider.getCreated()).isNotNull(); + assertThat(samlProvider.getLastModified()).isNotNull(); + assertThat(samlProvider.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider.isActive()).isTrue(); samlProvider2 = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition1.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider2); - assertEquals(samlIdentityProviderDefinition1, samlProvider2.getConfig()); - assertNotNull(samlProvider2.getCreated()); - assertNotNull(samlProvider2.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider2.getType()); - assertTrue(samlProvider2.isActive()); + assertThat(samlProvider2).isNotNull(); + assertThat(samlProvider2.getConfig()).isEqualTo(samlIdentityProviderDefinition1); + assertThat(samlProvider2.getCreated()).isNotNull(); + assertThat(samlProvider2.getLastModified()).isNotNull(); + assertThat(samlProvider2.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider2.isActive()).isTrue(); configureSamlProviders(true, samlIdentityProviderDefinition1); bootstrap.setSamlProviders(configurator); bootstrap.afterPropertiesSet(); samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); - assertEquals(samlIdentityProviderDefinition, samlProvider.getConfig()); - assertNotNull(samlProvider.getCreated()); - assertNotNull(samlProvider.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider.getType()); - assertTrue(samlProvider.isActive()); + assertThat(samlProvider).isNotNull(); + assertThat(samlProvider.getConfig()).isEqualTo(samlIdentityProviderDefinition); + assertThat(samlProvider.getCreated()).isNotNull(); + assertThat(samlProvider.getLastModified()).isNotNull(); + assertThat(samlProvider.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider.isActive()).isTrue(); samlProvider2 = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition1.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider2); - assertEquals(samlIdentityProviderDefinition1, samlProvider2.getConfig()); - assertNotNull(samlProvider2.getCreated()); - assertNotNull(samlProvider2.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider2.getType()); - assertTrue(samlProvider2.isActive()); + assertThat(samlProvider2).isNotNull(); + assertThat(samlProvider2.getConfig()).isEqualTo(samlIdentityProviderDefinition1); + assertThat(samlProvider2.getCreated()).isNotNull(); + assertThat(samlProvider2.getLastModified()).isNotNull(); + assertThat(samlProvider2.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider2.isActive()).isTrue(); configurator = mock(BootstrapSamlIdentityProviderData.class); when(configurator.getIdentityProviderDefinitions()).thenReturn(new LinkedList<>()); @@ -592,20 +574,20 @@ void samlProviderNotDeactivated() throws Exception { bootstrap.afterPropertiesSet(); samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); - assertEquals(samlIdentityProviderDefinition, samlProvider.getConfig()); - assertNotNull(samlProvider.getCreated()); - assertNotNull(samlProvider.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider.getType()); - assertTrue(samlProvider.isActive()); + assertThat(samlProvider).isNotNull(); + assertThat(samlProvider.getConfig()).isEqualTo(samlIdentityProviderDefinition); + assertThat(samlProvider.getCreated()).isNotNull(); + assertThat(samlProvider.getLastModified()).isNotNull(); + assertThat(samlProvider.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider.isActive()).isTrue(); samlProvider2 = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition1.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider2); - assertEquals(samlIdentityProviderDefinition1, samlProvider2.getConfig()); - assertNotNull(samlProvider2.getCreated()); - assertNotNull(samlProvider2.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider2.getType()); - assertTrue(samlProvider2.isActive()); + assertThat(samlProvider2).isNotNull(); + assertThat(samlProvider2.getConfig()).isEqualTo(samlIdentityProviderDefinition1); + assertThat(samlProvider2.getCreated()).isNotNull(); + assertThat(samlProvider2.getLastModified()).isNotNull(); + assertThat(samlProvider2.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider2.isActive()).isTrue(); configurator = mock(BootstrapSamlIdentityProviderData.class); when(configurator.getIdentityProviderDefinitions()).thenReturn(Arrays.asList(samlIdentityProviderDefinition1, samlIdentityProviderDefinition)); @@ -613,20 +595,20 @@ void samlProviderNotDeactivated() throws Exception { bootstrap.afterPropertiesSet(); samlProvider = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider); - assertEquals(samlIdentityProviderDefinition, samlProvider.getConfig()); - assertNotNull(samlProvider.getCreated()); - assertNotNull(samlProvider.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider.getType()); - assertTrue(samlProvider.isActive()); + assertThat(samlProvider).isNotNull(); + assertThat(samlProvider.getConfig()).isEqualTo(samlIdentityProviderDefinition); + assertThat(samlProvider.getCreated()).isNotNull(); + assertThat(samlProvider.getLastModified()).isNotNull(); + assertThat(samlProvider.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider.isActive()).isTrue(); samlProvider2 = provisioning.retrieveByOriginIgnoreActiveFlag(samlIdentityProviderDefinition1.getIdpEntityAlias(), IdentityZone.getUaaZoneId()); - assertNotNull(samlProvider2); - assertEquals(samlIdentityProviderDefinition1, samlProvider2.getConfig()); - assertNotNull(samlProvider2.getCreated()); - assertNotNull(samlProvider2.getLastModified()); - assertEquals(OriginKeys.SAML, samlProvider2.getType()); - assertTrue(samlProvider2.isActive()); + assertThat(samlProvider2).isNotNull(); + assertThat(samlProvider2.getConfig()).isEqualTo(samlIdentityProviderDefinition1); + assertThat(samlProvider2.getCreated()).isNotNull(); + assertThat(samlProvider2.getLastModified()).isNotNull(); + assertThat(samlProvider2.getType()).isEqualTo(OriginKeys.SAML); + assertThat(samlProvider2.isActive()).isTrue(); } @Test @@ -652,7 +634,7 @@ private void setDisableInternalUserManagement(String expectedValue) throws Excep if (expectedValue == null) { expectedValue = "false"; } - assertEquals(Boolean.valueOf(expectedValue), internalIDP.getConfig().isDisableInternalUserManagement()); + assertThat(internalIDP.getConfig().isDisableInternalUserManagement()).isEqualTo(Boolean.valueOf(expectedValue)); } @Test @@ -662,13 +644,13 @@ void setPasswordPolicyToInternalIDP() throws Exception { IdentityProvider internalIDP = provisioning.retrieveByOriginIgnoreActiveFlag(OriginKeys.UAA, IdentityZone.getUaaZoneId()); PasswordPolicy passwordPolicy = internalIDP.getConfig().getPasswordPolicy(); - assertEquals(123, passwordPolicy.getMinLength()); - assertEquals(4567, passwordPolicy.getMaxLength()); - assertEquals(1, passwordPolicy.getRequireUpperCaseCharacter()); - assertEquals(0, passwordPolicy.getRequireLowerCaseCharacter()); - assertEquals(1, passwordPolicy.getRequireDigit()); - assertEquals(0, passwordPolicy.getRequireSpecialCharacter()); - assertEquals(6, passwordPolicy.getExpirePasswordInMonths()); + assertThat(passwordPolicy.getMinLength()).isEqualTo(123); + assertThat(passwordPolicy.getMaxLength()).isEqualTo(4567); + assertThat(passwordPolicy.getRequireUpperCaseCharacter()).isOne(); + assertThat(passwordPolicy.getRequireLowerCaseCharacter()).isZero(); + assertThat(passwordPolicy.getRequireDigit()).isOne(); + assertThat(passwordPolicy.getRequireSpecialCharacter()).isZero(); + assertThat(passwordPolicy.getExpirePasswordInMonths()).isEqualTo(6); } @Test @@ -683,9 +665,9 @@ void setLockoutPolicyToInternalIDP() throws Exception { IdentityProvider internalIDP = provisioning.retrieveByOriginIgnoreActiveFlag(OriginKeys.UAA, IdentityZone.getUaaZoneId()); lockoutPolicy = internalIDP.getConfig().getLockoutPolicy(); - assertEquals(123, lockoutPolicy.getLockoutPeriodSeconds()); - assertEquals(3, lockoutPolicy.getLockoutAfterFailures()); - assertEquals(343, lockoutPolicy.getCountFailuresWithin()); + assertThat(lockoutPolicy.getLockoutPeriodSeconds()).isEqualTo(123); + assertThat(lockoutPolicy.getLockoutAfterFailures()).isEqualTo(3); + assertThat(lockoutPolicy.getCountFailuresWithin()).isEqualTo(343); } @Test @@ -694,19 +676,19 @@ void deactivateAndActivateInternalIDP() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider internalIdp = provisioning.retrieveByOriginIgnoreActiveFlag(OriginKeys.UAA, IdentityZone.getUaaZoneId()); - assertFalse(internalIdp.isActive()); + assertThat(internalIdp.isActive()).isFalse(); environment.setProperty("disableInternalAuth", "false"); bootstrap.afterPropertiesSet(); internalIdp = provisioning.retrieveByOriginIgnoreActiveFlag(OriginKeys.UAA, IdentityZone.getUaaZoneId()); - assertTrue(internalIdp.isActive()); + assertThat(internalIdp.isActive()).isTrue(); } @Test void defaultActiveFlagOnInternalIDP() throws Exception { bootstrap.afterPropertiesSet(); IdentityProvider internalIdp = provisioning.retrieveByOriginIgnoreActiveFlag(OriginKeys.UAA, IdentityZone.getUaaZoneId()); - assertTrue(internalIdp.isActive()); + assertThat(internalIdp.isActive()).isTrue(); } } diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationBootstrapTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationBootstrapTests.java index be259b6b3f2..c3a2e5699bf 100644 --- a/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationBootstrapTests.java +++ b/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationBootstrapTests.java @@ -29,40 +29,34 @@ import java.util.List; import java.util.Map; +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.cloudfoundry.identity.uaa.oauth.token.TokenConstants.TokenFormat.JWT; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.containsInAnyOrder; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertFalse; -import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; @WithDatabaseContext public class IdentityZoneConfigurationBootstrapTests { - public static final String PRIVATE_KEY = - "-----BEGIN RSA PRIVATE KEY-----\n" + - "MIICXAIBAAKBgQDErZsZY70QAa7WdDD6eOv3RLBA4I5J0zZOiXMzoFB5yh64q0sm\n" + - "ESNtV4payOYE5TnHxWjMo0y7gDsGjI1omAG6wgfyp63I9WcLX7FDLyee43fG5+b9\n" + - "roofosL+OzJSXESSulsT9Y1XxSFFM5RMu4Ie9uM4/izKLCsAKiggMhnAmQIDAQAB\n" + - "AoGAAs2OllALk7zSZxAE2qz6f+2krWgF3xt5fKkM0UGJpBKzWWJnkcVQwfArcpvG\n" + - "W2+A4U347mGtaEatkKxUH5d6/s37jfRI7++HFXcLf6QJPmuE3+FtB2mX0lVJoaJb\n" + - "RLh+tOtt4ZJRAt/u6RjUCVNpDnJB6NZ032bpL3DijfNkRuECQQDkJR+JJPUpQGoI\n" + - "voPqcLl0i1tLX93XE7nu1YuwdQ5SmRaS0IJMozoBLBfFNmCWlSHaQpBORc38+eGC\n" + - "J9xsOrBNAkEA3LD1JoNI+wPSo/o71TED7BoVdwCXLKPqm0TnTr2EybCUPLNoff8r\n" + - "Ngm51jXc8mNvUkBtYiPfMKzpdqqFBWXXfQJAQ7D0E2gAybWQAHouf7/kdrzmYI3Y\n" + - "L3lt4HxBzyBcGIvNk9AD6SNBEZn4j44byHIFMlIvqNmzTY0CqPCUyRP8vQJBALXm\n" + - "ANmygferKfXP7XsFwGbdBO4mBXRc0qURwNkMqiMXMMdrVGftZq9Oiua9VJRQUtPn\n" + - "mIC4cmCLVI5jc+qEC30CQE+eOXomzxNNPxVnIp5k5f+savOWBBu83J2IoT2znnGb\n" + - "wTKZHjWybPHsW2q8Z6Moz5dvE+XMd11c5NtIG2/L97I=\n" + - "-----END RSA PRIVATE KEY-----"; + public static final String PRIVATE_KEY = """ + -----BEGIN RSA PRIVATE KEY----- + MIICXAIBAAKBgQDErZsZY70QAa7WdDD6eOv3RLBA4I5J0zZOiXMzoFB5yh64q0sm + ESNtV4payOYE5TnHxWjMo0y7gDsGjI1omAG6wgfyp63I9WcLX7FDLyee43fG5+b9 + roofosL+OzJSXESSulsT9Y1XxSFFM5RMu4Ie9uM4/izKLCsAKiggMhnAmQIDAQAB + AoGAAs2OllALk7zSZxAE2qz6f+2krWgF3xt5fKkM0UGJpBKzWWJnkcVQwfArcpvG + W2+A4U347mGtaEatkKxUH5d6/s37jfRI7++HFXcLf6QJPmuE3+FtB2mX0lVJoaJb + RLh+tOtt4ZJRAt/u6RjUCVNpDnJB6NZ032bpL3DijfNkRuECQQDkJR+JJPUpQGoI + voPqcLl0i1tLX93XE7nu1YuwdQ5SmRaS0IJMozoBLBfFNmCWlSHaQpBORc38+eGC + J9xsOrBNAkEA3LD1JoNI+wPSo/o71TED7BoVdwCXLKPqm0TnTr2EybCUPLNoff8r + Ngm51jXc8mNvUkBtYiPfMKzpdqqFBWXXfQJAQ7D0E2gAybWQAHouf7/kdrzmYI3Y + L3lt4HxBzyBcGIvNk9AD6SNBEZn4j44byHIFMlIvqNmzTY0CqPCUyRP8vQJBALXm + ANmygferKfXP7XsFwGbdBO4mBXRc0qURwNkMqiMXMMdrVGftZq9Oiua9VJRQUtPn + mIC4cmCLVI5jc+qEC30CQE+eOXomzxNNPxVnIp5k5f+savOWBBu83J2IoT2znnGb + wTKZHjWybPHsW2q8Z6Moz5dvE+XMd11c5NtIG2/L97I= + -----END RSA PRIVATE KEY-----"""; private static final String ID = "id"; private IdentityZoneProvisioning provisioning; private IdentityZoneConfigurationBootstrap bootstrap; - private Map links = new HashMap<>(); - private GeneralIdentityZoneValidator validator; + private final Map links = new HashMap<>(); @BeforeEach void configureProvisioning(@Autowired JdbcTemplate jdbcTemplate) throws SQLException { @@ -72,7 +66,7 @@ void configureProvisioning(@Autowired JdbcTemplate jdbcTemplate) throws SQLExcep GeneralIdentityZoneConfigurationValidator configValidator = new GeneralIdentityZoneConfigurationValidator(); - validator = new GeneralIdentityZoneValidator(configValidator); + GeneralIdentityZoneValidator validator = new GeneralIdentityZoneValidator(configValidator); bootstrap.setValidator(validator); //For the SamlTestUtils keys we are using. @@ -80,21 +74,21 @@ void configureProvisioning(@Autowired JdbcTemplate jdbcTemplate) throws SQLExcep } @Test - void testClientSecretPolicy() throws Exception { + void clientSecretPolicy() throws Exception { bootstrap.setClientSecretPolicy(new ClientSecretPolicy(0, 255, 0, 1, 1, 1, 6)); bootstrap.afterPropertiesSet(); IdentityZone uaa = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertEquals(0, uaa.getConfig().getClientSecretPolicy().getMinLength()); - assertEquals(255, uaa.getConfig().getClientSecretPolicy().getMaxLength()); - assertEquals(0, uaa.getConfig().getClientSecretPolicy().getRequireUpperCaseCharacter()); - assertEquals(1, uaa.getConfig().getClientSecretPolicy().getRequireLowerCaseCharacter()); - assertEquals(1, uaa.getConfig().getClientSecretPolicy().getRequireDigit()); - assertEquals(1, uaa.getConfig().getClientSecretPolicy().getRequireSpecialCharacter()); - assertEquals(-1, uaa.getConfig().getClientSecretPolicy().getExpireSecretInMonths()); + assertThat(uaa.getConfig().getClientSecretPolicy().getMinLength()).isZero(); + assertThat(uaa.getConfig().getClientSecretPolicy().getMaxLength()).isEqualTo(255); + assertThat(uaa.getConfig().getClientSecretPolicy().getRequireUpperCaseCharacter()).isZero(); + assertThat(uaa.getConfig().getClientSecretPolicy().getRequireLowerCaseCharacter()).isOne(); + assertThat(uaa.getConfig().getClientSecretPolicy().getRequireDigit()).isOne(); + assertThat(uaa.getConfig().getClientSecretPolicy().getRequireSpecialCharacter()).isOne(); + assertThat(uaa.getConfig().getClientSecretPolicy().getExpireSecretInMonths()).isEqualTo(-1); } @Test - void test_multiple_keys() throws InvalidIdentityZoneDetailsException { + void multipleKeys() throws InvalidIdentityZoneDetailsException { bootstrap.setSamlSpPrivateKey(SamlTestUtils.PROVIDER_PRIVATE_KEY); bootstrap.setSamlSpCertificate(SamlTestUtils.PROVIDER_CERTIFICATE); bootstrap.setSamlSpPrivateKeyPassphrase(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD); @@ -109,20 +103,20 @@ void test_multiple_keys() throws InvalidIdentityZoneDetailsException { bootstrap.afterPropertiesSet(); IdentityZone uaa = provisioning.retrieve(IdentityZone.getUaaZoneId()); SamlConfig config = uaa.getConfig().getSamlConfig(); - assertEquals(SamlTestUtils.PROVIDER_PRIVATE_KEY, config.getPrivateKey()); - assertEquals(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD, config.getPrivateKeyPassword()); - assertEquals(SamlTestUtils.PROVIDER_CERTIFICATE, config.getCertificate()); + assertThat(config.getPrivateKey()).isEqualTo(SamlTestUtils.PROVIDER_PRIVATE_KEY); + assertThat(config.getPrivateKeyPassword()).isEqualTo(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD); + assertThat(config.getCertificate()).isEqualTo(SamlTestUtils.PROVIDER_CERTIFICATE); - assertEquals("key1", config.getActiveKeyId()); - assertEquals(2, config.getKeys().size()); + assertThat(config.getActiveKeyId()).isEqualTo("key1"); + assertThat(config.getKeys()).hasSize(2); - assertEquals(SamlTestUtils.PROVIDER_PRIVATE_KEY, config.getKeys().get("key1").getKey()); - assertEquals(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD, config.getKeys().get("key1").getPassphrase()); - assertEquals(SamlTestUtils.PROVIDER_CERTIFICATE, config.getKeys().get("key1").getCertificate()); + assertThat(config.getKeys().get("key1").getKey()).isEqualTo(SamlTestUtils.PROVIDER_PRIVATE_KEY); + assertThat(config.getKeys().get("key1").getPassphrase()).isEqualTo(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD); + assertThat(config.getKeys().get("key1").getCertificate()).isEqualTo(SamlTestUtils.PROVIDER_CERTIFICATE); } @Test - void test_keyId_null_exception() { + void keyIdNullException() { bootstrap.setSamlSpPrivateKey(SamlTestUtils.PROVIDER_PRIVATE_KEY); bootstrap.setSamlSpCertificate(SamlTestUtils.PROVIDER_CERTIFICATE); bootstrap.setSamlSpPrivateKeyPassphrase(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD); @@ -134,58 +128,58 @@ void test_keyId_null_exception() { keys.put(null, key1); bootstrap.setActiveKeyId(null); bootstrap.setSamlKeys(keys); - assertThrows(InvalidIdentityZoneDetailsException.class, () -> bootstrap.afterPropertiesSet()); + assertThatExceptionOfType(InvalidIdentityZoneDetailsException.class).isThrownBy(() -> bootstrap.afterPropertiesSet()); } @Test - void testDefaultSamlKeys() throws Exception { + void defaultSamlKeys() throws Exception { bootstrap.setSamlSpPrivateKey(SamlTestUtils.PROVIDER_PRIVATE_KEY); bootstrap.setSamlSpCertificate(SamlTestUtils.PROVIDER_CERTIFICATE); bootstrap.setSamlSpPrivateKeyPassphrase(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD); bootstrap.afterPropertiesSet(); IdentityZone uaa = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertEquals(SamlTestUtils.PROVIDER_PRIVATE_KEY, uaa.getConfig().getSamlConfig().getPrivateKey()); - assertEquals(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD, uaa.getConfig().getSamlConfig().getPrivateKeyPassword()); - assertEquals(SamlTestUtils.PROVIDER_CERTIFICATE, uaa.getConfig().getSamlConfig().getCertificate()); + assertThat(uaa.getConfig().getSamlConfig().getPrivateKey()).isEqualTo(SamlTestUtils.PROVIDER_PRIVATE_KEY); + assertThat(uaa.getConfig().getSamlConfig().getPrivateKeyPassword()).isEqualTo(SamlTestUtils.PROVIDER_PRIVATE_KEY_PASSWORD); + assertThat(uaa.getConfig().getSamlConfig().getCertificate()).isEqualTo(SamlTestUtils.PROVIDER_CERTIFICATE); } @Test - void enable_in_response_to() throws Exception { + void enableInResponseTo() throws Exception { bootstrap.setDisableSamlInResponseToCheck(false); bootstrap.afterPropertiesSet(); IdentityZone uaa = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertFalse(uaa.getConfig().getSamlConfig().isDisableInResponseToCheck()); + assertThat(uaa.getConfig().getSamlConfig().isDisableInResponseToCheck()).isFalse(); } @Test - void saml_disable_in_response_to() throws Exception { + void samlDisableInResponseTo() throws Exception { bootstrap.setDisableSamlInResponseToCheck(true); bootstrap.afterPropertiesSet(); IdentityZone uaa = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertTrue(uaa.getConfig().getSamlConfig().isDisableInResponseToCheck()); + assertThat(uaa.getConfig().getSamlConfig().isDisableInResponseToCheck()).isTrue(); } @Test - void testDefaultGroups() throws Exception { + void defaultGroups() throws Exception { String[] groups = {"group1", "group2", "group3"}; bootstrap.setDefaultUserGroups(Arrays.asList(groups)); bootstrap.afterPropertiesSet(); IdentityZone uaa = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertThat(uaa.getConfig().getUserConfig().getDefaultGroups(), containsInAnyOrder(groups)); + assertThat(uaa.getConfig().getUserConfig().getDefaultGroups()).contains(groups); } @Test - void testAllowedGroups() throws Exception { + void allowedGroups() throws Exception { String[] groups = {"group1", "group2", "group3"}; bootstrap.setDefaultUserGroups(Arrays.asList(groups)); bootstrap.setAllowedUserGroups(Arrays.asList(groups)); bootstrap.afterPropertiesSet(); IdentityZone uaa = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertThat(uaa.getConfig().getUserConfig().resultingAllowedGroups(), containsInAnyOrder(groups)); + assertThat(uaa.getConfig().getUserConfig().resultingAllowedGroups()).contains(groups); } @Test - void tokenPolicy_configured_fromValuesInYaml() throws Exception { + void tokenPolicyConfiguredFromValuesInYaml() throws Exception { TokenPolicy tokenPolicy = new TokenPolicy(); Map keys = new HashMap<>(); keys.put(ID, PRIVATE_KEY); @@ -199,69 +193,69 @@ void tokenPolicy_configured_fromValuesInYaml() throws Exception { IdentityZone zone = provisioning.retrieve(IdentityZone.getUaaZoneId()); IdentityZoneConfiguration definition = zone.getConfig(); - assertEquals(3600, definition.getTokenPolicy().getAccessTokenValidity()); - assertFalse(definition.getTokenPolicy().isRefreshTokenUnique()); - assertEquals(JWT.getStringValue(), definition.getTokenPolicy().getRefreshTokenFormat()); - assertEquals(PRIVATE_KEY, definition.getTokenPolicy().getKeys().get(ID).getSigningKey()); + assertThat(definition.getTokenPolicy().getAccessTokenValidity()).isEqualTo(3600); + assertThat(definition.getTokenPolicy().isRefreshTokenUnique()).isFalse(); + assertThat(definition.getTokenPolicy().getRefreshTokenFormat()).isEqualTo(JWT.getStringValue()); + assertThat(definition.getTokenPolicy().getKeys().get(ID).getSigningKey()).isEqualTo(PRIVATE_KEY); } @Test - void disable_self_service_links() throws Exception { + void disableSelfServiceLinks() throws Exception { bootstrap.setSelfServiceLinksEnabled(false); bootstrap.afterPropertiesSet(); IdentityZone zone = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertFalse(zone.getConfig().getLinks().getSelfService().isSelfServiceLinksEnabled()); + assertThat(zone.getConfig().getLinks().getSelfService().isSelfServiceLinksEnabled()).isFalse(); } @Test - void set_home_redirect() throws Exception { + void setHomeRedirect() throws Exception { bootstrap.setHomeRedirect("http://some.redirect.com/redirect"); bootstrap.afterPropertiesSet(); IdentityZone zone = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertEquals("http://some.redirect.com/redirect", zone.getConfig().getLinks().getHomeRedirect()); + assertThat(zone.getConfig().getLinks().getHomeRedirect()).isEqualTo("http://some.redirect.com/redirect"); } @Test - void signup_link_configured() throws Exception { + void signupLinkConfigured() throws Exception { links.put("signup", "/configured_signup"); bootstrap.setSelfServiceLinks(links); bootstrap.afterPropertiesSet(); IdentityZone zone = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertEquals("/configured_signup", zone.getConfig().getLinks().getSelfService().getSignup()); - assertNull(zone.getConfig().getLinks().getSelfService().getPasswd()); + assertThat(zone.getConfig().getLinks().getSelfService().getSignup()).isEqualTo("/configured_signup"); + assertThat(zone.getConfig().getLinks().getSelfService().getPasswd()).isNull(); } @Test - void passwd_link_configured() throws Exception { + void passwdLinkConfigured() throws Exception { links.put("passwd", "/configured_passwd"); bootstrap.setSelfServiceLinks(links); bootstrap.afterPropertiesSet(); IdentityZone zone = provisioning.retrieve(IdentityZone.getUaaZoneId()); - assertNull(zone.getConfig().getLinks().getSelfService().getSignup()); - assertEquals("/configured_passwd", zone.getConfig().getLinks().getSelfService().getPasswd()); + assertThat(zone.getConfig().getLinks().getSelfService().getSignup()).isNull(); + assertThat(zone.getConfig().getLinks().getSelfService().getPasswd()).isEqualTo("/configured_passwd"); } @Test - void test_logout_redirect() throws Exception { + void logoutRedirect() throws Exception { bootstrap.setLogoutDefaultRedirectUrl("/configured_login"); bootstrap.setLogoutDisableRedirectParameter(false); bootstrap.setLogoutRedirectParameterName("test"); bootstrap.setLogoutRedirectWhitelist(Collections.singletonList("http://single-url")); bootstrap.afterPropertiesSet(); IdentityZoneConfiguration config = provisioning.retrieve(IdentityZone.getUaaZoneId()).getConfig(); - assertEquals("/configured_login", config.getLinks().getLogout().getRedirectUrl()); - assertEquals("test", config.getLinks().getLogout().getRedirectParameterName()); - assertEquals(Collections.singletonList("http://single-url"), config.getLinks().getLogout().getWhitelist()); - assertFalse(config.getLinks().getLogout().isDisableRedirectParameter()); + assertThat(config.getLinks().getLogout().getRedirectUrl()).isEqualTo("/configured_login"); + assertThat(config.getLinks().getLogout().getRedirectParameterName()).isEqualTo("test"); + assertThat(config.getLinks().getLogout().getWhitelist()).isEqualTo(Collections.singletonList("http://single-url")); + assertThat(config.getLinks().getLogout().isDisableRedirectParameter()).isFalse(); } @Test - void test_prompts() throws Exception { + void testPrompts() throws Exception { List prompts = Arrays.asList( new Prompt("name1", "type1", "text1"), new Prompt("name2", "type2", "text2") @@ -269,7 +263,7 @@ void test_prompts() throws Exception { bootstrap.setPrompts(prompts); bootstrap.afterPropertiesSet(); IdentityZoneConfiguration config = provisioning.retrieve(IdentityZone.getUaaZoneId()).getConfig(); - assertEquals(prompts, config.getPrompts()); + assertThat(config.getPrompts()).isEqualTo(prompts); } @Test @@ -277,6 +271,6 @@ void idpDiscoveryEnabled() throws Exception { bootstrap.setIdpDiscoveryEnabled(true); bootstrap.afterPropertiesSet(); IdentityZoneConfiguration config = provisioning.retrieve(IdentityZone.getUaaZoneId()).getConfig(); - assertTrue(config.isIdpDiscoveryEnabled()); + assertThat(config.isIdpDiscoveryEnabled()).isTrue(); } } diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationTests.java index b9ffe2e779c..61d16f1666d 100644 --- a/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationTests.java +++ b/server/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityZoneConfigurationTests.java @@ -33,15 +33,7 @@ import java.util.Arrays; import java.util.Collections; -import static org.hamcrest.Matchers.containsInAnyOrder; -import static org.hamcrest.Matchers.containsString; -import static org.hamcrest.Matchers.not; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertThat; -import static org.junit.Assert.assertTrue; +import static org.assertj.core.api.Assertions.assertThat; import static org.springframework.http.HttpHeaders.ACCEPT; import static org.springframework.http.HttpHeaders.AUTHORIZATION; import static org.springframework.http.HttpHeaders.CONTENT_TYPE; @@ -61,23 +53,14 @@ public void configure() { public void default_user_groups_when_json_is_deserialized() { definition.setUserConfig(null); String s = JsonUtils.writeValueAsString(definition); - assertThat(s, not(containsString("userConfig"))); + assertThat(s).doesNotContain("userConfig"); definition = JsonUtils.readValue(s, IdentityZoneConfiguration.class); - assertNotNull(definition.getUserConfig()); - assertThat(definition.getUserConfig().getDefaultGroups(), containsInAnyOrder( - "openid", - "password.write", - "uaa.user", - "approvals.me", - "profile", - "roles", - "user_attributes", - "uaa.offline_token" - )); - assertNull(definition.getUserConfig().resultingAllowedGroups()); + assertThat(definition.getUserConfig()).isNotNull(); + assertThat(definition.getUserConfig().getDefaultGroups()).contains("openid", "password.write", "uaa.user", "approvals.me", "profile", "roles", "user_attributes", "uaa.offline_token"); + assertThat(definition.getUserConfig().resultingAllowedGroups()).isNull(); s = JsonUtils.writeValueAsString(definition); - assertThat(s, containsString("userConfig")); - assertThat(s, containsString("uaa.offline_token")); + assertThat(s).contains("userConfig") + .contains("uaa.offline_token"); } @Test @@ -154,27 +137,27 @@ public void deserializeZmsJSON_withUnknownProperties_doesNotFail() { @Test public void test_want_assertion_signed_setters() { - assertTrue(definition.getSamlConfig().isRequestSigned()); + assertThat(definition.getSamlConfig().isRequestSigned()).isTrue(); definition = JsonUtils.readValue(JsonUtils.writeValueAsString(definition), IdentityZoneConfiguration.class); - assertTrue(definition.getSamlConfig().isRequestSigned()); + assertThat(definition.getSamlConfig().isRequestSigned()).isTrue(); definition.getSamlConfig().setRequestSigned(false); - assertFalse(definition.getSamlConfig().isRequestSigned()); + assertThat(definition.getSamlConfig().isRequestSigned()).isFalse(); } @Test public void test_disable_redirect_flag_vestigial() { definition.getLinks().getLogout().setDisableRedirectParameter(true); - assertFalse("setting disableRedirectParameter should not have worked.", definition.getLinks().getLogout().isDisableRedirectParameter()); + assertThat(definition.getLinks().getLogout().isDisableRedirectParameter()).as("setting disableRedirectParameter should not have worked.").isFalse(); } @Test public void test_request_signed_setters() { - assertTrue(definition.getSamlConfig().isWantAssertionSigned()); + assertThat(definition.getSamlConfig().isWantAssertionSigned()).isTrue(); definition = JsonUtils.readValue(JsonUtils.writeValueAsString(definition), IdentityZoneConfiguration.class); - assertTrue(definition.getSamlConfig().isWantAssertionSigned()); + assertThat(definition.getSamlConfig().isWantAssertionSigned()).isTrue(); definition.getSamlConfig().setWantAssertionSigned(false); - assertFalse(definition.getSamlConfig().isWantAssertionSigned()); + assertThat(definition.getSamlConfig().isWantAssertionSigned()).isFalse(); } @Test @@ -182,47 +165,47 @@ public void testDeserialize_Without_SamlConfig() { String s = JsonUtils.writeValueAsString(definition); s = s.replace(",\"samlConfig\":{\"requestSigned\":false,\"wantAssertionSigned\":true}",""); definition = JsonUtils.readValue(s, IdentityZoneConfiguration.class); - assertTrue(definition.getSamlConfig().isRequestSigned()); - assertTrue(definition.getSamlConfig().isWantAssertionSigned()); + assertThat(definition.getSamlConfig().isRequestSigned()).isTrue(); + assertThat(definition.getSamlConfig().isWantAssertionSigned()).isTrue(); definition.getSamlConfig().setWantAssertionSigned(true); definition.getSamlConfig().setRequestSigned(true); s = JsonUtils.writeValueAsString(definition); definition = JsonUtils.readValue(s, IdentityZoneConfiguration.class); - assertTrue(definition.getSamlConfig().isRequestSigned()); - assertTrue(definition.getSamlConfig().isWantAssertionSigned()); + assertThat(definition.getSamlConfig().isRequestSigned()).isTrue(); + assertThat(definition.getSamlConfig().isWantAssertionSigned()).isTrue(); definition.getSamlConfig().setWantAssertionSigned(false); definition.getSamlConfig().setRequestSigned(false); s = JsonUtils.writeValueAsString(definition); definition = JsonUtils.readValue(s, IdentityZoneConfiguration.class); - assertFalse(definition.getSamlConfig().isRequestSigned()); - assertFalse(definition.getSamlConfig().isWantAssertionSigned()); + assertThat(definition.getSamlConfig().isRequestSigned()).isFalse(); + assertThat(definition.getSamlConfig().isWantAssertionSigned()).isFalse(); } @Test public void testDeserialize_With_SamlConfig() { - assertFalse(definition.getSamlConfig().isDisableInResponseToCheck()); + assertThat(definition.getSamlConfig().isDisableInResponseToCheck()).isFalse(); String s = JsonUtils.writeValueAsString(definition); s = s.replace("\"wantAssertionSigned\":true","\"wantAssertionSigned\":false"); s = s.replace("\"disableInResponseToCheck\":false","\"disableInResponseToCheck\":true"); definition = JsonUtils.readValue(s, IdentityZoneConfiguration.class); - assertTrue(definition.getSamlConfig().isRequestSigned()); - assertFalse(definition.getSamlConfig().isWantAssertionSigned()); - assertTrue(definition.getSamlConfig().isDisableInResponseToCheck()); + assertThat(definition.getSamlConfig().isRequestSigned()).isTrue(); + assertThat(definition.getSamlConfig().isWantAssertionSigned()).isFalse(); + assertThat(definition.getSamlConfig().isDisableInResponseToCheck()).isTrue(); s = s.replace("\"disableInResponseToCheck\":true,",""); s = s.replace(",\"disableInResponseToCheck\":true",""); definition = JsonUtils.readValue(s, IdentityZoneConfiguration.class); - assertFalse(definition.getSamlConfig().isDisableInResponseToCheck()); + assertThat(definition.getSamlConfig().isDisableInResponseToCheck()).isFalse(); } @Test public void testDefaultCorsConfiguration() { - assertEquals(Arrays.asList(new String[] {ACCEPT, AUTHORIZATION, CONTENT_TYPE}), definition.getCorsPolicy().getDefaultConfiguration().getAllowedHeaders()); - assertEquals(Collections.singletonList(GET.toString()), definition.getCorsPolicy().getDefaultConfiguration().getAllowedMethods()); - assertEquals(Collections.singletonList(".*"), definition.getCorsPolicy().getDefaultConfiguration().getAllowedUris()); - assertEquals(Collections.EMPTY_LIST, definition.getCorsPolicy().getDefaultConfiguration().getAllowedUriPatterns()); - assertEquals(Collections.singletonList(".*"), definition.getCorsPolicy().getDefaultConfiguration().getAllowedOrigins()); - assertEquals(Collections.EMPTY_LIST, definition.getCorsPolicy().getDefaultConfiguration().getAllowedOriginPatterns()); - assertEquals(1728000, definition.getCorsPolicy().getDefaultConfiguration().getMaxAge()); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedHeaders()).isEqualTo(Arrays.asList(new String[]{ACCEPT, AUTHORIZATION, CONTENT_TYPE})); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedMethods()).isEqualTo(Collections.singletonList(GET.toString())); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedUris()).isEqualTo(Collections.singletonList(".*")); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedUriPatterns()).isEqualTo(Collections.EMPTY_LIST); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedOrigins()).isEqualTo(Collections.singletonList(".*")); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedOriginPatterns()).isEqualTo(Collections.EMPTY_LIST); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getMaxAge()).isEqualTo(1728000); } @Test @@ -234,13 +217,13 @@ public void testDeserialize_DefaultCorsConfiguration() { s = s.replace("\"allowedUris\":[\".*\"]", "\"allowedUris\":[\"^/uaa/userinfo$\",\"^/uaa/logout\\\\.do$\"]"); definition = JsonUtils.readValue(s, IdentityZoneConfiguration.class); - assertEquals(Arrays.asList(new String[] {ACCEPT}), definition.getCorsPolicy().getDefaultConfiguration().getAllowedHeaders()); - assertEquals(Arrays.asList(new String[] {GET.toString(), POST.toString()}), definition.getCorsPolicy().getDefaultConfiguration().getAllowedMethods()); - assertEquals(Arrays.asList(new String[] {"^/uaa/userinfo$", "^/uaa/logout\\.do$"}), definition.getCorsPolicy().getDefaultConfiguration().getAllowedUris()); - assertEquals(Collections.EMPTY_LIST, definition.getCorsPolicy().getDefaultConfiguration().getAllowedUriPatterns()); - assertEquals(Arrays.asList(new String[] {"^localhost$", "^.*\\.localhost$"}), definition.getCorsPolicy().getDefaultConfiguration().getAllowedOrigins()); - assertEquals(Collections.EMPTY_LIST, definition.getCorsPolicy().getDefaultConfiguration().getAllowedOriginPatterns()); - assertEquals(1728000, definition.getCorsPolicy().getDefaultConfiguration().getMaxAge()); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedHeaders()).isEqualTo(Arrays.asList(new String[]{ACCEPT})); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedMethods()).isEqualTo(Arrays.asList(new String[]{GET.toString(), POST.toString()})); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedUris()).isEqualTo(Arrays.asList(new String[]{"^/uaa/userinfo$", "^/uaa/logout\\.do$"})); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedUriPatterns()).isEqualTo(Collections.EMPTY_LIST); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedOrigins()).isEqualTo(Arrays.asList(new String[]{"^localhost$", "^.*\\.localhost$"})); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getAllowedOriginPatterns()).isEqualTo(Collections.EMPTY_LIST); + assertThat(definition.getCorsPolicy().getDefaultConfiguration().getMaxAge()).isEqualTo(1728000); } @Test @@ -249,10 +232,10 @@ public void testSerializeDefaultIdentityProvider() { config.setDefaultIdentityProvider("originkey"); String configString = JsonUtils.writeValueAsString(config); - assertThat(configString, containsString("\"defaultIdentityProvider\"")); - assertThat(configString, containsString("\"originkey\"")); + assertThat(configString).contains("\"defaultIdentityProvider\"") + .contains("\"originkey\""); IdentityZoneConfiguration deserializedConfig = JsonUtils.readValue(configString, IdentityZoneConfiguration.class); - assertEquals(config.getDefaultIdentityProvider(), deserializedConfig.getDefaultIdentityProvider()); + assertThat(deserializedConfig.getDefaultIdentityProvider()).isEqualTo(config.getDefaultIdentityProvider()); } } diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java index fcd79c61f9e..f74d03332e6 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java @@ -244,7 +244,7 @@ void samlSPMetadataForZone() { RestTemplate identityClient = IntegrationTestUtils.getClientCredentialsTemplate( IntegrationTestUtils.getClientCredentialsResource(baseUrl, new String[]{"zones.write", "zones.read", "scim.zones"}, "identity", "identitysecret") ); - RestTemplate adminClient = IntegrationTestUtils.getClientCredentialsTemplate( + IntegrationTestUtils.getClientCredentialsTemplate( IntegrationTestUtils.getClientCredentialsResource(baseUrl, new String[0], "admin", "adminsecret") ); @@ -263,17 +263,10 @@ void samlSPMetadataForZone() { // The SAML SP metadata should match the following UAA configs: // login.entityID assertThat(metadataXml).contains("entityID=\"" + zoneId + "-saml-login\"") - // TODO: Are DigestMethod and SignatureMethod needed? - // login.saml.signatureAlgorithm - //.contains("") - //.contains("") - // login.saml.signRequest .contains("AuthnRequestsSigned=\"true\"") - // login.saml.wantAssertionSigned .contains("WantAssertionsSigned=\"true\"") - // login.saml.nameID -// .contains("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"); - .contains("/saml/SSO/alias/" + zoneId + ".cloudfoundry-saml-login"); // TODO: Improve this check + // TODO: Improve this check + .contains("/saml/SSO/alias/" + zoneId + ".cloudfoundry-saml-login"); assertEquals("saml-" + zoneId + "-sp.xml", response.getHeaders().getContentDisposition().getFilename()); @@ -1058,7 +1051,7 @@ void samlLoginCustomUserAttributesAndRolesInIDToken() throws Exception { //validate access token String accessToken = authCodeTokenResponse.get(ACCESS_TOKEN); Jwt accessTokenJwt = JwtHelper.decode(accessToken); - Map accessTokenClaims = JsonUtils.readValue(accessTokenJwt.getClaims(), new TypeReference>() { + Map accessTokenClaims = JsonUtils.readValue(accessTokenJwt.getClaims(), new TypeReference<>() { }); List accessTokenScopes = (List) accessTokenClaims.get(ClaimConstants.SCOPE); // Check that the user had the roles scope, which is a pre-requisite for getting roles returned in the id_token @@ -1073,7 +1066,7 @@ void samlLoginCustomUserAttributesAndRolesInIDToken() throws Exception { Map claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference>() { }); - assertThat(claims.get(USER_ATTRIBUTES)).isNotNull(); + assertThat(claims).containsKey(USER_ATTRIBUTES); Map> userAttributes = (Map>) claims.get(USER_ATTRIBUTES); assertThat(userAttributes.get(COST_CENTERS)).containsExactlyInAnyOrder(DENVER_CO); assertThat(userAttributes.get(MANAGERS)).containsExactlyInAnyOrder(JOHN_THE_SLOTH, KARI_THE_ANT_EATER); @@ -1196,7 +1189,7 @@ void samlLoginEmailInIDTokenWhenUserIDIsNotEmail() { assertThat(idToken).isNotNull(); Jwt idTokenClaims = JwtHelper.decode(idToken); - Map claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference>() { + Map claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<>() { }); assertThat(claims).containsKey(USER_ATTRIBUTES) @@ -1323,8 +1316,8 @@ void loginPageShowsIDPsForAuthcodeClient() throws Exception { @Test void loginSamlOnlyProviderNoUsernamePassword() throws Exception { - IdentityProvider provider = createIdentityProvider(SAML_ORIGIN); - IdentityProvider provider2 = createIdentityProvider("simplesamlphp2"); + IdentityProvider provider = createIdentityProvider(SAML_ORIGIN); + IdentityProvider provider2 = createIdentityProvider("simplesamlphp2"); List idps = Arrays.asList(provider.getOriginKey(), provider2.getOriginKey()); webDriver.get(baseUrl + "/logout.do"); String adminAccessToken = testClient.getOAuthAccessToken("admin", "adminsecret", "client_credentials", "clients.read clients.write clients.secret clients.admin");