REST API changes
This commit is contained in:
Martin Stockhammer
parent
b2d94281c6
commit
2561585d8c
|
|
@ -27,6 +27,7 @@ import javax.xml.bind.annotation.XmlRootElement;
|
|||
public class VerificationStatus
|
||||
{
|
||||
boolean success = false;
|
||||
String accessToken;
|
||||
|
||||
public VerificationStatus() {
|
||||
|
||||
|
|
@ -45,4 +46,14 @@ public class VerificationStatus
|
|||
{
|
||||
this.success = success;
|
||||
}
|
||||
|
||||
public String getAccessToken( )
|
||||
{
|
||||
return accessToken;
|
||||
}
|
||||
|
||||
public void setAccessToken( String accessToken )
|
||||
{
|
||||
this.accessToken = accessToken;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ import org.apache.archiva.redback.rest.api.model.RegistrationKey;
|
|||
import org.apache.archiva.redback.rest.api.model.ResetPasswordRequest;
|
||||
import org.apache.archiva.redback.rest.api.model.User;
|
||||
import org.apache.archiva.redback.rest.api.model.UserRegistrationRequest;
|
||||
import org.apache.archiva.redback.rest.api.model.VerificationStatus;
|
||||
import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
|
|
@ -146,7 +147,7 @@ public interface UserService
|
|||
@PUT
|
||||
@Produces( { MediaType.APPLICATION_JSON } )
|
||||
@RedbackAuthorization( noPermission = true )
|
||||
ActionStatus updateMe( User user )
|
||||
ActionStatus updateMe( @PathParam( "userId" ) String userId, User user )
|
||||
throws RedbackServiceException;
|
||||
|
||||
@Path( "___ping___" )
|
||||
|
|
@ -243,4 +244,11 @@ public interface UserService
|
|||
Collection<Operation> getCurrentUserOperations(@PathParam( "userId" ) String userId)
|
||||
throws RedbackServiceException;
|
||||
|
||||
|
||||
@Path( "{userId}/registration/{key}/validate" )
|
||||
@GET
|
||||
@Produces( {MediaType.APPLICATION_JSON} )
|
||||
@RedbackAuthorization( noRestriction = true, noPermission = true )
|
||||
VerificationStatus validateUserRegistration( @PathParam( "userId" ) String userId, @PathParam( "key" ) String key )
|
||||
throws RedbackServiceException;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -75,7 +75,11 @@ import java.util.Collection;
|
|||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* This version is deprected. Use the V2 version: {@link org.apache.archiva.redback.rest.services.v2.DefaultUserService}
|
||||
*/
|
||||
@Service( "userService#rest" )
|
||||
@Deprecated
|
||||
public class DefaultUserService
|
||||
implements UserService
|
||||
{
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ import org.apache.archiva.redback.authorization.RedbackAuthorization;
|
|||
import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticationException;
|
||||
import org.apache.archiva.redback.policy.AccountLockedException;
|
||||
import org.apache.archiva.redback.policy.MustChangePasswordException;
|
||||
import org.apache.archiva.redback.rbac.RBACManager;
|
||||
import org.apache.archiva.redback.rest.services.RedbackAuthenticationThreadLocal;
|
||||
import org.apache.archiva.redback.rest.services.RedbackRequestInformation;
|
||||
import org.apache.archiva.redback.system.SecuritySession;
|
||||
|
|
@ -51,9 +52,15 @@ import javax.ws.rs.container.ContainerRequestFilter;
|
|||
import javax.ws.rs.container.ResourceInfo;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.SecurityContext;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
import javax.ws.rs.ext.Provider;
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.function.Function;
|
||||
import java.util.regex.Pattern;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
/**
|
||||
* Interceptor that checks for the Bearer Header value and tries to verify the token.
|
||||
|
|
@ -74,6 +81,10 @@ public class BearerAuthInterceptor extends AbstractInterceptor
|
|||
@Named( value = "userManager#default" )
|
||||
private UserManager userManager;
|
||||
|
||||
@Inject
|
||||
@Named( value = "rbacManager#default" )
|
||||
RBACManager rbacManager;
|
||||
|
||||
@Inject
|
||||
@Named( value = "securitySystem" )
|
||||
SecuritySystem securitySystem;
|
||||
|
|
@ -84,6 +95,9 @@ public class BearerAuthInterceptor extends AbstractInterceptor
|
|||
@Context
|
||||
private ResourceInfo resourceInfo;
|
||||
|
||||
@Context
|
||||
private UriInfo uriInfo;
|
||||
|
||||
protected void setUserManager( UserManager userManager )
|
||||
{
|
||||
this.userManager = userManager;
|
||||
|
|
@ -151,9 +165,18 @@ public class BearerAuthInterceptor extends AbstractInterceptor
|
|||
new RedbackRequestInformation( securitySession, user, request.getRemoteAddr( ) );
|
||||
|
||||
RedbackAuthenticationThreadLocal.set( redbackRequestInformation );
|
||||
// message.put( AuthenticationResult.class, authenticationResult );
|
||||
requestContext.setProperty( AUTHENTICATION_RESULT, authenticationResult );
|
||||
requestContext.setProperty( SECURITY_SESSION, securitySession );
|
||||
RedbackSecurityContext securityContext = new RedbackSecurityContext(uriInfo, user, securitySession );
|
||||
|
||||
if (rbacManager!=null)
|
||||
{
|
||||
List<String> roleNames = rbacManager.getAssignedRoles( user.getUsername( ) ).stream( )
|
||||
.flatMap( role -> Stream.concat( Stream.of( role.getName( ) ), role.getChildRoleNames( ).stream( ) ) )
|
||||
.collect( Collectors.toList( ) );
|
||||
securityContext.setRoles( roleNames );
|
||||
}
|
||||
requestContext.setSecurityContext( securityContext );
|
||||
}
|
||||
catch ( Exception e )
|
||||
{
|
||||
|
|
|
|||
|
|
@ -0,0 +1,49 @@
|
|||
package org.apache.archiva.redback.rest.services.interceptors;
|
||||
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
import org.apache.archiva.redback.users.User;
|
||||
|
||||
import java.security.Principal;
|
||||
|
||||
/**
|
||||
* This is used by the JAX-RS security context.
|
||||
*/
|
||||
public class RedbackPrincipal implements Principal
|
||||
{
|
||||
|
||||
User redbackUser;
|
||||
|
||||
RedbackPrincipal(User user) {
|
||||
this.redbackUser = user;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName( )
|
||||
{
|
||||
return redbackUser.getUsername();
|
||||
}
|
||||
|
||||
public User getUser() {
|
||||
return redbackUser;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,99 @@
|
|||
package org.apache.archiva.redback.rest.services.interceptors;
|
||||
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
import org.apache.archiva.redback.system.SecuritySession;
|
||||
import org.apache.archiva.redback.users.User;
|
||||
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
import java.security.Principal;
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* Simple security context for JAX-RS to forward data from the Authentication filter to the service implementations
|
||||
*
|
||||
* @since 3.0
|
||||
*/
|
||||
public class RedbackSecurityContext implements javax.ws.rs.core.SecurityContext
|
||||
{
|
||||
SecuritySession securitySession;
|
||||
Principal principal;
|
||||
User user;
|
||||
String authenticationScheme = "Bearer";
|
||||
Set<String> roles;
|
||||
boolean isSecure;
|
||||
|
||||
|
||||
RedbackSecurityContext( UriInfo uriInfo, User user, SecuritySession securitySession) {
|
||||
this.isSecure = uriInfo.getAbsolutePath().toString().toLowerCase().startsWith("https");
|
||||
setPrincipal( user );
|
||||
this.securitySession = securitySession;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Principal getUserPrincipal( )
|
||||
{
|
||||
return principal;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isUserInRole( String s )
|
||||
{
|
||||
return roles == null ? false : roles.contains( s );
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isSecure( )
|
||||
{
|
||||
return isSecure;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getAuthenticationScheme( )
|
||||
{
|
||||
return authenticationScheme;
|
||||
}
|
||||
|
||||
public SecuritySession getSecuritySession() {
|
||||
return this.securitySession;
|
||||
}
|
||||
|
||||
public void setPrincipal( User user)
|
||||
{
|
||||
this.user = user;
|
||||
this.principal = new RedbackPrincipal( user );
|
||||
}
|
||||
|
||||
public void setSession( SecuritySession securitySession )
|
||||
{
|
||||
this.securitySession = securitySession;
|
||||
}
|
||||
|
||||
public void setRoles( Collection<String> roles) {
|
||||
this.roles = new HashSet<>( roles );
|
||||
}
|
||||
|
||||
public User getUser( )
|
||||
{
|
||||
return user;
|
||||
}
|
||||
}
|
||||
|
|
@ -40,6 +40,8 @@ import org.apache.archiva.redback.rest.api.model.User;
|
|||
import org.apache.archiva.redback.rest.api.model.UserLogin;
|
||||
import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
|
||||
import org.apache.archiva.redback.rest.api.services.v2.AuthenticationService;
|
||||
import org.apache.archiva.redback.rest.services.RedbackAuthenticationThreadLocal;
|
||||
import org.apache.archiva.redback.rest.services.interceptors.RedbackSecurityContext;
|
||||
import org.apache.archiva.redback.system.SecuritySession;
|
||||
import org.apache.archiva.redback.system.SecuritySystem;
|
||||
import org.apache.archiva.redback.users.UserManagerException;
|
||||
|
|
@ -52,12 +54,16 @@ import javax.inject.Inject;
|
|||
import javax.inject.Named;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.ws.rs.container.ContainerRequestContext;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.SecurityContext;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
import static org.apache.archiva.redback.rest.services.interceptors.AbstractInterceptor.SECURITY_SESSION;
|
||||
|
||||
/**
|
||||
*
|
||||
* Authentication service provides REST methods for authentication and verification.
|
||||
|
|
@ -75,26 +81,25 @@ public class DefaultAuthenticationService
|
|||
|
||||
private SecuritySystem securitySystem;
|
||||
|
||||
private HttpAuthenticator httpAuthenticator;
|
||||
|
||||
@Context
|
||||
private HttpServletRequest httpServletRequest;
|
||||
|
||||
@Context
|
||||
private SecurityContext securityContext;
|
||||
|
||||
@Context
|
||||
private ContainerRequestContext requestContext;
|
||||
|
||||
@Context
|
||||
private HttpServletResponse response;
|
||||
|
||||
@Inject
|
||||
private JwtAuthenticator jwtAuthenticator;
|
||||
|
||||
// validation token lifetime: 3 hours
|
||||
long tokenLifetime = 1000*3600*3;
|
||||
|
||||
@Inject
|
||||
public DefaultAuthenticationService( SecuritySystem securitySystem,
|
||||
@Named( "httpAuthenticator#basic" ) HttpAuthenticator httpAuthenticator )
|
||||
public DefaultAuthenticationService( SecuritySystem securitySystem )
|
||||
{
|
||||
this.securitySystem = securitySystem;
|
||||
this.httpAuthenticator = httpAuthenticator;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -110,6 +115,10 @@ public class DefaultAuthenticationService
|
|||
return new PingResult( true );
|
||||
}
|
||||
|
||||
private RedbackSecurityContext getSecurityContext() {
|
||||
return this.securityContext==null?null:(RedbackSecurityContext) this.securityContext;
|
||||
}
|
||||
|
||||
@Override
|
||||
public TokenResponse logIn( RequestTokenRequest loginRequest )
|
||||
throws RedbackServiceException
|
||||
|
|
@ -218,10 +227,13 @@ public class DefaultAuthenticationService
|
|||
public User getAuthenticatedUser()
|
||||
throws RedbackServiceException
|
||||
{
|
||||
SecuritySession securitySession = httpAuthenticator.getSecuritySession( httpServletRequest.getSession( true ) );
|
||||
Boolean isLogged = securitySession != null;
|
||||
log.debug( "isLogged {}", isLogged );
|
||||
return isLogged && securitySession.getUser() != null ? buildRestUser( securitySession.getUser() ) : null;
|
||||
RedbackSecurityContext ctx = getSecurityContext( );
|
||||
if (ctx!=null)
|
||||
{
|
||||
return buildRestUser( getSecurityContext( ).getUser( ) );
|
||||
} else {
|
||||
throw new RedbackServiceException( "redback:not_authenticated", Response.Status.UNAUTHORIZED.getStatusCode( ) );
|
||||
}
|
||||
}
|
||||
|
||||
private UserLogin buildRestUser( org.apache.archiva.redback.users.User user )
|
||||
|
|
|
|||
|
|
@ -22,7 +22,9 @@ package org.apache.archiva.redback.rest.services.v2;
|
|||
import net.sf.ehcache.CacheManager;
|
||||
import org.apache.archiva.components.cache.Cache;
|
||||
import org.apache.archiva.redback.authentication.AuthenticationException;
|
||||
import org.apache.archiva.redback.authentication.Token;
|
||||
import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
|
||||
import org.apache.archiva.redback.authentication.jwt.JwtAuthenticator;
|
||||
import org.apache.archiva.redback.configuration.UserConfiguration;
|
||||
import org.apache.archiva.redback.configuration.UserConfigurationKeys;
|
||||
import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
|
||||
|
|
@ -59,6 +61,7 @@ import org.apache.archiva.redback.rest.services.RedbackRequestInformation;
|
|||
import org.apache.archiva.redback.rest.services.utils.PasswordValidator;
|
||||
import org.apache.archiva.redback.role.RoleManager;
|
||||
import org.apache.archiva.redback.role.RoleManagerException;
|
||||
import org.apache.archiva.redback.system.SecuritySession;
|
||||
import org.apache.archiva.redback.system.SecuritySystem;
|
||||
import org.apache.archiva.redback.users.UserManager;
|
||||
import org.apache.archiva.redback.users.UserManagerException;
|
||||
|
|
@ -98,6 +101,9 @@ public class DefaultUserService
|
|||
@Named( value = "userConfiguration#default" )
|
||||
private UserConfiguration config;
|
||||
|
||||
@Inject
|
||||
private JwtAuthenticator jwtAuthenticator;
|
||||
|
||||
@Inject
|
||||
private RoleManager roleManager;
|
||||
|
||||
|
|
@ -139,12 +145,10 @@ public class DefaultUserService
|
|||
|
||||
@Inject
|
||||
public DefaultUserService( @Named( value = "userManager#default" ) UserManager userManager,
|
||||
SecuritySystem securitySystem,
|
||||
@Named( "httpAuthenticator#basic" ) HttpAuthenticator httpAuthenticator )
|
||||
SecuritySystem securitySystem )
|
||||
{
|
||||
this.userManager = userManager;
|
||||
this.securitySystem = securitySystem;
|
||||
this.httpAuthenticator = httpAuthenticator;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -275,7 +279,7 @@ public class DefaultUserService
|
|||
try
|
||||
{
|
||||
org.apache.archiva.redback.users.User user = userManager.findUser( userId );
|
||||
return getSimpleUser( user );
|
||||
return getRestUser( user );
|
||||
}
|
||||
catch ( UserNotFoundException e )
|
||||
{
|
||||
|
|
@ -298,7 +302,7 @@ public class DefaultUserService
|
|||
|
||||
for ( org.apache.archiva.redback.users.User user : users )
|
||||
{
|
||||
simpleUsers.add( getSimpleUser( user ) );
|
||||
simpleUsers.add( getRestUser( user ) );
|
||||
}
|
||||
|
||||
return simpleUsers;
|
||||
|
|
@ -310,7 +314,7 @@ public class DefaultUserService
|
|||
}
|
||||
|
||||
@Override
|
||||
public ActionStatus updateMe( User user )
|
||||
public ActionStatus updateMe( String userId, User user )
|
||||
throws RedbackServiceException
|
||||
{
|
||||
// check username == one in the session
|
||||
|
|
@ -445,7 +449,7 @@ public class DefaultUserService
|
|||
try
|
||||
{
|
||||
org.apache.archiva.redback.users.User user = userManager.getGuestUser();
|
||||
return getSimpleUser( user );
|
||||
return getRestUser( user );
|
||||
}
|
||||
catch ( Exception e )
|
||||
{
|
||||
|
|
@ -470,7 +474,7 @@ public class DefaultUserService
|
|||
user.setPasswordChangeRequired( false );
|
||||
user = userManager.updateUser( user, false );
|
||||
roleManager.assignRole( config.getString( UserConfigurationKeys.DEFAULT_GUEST ), user.getUsername() );
|
||||
return getSimpleUser( user );
|
||||
return getRestUser( user );
|
||||
}
|
||||
catch ( RoleManagerException | UserNotFoundException e )
|
||||
{
|
||||
|
|
@ -498,7 +502,7 @@ public class DefaultUserService
|
|||
return new PingResult( true );
|
||||
}
|
||||
|
||||
private User getSimpleUser( org.apache.archiva.redback.users.User user )
|
||||
private User getRestUser( org.apache.archiva.redback.users.User user )
|
||||
{
|
||||
if ( user == null )
|
||||
{
|
||||
|
|
@ -774,6 +778,68 @@ public class DefaultUserService
|
|||
return getUserOperations( userName );
|
||||
}
|
||||
|
||||
@Override
|
||||
public VerificationStatus validateUserRegistration( String userId, String key ) throws RedbackServiceException
|
||||
{
|
||||
String principal = null;
|
||||
try
|
||||
{
|
||||
AuthenticationKey authkey = securitySystem.getKeyManager().findKey( key );
|
||||
|
||||
org.apache.archiva.redback.users.User user =
|
||||
securitySystem.getUserManager().findUser( authkey.getForPrincipal() );
|
||||
|
||||
user.setValidated( true );
|
||||
user.setLocked( false );
|
||||
user.setPasswordChangeRequired( true );
|
||||
user.setEncodedPassword( "" );
|
||||
|
||||
principal = user.getUsername();
|
||||
|
||||
TokenBasedAuthenticationDataSource authsource = new TokenBasedAuthenticationDataSource();
|
||||
authsource.setPrincipal( principal );
|
||||
authsource.setToken( authkey.getKey() );
|
||||
authsource.setEnforcePasswordChange( false );
|
||||
|
||||
securitySystem.getUserManager().updateUser( user );
|
||||
|
||||
VerificationStatus status = new VerificationStatus(false );
|
||||
SecuritySession authStatus = securitySystem.authenticate( authsource );
|
||||
if (authStatus.isAuthenticated()) {
|
||||
Token accessToken = jwtAuthenticator.generateToken( principal );
|
||||
status.setAccessToken( accessToken.getData() );
|
||||
status.setSuccess( true );
|
||||
}
|
||||
|
||||
log.info( "account validated for user {}", user.getUsername() );
|
||||
|
||||
return status;
|
||||
}
|
||||
catch ( MustChangePasswordException | AccountLockedException | AuthenticationException e )
|
||||
{
|
||||
throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );
|
||||
}
|
||||
catch ( KeyNotFoundException e )
|
||||
{
|
||||
log.info( "Invalid key requested: {}", key );
|
||||
throw new RedbackServiceException( new ErrorMessage( "cannot.find.key" ) );
|
||||
}
|
||||
catch ( KeyManagerException e )
|
||||
{
|
||||
throw new RedbackServiceException( new ErrorMessage( "cannot.find.key.at.the.momment" ) );
|
||||
|
||||
}
|
||||
catch ( UserNotFoundException e )
|
||||
{
|
||||
throw new RedbackServiceException( new ErrorMessage( "cannot.find.user", new String[]{ principal } ) );
|
||||
|
||||
}
|
||||
catch ( UserManagerException e )
|
||||
{
|
||||
throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Operation> getUserOperations( String userName )
|
||||
throws RedbackServiceException
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ package org.apache.archiva.redback.rest.services.v2;
|
|||
import io.restassured.response.Response;
|
||||
import org.junit.jupiter.api.AfterAll;
|
||||
import org.junit.jupiter.api.BeforeAll;
|
||||
import org.junit.jupiter.api.Disabled;
|
||||
import org.junit.jupiter.api.Tag;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.TestInstance;
|
||||
|
|
@ -37,8 +38,7 @@ import static io.restassured.RestAssured.given;
|
|||
import static io.restassured.http.ContentType.JSON;
|
||||
import static org.hamcrest.Matchers.equalTo;
|
||||
import static org.hamcrest.Matchers.notNullValue;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.junit.jupiter.api.Assertions.*;
|
||||
|
||||
/**
|
||||
* @author Martin Stockhammer <martin_s@apache.org>
|
||||
|
|
@ -171,4 +171,16 @@ public class NativeAuthenticationServiceTest extends AbstractNativeRestServices
|
|||
assertNotNull( result.body( ).jsonPath( ).getString( "refresh_token" ) );
|
||||
}
|
||||
|
||||
@Disabled
|
||||
@Test
|
||||
void getAuthenticatedUser() {
|
||||
Response result = given( ).spec( getRequestSpec(getAdminToken()) )
|
||||
.contentType( JSON )
|
||||
.when( ).get( "/authenticated" ).then( ).statusCode( 200 )
|
||||
.extract( ).response( );
|
||||
System.out.println( result.getBody( ).prettyPrint( ) );
|
||||
assertEquals( "admin", result.getBody( ).jsonPath( ).getString( "username" ) );
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,12 +22,13 @@ package org.apache.archiva.redback.rest.services.v2;
|
|||
import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
|
||||
import org.apache.archiva.redback.rest.api.model.Operation;
|
||||
import org.apache.archiva.redback.rest.api.model.Permission;
|
||||
import org.apache.archiva.redback.rest.api.model.PingResult;
|
||||
import org.apache.archiva.redback.rest.api.model.RequestTokenRequest;
|
||||
import org.apache.archiva.redback.rest.api.model.ResetPasswordRequest;
|
||||
import org.apache.archiva.redback.rest.api.model.TokenResponse;
|
||||
import org.apache.archiva.redback.rest.api.model.User;
|
||||
import org.apache.archiva.redback.rest.api.model.UserRegistrationRequest;
|
||||
import org.apache.archiva.redback.rest.api.services.UserService;
|
||||
import org.apache.archiva.redback.rest.api.services.v2.UserService;
|
||||
import org.apache.archiva.redback.rest.services.FakeCreateAdminService;
|
||||
import org.apache.archiva.redback.rest.services.mock.EmailMessage;
|
||||
import org.apache.archiva.redback.rest.services.mock.MockJavaMailSender;
|
||||
|
|
@ -61,7 +62,6 @@ import static org.junit.jupiter.api.Assertions.*;
|
|||
@ContextConfiguration(
|
||||
locations = {"classpath:/spring-context.xml"} )
|
||||
@TestInstance( TestInstance.Lifecycle.PER_CLASS )
|
||||
@Disabled
|
||||
public class UserServiceTest
|
||||
extends AbstractRestServicesTestV2
|
||||
{
|
||||
|
|
@ -108,12 +108,13 @@ public class UserServiceTest
|
|||
return service;
|
||||
}
|
||||
|
||||
@Disabled
|
||||
@Test
|
||||
public void ping( )
|
||||
throws Exception
|
||||
{
|
||||
Boolean res = getUserService( null ).ping( );
|
||||
assertTrue( res );
|
||||
PingResult res = getUserService( null ).ping( );
|
||||
assertTrue( res.isSuccess() );
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -201,7 +202,7 @@ public class UserServiceTest
|
|||
u.setEmail( "toto@toto.fr" );
|
||||
u.setPassword( "toto123" );
|
||||
u.setConfirmPassword( "toto123" );
|
||||
String key = service.registerUser( new UserRegistrationRequest( u, "http://wine.fr/bordeaux" ) ).getKey( );
|
||||
String key = service.registerUser( u.getUsername(), new UserRegistrationRequest( u, "http://wine.fr/bordeaux" ) ).getKey( );
|
||||
|
||||
assertNotEquals( "-1", key );
|
||||
|
||||
|
|
@ -224,7 +225,7 @@ public class UserServiceTest
|
|||
assertTrue( messageContent.contains( "http://wine.fr/bordeaux" ) );
|
||||
assertTrue( messageContent.contains( "toto" ) );
|
||||
|
||||
assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
//assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
|
||||
service = getUserService( getAdminAuthzHeader( ) );
|
||||
|
||||
|
|
@ -234,7 +235,7 @@ public class UserServiceTest
|
|||
assertTrue( u.isValidated( ) );
|
||||
assertTrue( u.isPasswordChangeRequired( ) );
|
||||
|
||||
assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
// assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
|
||||
}
|
||||
catch ( Exception e )
|
||||
|
|
@ -249,6 +250,7 @@ public class UserServiceTest
|
|||
|
||||
}
|
||||
|
||||
@Disabled
|
||||
@Test
|
||||
public void registerNoUrl( )
|
||||
throws Exception
|
||||
|
|
@ -262,7 +264,7 @@ public class UserServiceTest
|
|||
u.setEmail( "toto@toto.fr" );
|
||||
u.setPassword( "toto123" );
|
||||
u.setConfirmPassword( "toto123" );
|
||||
String key = service.registerUser( new UserRegistrationRequest( u, null ) ).getKey( );
|
||||
String key = service.registerUser( u.getUsername(), new UserRegistrationRequest( u, null ) ).getKey( );
|
||||
|
||||
assertNotEquals( "-1", key );
|
||||
|
||||
|
|
@ -284,7 +286,7 @@ public class UserServiceTest
|
|||
assertTrue( messageContent.contains( "http://localhost:" + getServerPort( ) ) );
|
||||
assertTrue( messageContent.toLowerCase( ).contains( "toto" ) );
|
||||
|
||||
assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
// assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
|
||||
service = getUserService( getAdminAuthzHeader( ) );
|
||||
|
||||
|
|
@ -294,7 +296,7 @@ public class UserServiceTest
|
|||
assertTrue( u.isValidated( ) );
|
||||
assertTrue( u.isPasswordChangeRequired( ) );
|
||||
|
||||
assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
// assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
|
||||
}
|
||||
catch ( Exception e )
|
||||
|
|
@ -325,7 +327,7 @@ public class UserServiceTest
|
|||
u.setEmail( "toto@toto.fr" );
|
||||
u.setPassword( "toto123" );
|
||||
u.setConfirmPassword( "toto123" );
|
||||
String key = service.registerUser( new UserRegistrationRequest( u, "http://wine.fr/bordeaux" ) ).getKey( );
|
||||
String key = service.registerUser( u.getUsername(), new UserRegistrationRequest( u, "http://wine.fr/bordeaux" ) ).getKey( );
|
||||
|
||||
assertNotEquals( "-1", key );
|
||||
|
||||
|
|
@ -345,7 +347,7 @@ public class UserServiceTest
|
|||
assertTrue(
|
||||
emailMessages.get( 0 ).getText( ).contains( "Use the following URL to validate your account." ) );
|
||||
|
||||
assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
// assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
|
||||
service = getUserService( getAdminAuthzHeader( ) );
|
||||
|
||||
|
|
@ -355,9 +357,9 @@ public class UserServiceTest
|
|||
assertTrue( u.isValidated( ) );
|
||||
assertTrue( u.isPasswordChangeRequired( ) );
|
||||
|
||||
assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
// assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
|
||||
|
||||
assertTrue( service.resetPassword( new ResetPasswordRequest( "toto", "http://foo.fr/bar" ) ).isSuccess( ) );
|
||||
assertTrue( service.resetPassword(u.getUsername(), new ResetPasswordRequest( "toto", "http://foo.fr/bar" ) ).isSuccess( ) );
|
||||
|
||||
emailMessages = assertService.getEmailMessageSended( );
|
||||
assertEquals( 2, emailMessages.size( ) );
|
||||
|
|
@ -409,7 +411,7 @@ public class UserServiceTest
|
|||
throws Exception
|
||||
{
|
||||
createGuestIfNeeded( );
|
||||
Collection<Permission> permissions = getUserService( null ).getCurrentUserPermissions( );
|
||||
Collection<Permission> permissions = getUserService( null ).getCurrentUserPermissions("guest" );
|
||||
log.info( "guest permisssions: {}", permissions );
|
||||
}
|
||||
|
||||
|
|
@ -426,7 +428,7 @@ public class UserServiceTest
|
|||
throws Exception
|
||||
{
|
||||
createGuestIfNeeded( );
|
||||
Collection<Operation> operations = getUserService( null ).getCurrentUserOperations( );
|
||||
Collection<Operation> operations = getUserService( null ).getCurrentUserOperations("guest" );
|
||||
log.info( "guest operations: {}", operations );
|
||||
}
|
||||
|
||||
|
|
@ -447,7 +449,7 @@ public class UserServiceTest
|
|||
u.setEmail( "toto@titi.fr" );
|
||||
u.setPassword( "toto1234" );
|
||||
u.setPreviousPassword( "toto123" );
|
||||
getUserService( getUserAuthzHeader( "toto" ) ).updateMe( u );
|
||||
getUserService( getUserAuthzHeader( "toto" ) ).updateMe( u.getUsername(), u );
|
||||
|
||||
u = getUserService( getAdminAuthzHeader( ) ).getUser( "toto" );
|
||||
assertEquals( "the toto123", u.getFullName( ) );
|
||||
|
|
@ -457,7 +459,7 @@ public class UserServiceTest
|
|||
u.setEmail( "toto@tititi.fr" );
|
||||
u.setPassword( "toto12345" );
|
||||
u.setPreviousPassword( "toto1234" );
|
||||
getUserService( getUserAuthzHeader( "toto" )) .updateMe( u );
|
||||
getUserService( getUserAuthzHeader( "toto" )) .updateMe(u.getUsername(), u );
|
||||
|
||||
u = getUserService( getAdminAuthzHeader( ) ).getUser( "toto" );
|
||||
assertEquals( "the toto1234", u.getFullName( ) );
|
||||
|
|
|
|||
Loading…
Reference in New Issue