@Test public void beginEmailChangeWithUsernameConflict() throws Exception { ScimUser user = new ScimUser("user-001", "user@example.com", "test-name", "test-name"); user.setPrimaryEmail("user@example.com"); when(scimUserProvisioning.retrieve(anyString(), anyString())).thenReturn(user); String zoneId = IdentityZoneHolder.get().getId(); when(scimUserProvisioning.query(anyString(), eq(zoneId))).thenReturn(Collections.singletonList(new ScimUser())); Assertions.assertThrows(UaaException.class, () -> emailChangeEmailService.beginEmailChange("user-001", "user@example.com", "new@example.com", null, null)); }
@Test public void testCompleteVerificationWithInvalidIntent() throws Exception { when(codeStore.retrieveCode("invalid_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("invalid_code", new Timestamp(System.currentTimeMillis()), null, "invalid-intent")); Assertions.assertThrows(UaaException.class, () -> emailChangeEmailService.completeVerification("invalid_code")); }
@Override public void beginEmailChange(String userId, String email, String newEmail, String clientId, String redirectUri) { ScimUser user = scimUserProvisioning.retrieve(userId, IdentityZoneHolder.get().getId()); List<ScimUser> results = scimUserProvisioning.query("userName eq \"" + newEmail + "\" and origin eq \"" + OriginKeys.UAA + "\"", IdentityZoneHolder.get().getId()); if (user.getUserName().equals(user.getPrimaryEmail())) { if (!results.isEmpty()) { throw new UaaException("Conflict", 409); } } String code = generateExpiringCode(userId, newEmail, clientId, redirectUri); String htmlContent = getEmailChangeEmailHtml(email, newEmail, code); if(htmlContent != null) { String subject = getSubjectText(); messageService.sendMessage(newEmail, MessageType.CHANGE_EMAIL, subject, htmlContent); } }
@Test public void testBeginEmailChangeWithCompanyNameConfigured() throws Exception { emailChangeEmailService = new EmailChangeEmailService(templateEngine, messageService, scimUserProvisioning, codeStore, clientDetailsService); when(codeStore.generateCode(eq(data), any(Timestamp.class), eq(EMAIL.name()), anyString())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(System.currentTimeMillis()), data, EMAIL.name())); emailChangeEmailService.beginEmailChange("user-001", "user@example.com", "new@example.com", "app", "http://app.com");
@BeforeEach public void setUp() throws Exception { SecurityContextHolder.clearContext(); scimUserProvisioning = mock(ScimUserProvisioning.class); codeStore = mock(ExpiringCodeStore.class); clientDetailsService = mock(ClientServicesExtension.class); messageService = mock(EmailService.class); emailChangeEmailService = new EmailChangeEmailService(templateEngine, messageService, scimUserProvisioning, codeStore, clientDetailsService); request = new MockHttpServletRequest(); request.setProtocol("http"); request.setContextPath("/login"); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(request)); }
@Test public void testCompleteVerificationWithInvalidCode() throws Exception { when(codeStore.retrieveCode("invalid_code", IdentityZoneHolder.get().getId())).thenReturn(null); Assertions.assertThrows(UaaException.class, () -> emailChangeEmailService.completeVerification("invalid_code")); }
private void setUpForBeginEmailChange() { ScimUser user = new ScimUser("user-001", "user-name", "test-name", "test-name"); user.setPrimaryEmail("user@example.com"); Map<String, String> codeData = new HashMap<>(); codeData.put("user_id", "user-001"); codeData.put("client_id", "app"); codeData.put("redirect_uri", "http://app.com"); codeData.put("email", "new@example.com"); IdentityZone identityZone = new IdentityZone(); String zoneId = RandomStringUtils.random(10); identityZone.setId(zoneId); identityZone.setName(IDENTITY_ZONE_NAME); IdentityZoneHolder.set(identityZone); when(scimUserProvisioning.retrieve("user-001", zoneId)).thenReturn(user); when(scimUserProvisioning.query(anyString(), eq(zoneId))).thenReturn(Collections.singletonList(new ScimUser())); String data = JsonUtils.writeValueAsString(codeData); when(codeStore.generateCode(eq(data), any(Timestamp.class), eq(EMAIL.name()), anyString())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(System.currentTimeMillis()), data, EMAIL.name())); emailChangeEmailService.beginEmailChange("user-001", "user@example.com", "new@example.com", "app", "http://app.com"); verify(codeStore).generateCode(eq(JsonUtils.writeValueAsString(codeData)), any(Timestamp.class), eq(EMAIL.name()), eq(zoneId)); }
@Test public void testCompleteActivationWithInvalidClientId() { Map<String, String> codeData = new HashMap<>(); codeData.put("user_id", "user-001"); codeData.put("client_id", "invalid-client"); codeData.put("email", "new@example.com"); when(codeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(System.currentTimeMillis()), JsonUtils.writeValueAsString(codeData), null)); ScimUser user = new ScimUser("user-001", "user@example.com", "", ""); user.setPrimaryEmail("user@example.com"); when(scimUserProvisioning.retrieve("user-001", IdentityZoneHolder.get().getId())).thenReturn(user); doThrow(new NoSuchClientException("no such client")).when(clientDetailsService).loadClientByClientId("invalid-client", "uaa"); Map<String, String> response = null; try { response = emailChangeEmailService.completeVerification("the_secret_code"); } catch (NoSuchClientException e) { assertNull(response.get("redirect_url")); } }
when(codeStore.generateCode(eq(data), any(Timestamp.class), eq(EMAIL.name()), anyString())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(System.currentTimeMillis()), data, EMAIL.name())); emailChangeEmailService.beginEmailChange("user-001", "user@example.com", "new@example.com", "app", "http://app.com");
private Map<String, String> setUpCompleteActivation(String username, String clientId, String redirectUri) { Map<String, String> codeData = new HashMap<>(); codeData.put("user_id", "user-001"); codeData.put("client_id", clientId); codeData.put("redirect_uri", redirectUri); codeData.put("email", "new@example.com"); BaseClientDetails clientDetails = new BaseClientDetails("client-id", null, null, "authorization_grant", null, "http://app.com/*"); clientDetails.addAdditionalInformation(CHANGE_EMAIL_REDIRECT_URL, "http://fallback.url/redirect"); when(codeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("the_secret_code", new Timestamp(System.currentTimeMillis()), JsonUtils.writeValueAsString(codeData), null)); ScimUser user = new ScimUser("user-001", username, "", ""); user.setPrimaryEmail("user@example.com"); when(scimUserProvisioning.retrieve("user-001", IdentityZoneHolder.get().getId())).thenReturn(user); when(clientDetailsService.loadClientByClientId(clientId, "uaa")).thenReturn(clientDetails); Map<String, String> response = emailChangeEmailService.completeVerification("the_secret_code"); ScimUser updatedUser = new ScimUser("user-001", "new@example.com", "", ""); user.setPrimaryEmail("new@example.com"); verify(scimUserProvisioning).update("user-001", updatedUser, IdentityZoneHolder.get().getId()); return response; }