Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Make the client lockout policy disabled by default
[#138677887] https://www.pivotaltracker.com/story/show/138677887 Signed-off-by: Bharath Sekar <bharath.sekar@ge.com>
- Loading branch information
1 parent
85d4338
commit b6a73cc
Showing
7 changed files
with
154 additions
and
66 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
76 changes: 76 additions & 0 deletions
76
...test/java/org/cloudfoundry/identity/uaa/authentication/manager/CommonLoginPolicyTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
package org.cloudfoundry.identity.uaa.authentication.manager; | ||
|
||
import org.cloudfoundry.identity.uaa.audit.AuditEvent; | ||
import org.cloudfoundry.identity.uaa.audit.AuditEventType; | ||
import org.cloudfoundry.identity.uaa.audit.UaaAuditService; | ||
import org.cloudfoundry.identity.uaa.provider.LockoutPolicy; | ||
import org.cloudfoundry.identity.uaa.util.TimeService; | ||
import org.junit.Before; | ||
import org.junit.Test; | ||
|
||
import java.util.Arrays; | ||
import java.util.List; | ||
|
||
import static org.junit.Assert.assertEquals; | ||
import static org.junit.Assert.assertFalse; | ||
import static org.junit.Assert.assertTrue; | ||
import static org.mockito.Matchers.anyLong; | ||
import static org.mockito.Matchers.eq; | ||
import static org.mockito.Mockito.mock; | ||
import static org.mockito.Mockito.when; | ||
|
||
public class CommonLoginPolicyTest { | ||
private CommonLoginPolicy commonLoginPolicy; | ||
private LockoutPolicyRetriever lockoutPolicyRetriever; | ||
private TimeService timeService; | ||
private UaaAuditService auditService; | ||
private AuditEventType failureEventType; | ||
private AuditEventType successEventType; | ||
|
||
@Before | ||
public void setup() { | ||
auditService = mock(UaaAuditService.class); | ||
timeService = mock(TimeService.class); | ||
lockoutPolicyRetriever = mock(LockoutPolicyRetriever.class); | ||
successEventType = AuditEventType.UserAuthenticationSuccess; | ||
failureEventType = AuditEventType.UserAuthenticationFailure; | ||
|
||
commonLoginPolicy = new CommonLoginPolicy(auditService, lockoutPolicyRetriever, successEventType, failureEventType, timeService); | ||
} | ||
|
||
@Test | ||
public void isAllowed_whenLockoutAfterFailuresIsNegative_returnsTrue() { | ||
when(lockoutPolicyRetriever.getLockoutPolicy()).thenReturn(new LockoutPolicy(-1, -1, 300)); | ||
|
||
LoginPolicy.Result result = commonLoginPolicy.isAllowed("principal"); | ||
|
||
assertTrue(result.isAllowed()); | ||
assertEquals(0, result.getFailureCount()); | ||
} | ||
|
||
@Test | ||
public void isAllowed_whenLockoutAfterFailuresIsPositive_returnsFalseIfTooManyFailedRecentAttempts() { | ||
when(lockoutPolicyRetriever.getLockoutPolicy()).thenReturn(new LockoutPolicy(2, 1, 300)); | ||
AuditEvent auditEvent = new AuditEvent(failureEventType, null, null, null, 1L, null); | ||
List<AuditEvent> list = Arrays.asList(auditEvent); | ||
when(auditService.find(eq("principal"), anyLong())).thenReturn(list); | ||
|
||
LoginPolicy.Result result = commonLoginPolicy.isAllowed("principal"); | ||
|
||
assertFalse(result.isAllowed()); | ||
assertEquals(1, result.getFailureCount()); | ||
} | ||
|
||
@Test | ||
public void isAllowed_whenLockoutAfterFailuresIsPositive_returnsTrueIfNotTooManyFailedRecentAttempts() { | ||
when(lockoutPolicyRetriever.getLockoutPolicy()).thenReturn(new LockoutPolicy(2, 2, 300)); | ||
AuditEvent auditEvent = new AuditEvent(failureEventType, null, null, null, 1L, null); | ||
List<AuditEvent> list = Arrays.asList(auditEvent); | ||
when(auditService.find(eq("principal"), anyLong())).thenReturn(list); | ||
|
||
LoginPolicy.Result result = commonLoginPolicy.isAllowed("principal"); | ||
|
||
assertTrue(result.isAllowed()); | ||
assertEquals(1, result.getFailureCount()); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters