org.apache.usergrid.rest.management.ExternalSSOEnabledIT.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.apache.usergrid.rest.management.ExternalSSOEnabledIT.java

Introduction

Here is the source code for org.apache.usergrid.rest.management.ExternalSSOEnabledIT.java

Source

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.apache.usergrid.rest.management;

import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.crypto.RsaProvider;
import org.apache.commons.collections4.map.HashedMap;
import org.apache.usergrid.cassandra.SpringResource;
import org.apache.usergrid.persistence.index.utils.UUIDUtils;
import org.apache.usergrid.rest.test.resource.AbstractRestIT;
import org.apache.usergrid.rest.test.resource.RestClient;
import org.apache.usergrid.rest.test.resource.model.ApiResponse;
import org.apache.usergrid.rest.test.resource.model.Entity;
import org.apache.usergrid.security.sso.ApigeeSSO2Provider;
import org.codehaus.jackson.JsonNode;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;

import java.security.*;
import java.util.HashMap;
import java.util.Map;

import static org.junit.Assert.*;

/**
 * Created by ayeshadastagiri on 7/20/16.
 */
@Ignore("Need to figure out a way to set the public key for Mock server.")
public class ExternalSSOEnabledIT extends AbstractRestIT {

    Key key;
    PublicKey publicKey;
    PrivateKey privateKey;
    String compactJws;
    String username = "SSOadminuser" + UUIDUtils.newTimeUUID();

    //SSO2 implementation
    public static final String USERGRID_EXTERNAL_SSO_ENABLED = "usergrid.external.sso.enabled";
    public static final String USERGRID_EXTERNAL_PROVIDER = "usergrid.external.sso.provider";

    public ExternalSSOEnabledIT() throws Exception {

    }

    @Before
    public void setup() throws NoSuchAlgorithmException {
        generateKey();
    }

    private void generateKey() {
        KeyPair kp = RsaProvider.generateKeyPair(1024);
        publicKey = kp.getPublic();
        privateKey = kp.getPrivate();
    }

    private String genrateToken() {
        Map<String, Object> claims = new HashedMap<String, Object>();
        claims.put("jti", "c7df0339-3847-450b-a925-628ef237953a");
        claims.put("sub", "b6d62259-217b-4e96-8f49-e00c366e4fed");
        claims.put("scope", "size = 5");
        claims.put("client_id", "edgecli");
        claims.put("azp", "edgecli");
        claims.put("grant_type", "password");
        claims.put("user_id", "b6d62259-217b-4e96-8f49-e00c366e4fed");
        claims.put("origin", "usergrid");
        claims.put("user_name", "AyeshaSSOUser");
        claims.put("email", "adastagiri+ssotesting@apigee.com");
        claims.put("rev_sig", "dfe5d0d3");
        claims.put("iat", "1466550862");
        claims.put("exp", System.currentTimeMillis() + 1000);
        claims.put("iss", "https://login.apigee.com/oauth/token");
        claims.put("zid", "uaa");
        claims.put("aud", " size = 6");
        claims.put("grant_type", "password");

        String jwt = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.RS256, privateKey).compact();
        return jwt;

    }

    @Test
    public void SuperUserTestsFor() throws NoSuchAlgorithmException {

        // create a admin user.
        RestClient restClient = clientSetup.getRestClient();

        //Create adminUser values
        Entity adminUserPayload = new Entity();
        adminUserPayload.put("username", "TestUser");
        adminUserPayload.put("name", username);
        adminUserPayload.put("email", "adastagiri+ssotesting@apigee.com");
        adminUserPayload.put("password", username);

        //create adminUser
        ApiResponse adminUserEntityResponse = management().orgs().org(clientSetup.getOrganizationName()).users()
                .post(ApiResponse.class, adminUserPayload);

        Entity adminUserResponse = new Entity(adminUserEntityResponse);
        //verify that the response contains the correct data
        assertNotNull(adminUserResponse);
        assertEquals("TestUser", adminUserResponse.get("username"));

        Map<String, String> props = new HashMap<String, String>();

        props.put(USERGRID_EXTERNAL_SSO_ENABLED, "true");
        props.put(USERGRID_EXTERNAL_PROVIDER, "apigee");
        pathResource("testproperties").post(props);

        // /management/me --> superuser and query params --> Generate a super usesr token.
        Map<String, Object> loginInfo = new HashMap<String, Object>() {
            {
                put("username", "superuser");
                put("password", "superpassword");
                put("grant_type", "password");
            }
        };
        ApiResponse postResponse2 = pathResource("management/token").post(false, ApiResponse.class, loginInfo);
        assertTrue(postResponse2.getAccessToken() != null);

        // /orgs  create an org with superuser credentials.
        // /management/me --> superuser and query params --> Generate a super usesr token.
        Map<String, Object> orgDetails = new HashMap<String, Object>() {
            {
                put("email", "adastagiri+ssotesting@apigee.com");
                put("name", "testuser");
                put("organization", username);
            }
        };

        context().getToken().put("access_token", postResponse2.getAccessToken());
        postResponse2 = pathResource("management/orgs").post(true, ApiResponse.class, orgDetails);
        assertTrue(postResponse2.getData() != null);

        postResponse2 = pathResource("management/orgs").get(ApiResponse.class, true);
        assertTrue(postResponse2 != null);

        compactJws = genrateToken();

        SpringResource.getInstance().getAppContext().getBean(ApigeeSSO2Provider.class).setPublicKey(publicKey);
        context().getToken().put("access_token", compactJws);
        // /management/me --> admin user and jwt token. Return the user information and "token" should have jwt token.
        JsonNode responseToken = management().me().get(JsonNode.class, true);
        assertTrue(responseToken.get("access_token") != null);

        // /management/me --> admin and query params --> Generate a super usesr token.
        Map<String, Object> loginInfo1 = new HashMap<String, Object>() {
            {
                put("username", "TestUser");
                put("password", username);
                put("grant_type", "password");
            }
        };

        // /managment/token -> adminusername and password --> should fail.
        ApiResponse postResponse1 = pathResource("management/token").post(false, ApiResponse.class, loginInfo1);
        //        fail( "External SSO integration is enabled, admin users must login via provider: "+ USERGRID_EXTERNAL_SSO_PROVIDER_URL);

    }
}