diff --git a/component/authenticator/pom.xml b/component/authenticator/pom.xml index 642dc32bf..75a933491 100644 --- a/component/authenticator/pom.xml +++ b/component/authenticator/pom.xml @@ -43,62 +43,58 @@ ${identity.extension.utils} - org.wso2.carbon - org.wso2.carbon.registry.api - 4.3.0 + log4j + log4j + ${log4j.version} - org.wso2.carbon.identity - org.wso2.carbon.identity.entitlement.common + org.apache.rampart.wso2 + rampart-core + ${rampart.wso2.version} - org.wso2.balana - org.wso2.balana + org.apache.rampart.wso2 + rampart-policy + ${rampart.wso2.version} - org.wso2.carbon - org.wso2.carbon.registry.core - 4.3.0 + org.apache.rampart.wso2 + rampart-trust + ${rampart.wso2.version} + - org.wso2.carbon - org.wso2.carbon.core + org.testng + testng + test - org.wso2.carbon - org.wso2.carbon.utils + org.jacoco + org.jacoco.agent + runtime + test + - org.wso2.carbon.identity - org.wso2.carbon.identity.base + org.powermock + powermock-module-testng + test - org.wso2.carbon.identity - org.wso2.carbon.identity.core + org.powermock + powermock-api-mockito + test - org.wso2.carbon - org.wso2.carbon.logging + org.slf4j + slf4j-api + test - org.wso2.carbon.identity - org.wso2.carbon.identity.application.authentication.framework - - - org.wso2.carbon - org.wso2.carbon.core.services - - - org.wso2.carbon.identity - org.wso2.carbon.identity.application.common - - - org.apache.axis2.transport - axis2-transport-mail - - - org.wso2.carbon.identity - org.wso2.carbon.identity.mgt + org.powermock + powermock-module-junit4 + 1.6.5 + test @@ -139,6 +135,67 @@ + + org.apache.maven.plugins + maven-surefire-plugin + ${maven.surefire.plugin.version} + + + src/test/resources/testng.xml + + + + + org.jacoco + jacoco-maven-plugin + ${jacoco.version} + + + default-prepare-agent + + prepare-agent + + + + default-prepare-agent-integration + + prepare-agent-integration + + + + default-report + + report + + + + default-report-integration + + report-integration + + + + default-check + + check + + + + + BUNDLE + + + COMPLEXITY + COVEREDRATIO + + + + + + + + + diff --git a/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticator.java b/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticator.java index 235f80aa6..7c1d0b30c 100644 --- a/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticator.java +++ b/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticator.java @@ -285,10 +285,14 @@ protected void processAuthenticationResponse(HttpServletRequest request, .valueOf(context.getProperty(TOTPAuthenticatorConstants.ENABLE_TOTP).toString())) { //adds the claims to the profile if the user enrol and continued. Map claims = new HashMap<>(); - claims.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, - context.getProperty(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL).toString()); - claims.put(TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL, - context.getProperty(TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL).toString()); + if (context.getProperty(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL) != null) { + claims.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, + context.getProperty(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL).toString()); + } + if (context.getProperty(TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL) != null) { + claims.put(TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL, + context.getProperty(TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL).toString()); + } try { TOTPKeyGenerator.addTOTPClaimsAndRetrievingQRCodeURL(claims, username, context); } catch (TOTPException e) { @@ -360,17 +364,23 @@ public String getName() { * @return true, if token is generated successfully */ private boolean generateTOTPToken(AuthenticationContext context) { - String username = context.getProperty("username").toString(); - try { - TOTPTokenGenerator.generateTOTPTokenLocal(username, context); - if (log.isDebugEnabled()) { - log.debug("TOTP Token is generated"); - } - } catch (TOTPException e) { - log.error("Error when generating the totp token", e); - return false; - } - return true; + String username; + if (context.getProperty("username") == null) { + log.error("No username found in the authentication context."); + return false; + } else { + username = context.getProperty("username").toString(); + try { + TOTPTokenGenerator.generateTOTPTokenLocal(username, context); + if (log.isDebugEnabled()) { + log.debug("TOTP Token is generated"); + } + } catch (TOTPException e) { + log.error("Error when generating the totp token", e); + return false; + } + } + return true; } /** diff --git a/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtil.java b/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtil.java index a0bc63246..e14cb21d6 100644 --- a/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtil.java +++ b/component/authenticator/src/main/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtil.java @@ -96,18 +96,23 @@ public static String decrypt(String cipherText) throws CryptoException { * @return encoding method */ public static String getEncodingMethod(String tenantDomain, AuthenticationContext context) { - String encodingMethod; + String encodingMethod = null; if (tenantDomain.equals(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN)) { encodingMethod = String.valueOf(getTOTPParameters().get(TOTPAuthenticatorConstants.ENCODING_METHOD)); } else { Object getPropertiesFromIdentityConfig = context .getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG); if (getPropertiesFromIdentityConfig == null) { - encodingMethod = context.getProperty(TOTPAuthenticatorConstants.ENCODING_METHOD).toString(); + if (context.getProperty(TOTPAuthenticatorConstants.ENCODING_METHOD) != null) { + encodingMethod = context.getProperty(TOTPAuthenticatorConstants.ENCODING_METHOD).toString(); + } } else { - encodingMethod = String.valueOf( - IdentityHelperUtil.getAuthenticatorParameters(TOTPAuthenticatorConstants.AUTHENTICATOR_NAME) - .get(TOTPAuthenticatorConstants.ENCODING_METHOD)); + if (IdentityHelperUtil.getAuthenticatorParameters(TOTPAuthenticatorConstants.AUTHENTICATOR_NAME) + .get(TOTPAuthenticatorConstants.ENCODING_METHOD) != null) { + encodingMethod = String.valueOf( + IdentityHelperUtil.getAuthenticatorParameters(TOTPAuthenticatorConstants.AUTHENTICATOR_NAME) + .get(TOTPAuthenticatorConstants.ENCODING_METHOD)); + } } } if (TOTPAuthenticatorConstants.BASE64.equals(encodingMethod)) { diff --git a/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticatorTest.java b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticatorTest.java new file mode 100644 index 000000000..9053e74ac --- /dev/null +++ b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPAuthenticatorTest.java @@ -0,0 +1,428 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.wso2.carbon.identity.application.authenticator.totp; + +import org.mockito.ArgumentCaptor; +import org.mockito.Mock; +import org.mockito.Spy; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.testng.PowerMockObjectFactory; +import org.powermock.reflect.Whitebox; +import org.testng.Assert; +import org.testng.IObjectFactory; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.ObjectFactory; +import org.testng.annotations.Test; +import org.wso2.carbon.context.CarbonContext; +import org.wso2.carbon.extension.identity.helper.FederatedAuthenticatorUtil; +import org.wso2.carbon.extension.identity.helper.util.IdentityHelperUtil; +import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator; +import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus; +import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade; +import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder; +import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig; +import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig; +import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig; +import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext; +import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException; +import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException; +import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; +import org.wso2.carbon.identity.application.authenticator.totp.exception.TOTPException; +import org.wso2.carbon.identity.application.authenticator.totp.util.TOTPUtil; +import org.wso2.carbon.user.core.UserRealm; +import org.wso2.carbon.user.core.UserStoreException; +import org.wso2.carbon.user.core.UserStoreManager; +import org.wso2.carbon.utils.multitenancy.MultitenantUtils; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + + +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.mockito.Matchers.any; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; +import static org.mockito.MockitoAnnotations.initMocks; +import static org.powermock.api.mockito.PowerMockito.*; + +@PrepareForTest({TOTPUtil.class, TOTPTokenGenerator.class, ConfigurationFacade.class, TOTPTokenGenerator.class, + FileBasedConfigurationBuilder.class, IdentityHelperUtil.class, CarbonContext.class, + FederatedAuthenticatorUtil.class}) +@PowerMockIgnore({"javax.crypto.*" }) +public class TOTPAuthenticatorTest { + + @Mock + private TOTPAuthenticator mockedTOTPAuthenticator; + + @Spy + private TOTPAuthenticator spy; + + private TOTPAuthenticator totpAuthenticator; + + @Mock + private HttpServletRequest httpServletRequest; + + @Mock + private ConfigurationFacade configurationFacade; + + @Mock + private HttpServletResponse httpServletResponse; + + @Spy + private AuthenticationContext context; + + @Mock + private UserRealm userRealm; + + @Mock + private UserStoreManager userStoreManager; + + @Spy + private FederatedAuthenticatorUtil federatedAuthenticatorUtil; + + @Mock + private SequenceConfig sequenceConfig; + + @Mock + private Map mockedMap; + + @Mock + private StepConfig stepConfig; + + @Mock + private AuthenticatorConfig authenticatorConfig; + + @Mock + private ApplicationAuthenticator applicationAuthenticator; + + @Spy + private AuthenticationContext mockedContext; + + @Mock + private FileBasedConfigurationBuilder fileBasedConfigurationBuilder; + + @BeforeMethod + public void setUp() { + totpAuthenticator = new TOTPAuthenticator(); + initMocks(this); + mockStatic(TOTPUtil.class); + mockStatic(ConfigurationFacade.class); + mockStatic(TOTPTokenGenerator.class); + when(ConfigurationFacade.getInstance()).thenReturn(configurationFacade); + mockStatic(FileBasedConfigurationBuilder.class); + mockStatic(IdentityHelperUtil.class); + mockStatic(FederatedAuthenticatorUtil.class); + } + + @Test(description = "Test case for canHandle() method true case.") + public void testCanHandle() throws Exception { + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.TOKEN)).thenReturn("213432"); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn("true"); + Assert.assertEquals(totpAuthenticator.canHandle(httpServletRequest), true); + } + + @Test(description = "Test case for canHandle() method false case.") + public void testCanHandleFalse() throws Exception { + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.TOKEN)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn(null); + Assert.assertEquals(totpAuthenticator.canHandle(httpServletRequest), false); + } + + @Test(description = "Test case for getContextIdentifier() method.") + public void testGetContextIdentifier(){ + when(httpServletRequest.getRequestedSessionId()).thenReturn("234567890"); + Assert.assertEquals(totpAuthenticator.getContextIdentifier(httpServletRequest), "234567890"); + + when(httpServletRequest.getRequestedSessionId()).thenReturn(null); + Assert.assertNull(totpAuthenticator.getContextIdentifier(httpServletRequest)); + } + + @Test(description = "Test case for getFriendlyName() method.") + public void testGetFriendlyName() { + Assert.assertEquals(totpAuthenticator.getFriendlyName(), + TOTPAuthenticatorConstants.AUTHENTICATOR_FRIENDLY_NAME); + } + + @Test(description = "Test case for getName() method.") + public void testGetName() { + Assert.assertEquals(totpAuthenticator.getName(), TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + } + + @Test(description = "Test case for retryAuthenticationEnabled() method.") + public void testRetryAuthenticationEnabled() { + Assert.assertEquals(totpAuthenticator.retryAuthenticationEnabled(), true); + } + + @Test(description = "TOTPAuthenticator:getLoginPage() test for get the loginPage url from authentication.xml file.") + public void testGetLoginPageFromXMLFile() throws Exception { + mockStatic(TOTPUtil.class); + when(TOTPUtil.getLoginPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + Assert.assertEquals(Whitebox.invokeMethod(totpAuthenticator, "getLoginPage", + new AuthenticationContext()), TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + } + + @Test(description = "TOTPAuthenticator:getLoginPage() test for get the loginPage url from constant file.") + public void testGetLoginPageFromConstantFile() throws Exception { + when(configurationFacade.getAuthenticationEndpointURL()).thenReturn("authenticationendpoint/login.do"); + when(TOTPUtil.getLoginPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(null); + Assert.assertEquals(Whitebox.invokeMethod(totpAuthenticator, "getLoginPage", + new AuthenticationContext()), TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + } + + @Test(description = "TOTPAuthenticator:getErrorPage() test for get the errorPage url from constant file.") + public void testGetErrorPageFromXMLFile() throws Exception { + mockStatic(TOTPUtil.class); + when(TOTPUtil.getErrorPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.ERROR_PAGE); + Assert.assertEquals(Whitebox.invokeMethod(totpAuthenticator, "getErrorPage", + new AuthenticationContext()), TOTPAuthenticatorConstants.ERROR_PAGE); + } + + @Test(description = "TOTPAuthenticator:getErrorPage() test for get the errorPage url from constant file.") + public void testGetErrorPageFromConstantFile() throws Exception { + when(configurationFacade.getAuthenticationEndpointURL()).thenReturn("authenticationendpoint/login.do"); + when(TOTPUtil.getErrorPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(null); + Assert.assertEquals(Whitebox.invokeMethod(totpAuthenticator, "getErrorPage", + new AuthenticationContext()), TOTPAuthenticatorConstants.ERROR_PAGE); + } + + @Test(description = "Test case for generateTOTPToken() method success.") + public void testGenerateTOTPToken() throws Exception { + String username = "admin"; + mockStatic(TOTPTokenGenerator.class); + when(TOTPTokenGenerator.generateTOTPTokenLocal(username, new AuthenticationContext())).thenReturn("123456"); + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setProperty("username", username); + Assert.assertEquals(Whitebox.invokeMethod(totpAuthenticator, "generateTOTPToken", + authenticationContext), true); + } + + @Test(description = "Test case for successful logout request.") + public void testProcessLogoutRequest() throws Exception { + when(context.isLogoutRequest()).thenReturn(true); + doReturn(true).when(mockedTOTPAuthenticator).canHandle(httpServletRequest); + AuthenticatorFlowStatus status = totpAuthenticator.process(httpServletRequest, httpServletResponse, context); + Assert.assertEquals(status, AuthenticatorFlowStatus.SUCCESS_COMPLETED); + } + + @Test(description = "Test case for process() method with generate TOTP token.") + public void testProcess() throws AuthenticationFailedException, LogoutFailedException, TOTPException { + AuthenticationContext authenticationContext = new AuthenticationContext(); + String username = "admin"; + authenticationContext.setProperty("username", username); + doReturn(true).when(mockedTOTPAuthenticator).canHandle(httpServletRequest); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn("true"); + when(TOTPTokenGenerator.generateTOTPTokenLocal(username, authenticationContext)).thenReturn("123456"); + AuthenticatorFlowStatus status = totpAuthenticator.process(httpServletRequest, httpServletResponse, + authenticationContext); + Assert.assertEquals(status, AuthenticatorFlowStatus.INCOMPLETE); + } + + @Test(description = "Test case for process() method with send TOTP token failed.") + public void testProcessWithSendTokenFalse() throws AuthenticationFailedException, LogoutFailedException { + doReturn(true).when(mockedTOTPAuthenticator).canHandle(httpServletRequest); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn("true"); + AuthenticatorFlowStatus status = totpAuthenticator.process(httpServletRequest, httpServletResponse, context); + Assert.assertEquals(status, AuthenticatorFlowStatus.FAIL_COMPLETED); + } + + @Test(description = "Test case for process() method with totp enabled and incomplete flow.") + public void testProcessWithEnableTOTP() throws AuthenticationFailedException, LogoutFailedException { + doReturn(true).when(mockedTOTPAuthenticator).canHandle(httpServletRequest); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn("true"); + doNothing().when(spy).initiateAuthenticationRequest(httpServletRequest, httpServletResponse, context); + context.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + + AuthenticatorFlowStatus status = spy.process(httpServletRequest, httpServletResponse, context); + Assert.assertEquals(status, AuthenticatorFlowStatus.INCOMPLETE); + } + + @Test(description = "Test case for process() method with totp enabled and successful flow.") + public void testProcessWithEnableTOTPFalse() throws AuthenticationFailedException, LogoutFailedException { + doReturn(true).when(mockedTOTPAuthenticator).canHandle(httpServletRequest); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn("true"); + doNothing().when(spy).initiateAuthenticationRequest(httpServletRequest, httpServletResponse, context); + context.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, "other"); + AuthenticatorFlowStatus status = spy.process(httpServletRequest, httpServletResponse, + context); + Assert.assertEquals(status, AuthenticatorFlowStatus.SUCCESS_COMPLETED); + } + + @Test(description = "Test case for process() method with send token and successful flow.") + public void testProcessWithoutTokenComplete() throws AuthenticationFailedException, LogoutFailedException { + doReturn(true).when(mockedTOTPAuthenticator).canHandle(httpServletRequest); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.TOKEN)).thenReturn(null); + doNothing().when(spy).initiateAuthenticationRequest(httpServletRequest, httpServletResponse, context); + context.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, "other"); + AuthenticatorFlowStatus status = spy.process(httpServletRequest, httpServletResponse, + context); + Assert.assertEquals(status, AuthenticatorFlowStatus.SUCCESS_COMPLETED); + } + + @Test(description = "Test case for process() method when no token is present in the request") + public void testProcessWithoutToken() throws AuthenticationFailedException, LogoutFailedException { + doReturn(true).when(mockedTOTPAuthenticator).canHandle(httpServletRequest); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.SEND_TOKEN)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn(null); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.TOKEN)).thenReturn(null); + doNothing().when(spy).initiateAuthenticationRequest(httpServletRequest, httpServletResponse, context); + context.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + + AuthenticatorFlowStatus status = spy.process(httpServletRequest, httpServletResponse, + context); + Assert.assertEquals(status, AuthenticatorFlowStatus.INCOMPLETE); + } + + @Test(description = "Test case for isTOTPEnabledForLocalUser with TOTP enabled user ") + public void testIsTOTPEnabledForLocalUser() throws Exception { + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + String username = "admin"; + Map claims = new HashMap<>(); + claims.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, "AnySecretKey"); + userStoreManager.setUserClaimValues(MultitenantUtils.getTenantAwareUsername(username), claims, null ); + Whitebox.invokeMethod(totpAuthenticator, "isTOTPEnabledForLocalUser", "admin"); + } + + @Test(description = "Test case for initiateAuthenticationRequest() method when authenticated user is null", + expectedExceptions = {AuthenticationFailedException.class}) + public void testInitiateAuthenticationRequestWithNullUser() throws AuthenticationFailedException { + context.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + totpAuthenticator.initiateAuthenticationRequest(httpServletRequest, httpServletResponse, context); + } + + @Test(description = "Test case for initiateAuthenticationRequest() method with totp enabled user.") + public void testInitiateAuthenticationRequest() throws AuthenticationFailedException, UserStoreException { + String username = "admin"; + AuthenticatedUser authenticatedUser = AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(username); + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + authenticationContext.setProperty("username", username); + authenticationContext.setProperty("authenticatedUser", authenticatedUser); + Map claims = new HashMap<>(); + claims.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, "AnySecretKey"); + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + when(userStoreManager.getUserClaimValues(username, new String[] + { TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL }, null)).thenReturn(claims); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn(null); + when(TOTPUtil.getLoginPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + when(TOTPUtil.getErrorPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + + totpAuthenticator.initiateAuthenticationRequest(httpServletRequest, httpServletResponse, authenticationContext); + } + + @Test(description = "Test case for initiateAuthenticationRequest() method when admin does not enforces TOTP and " + + "TOTP is not enabled for the user.") + public void testInitiateAuthenticationRequestWithEnrollment() throws AuthenticationFailedException, + UserStoreException { + String username = "admin"; + AuthenticatedUser authenticatedUser = AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(username); + mockedContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + mockedContext.setProperty("username", username); + mockedContext.setProperty("authenticatedUser", authenticatedUser); + Map claims = new HashMap<>(); + claims.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, "AnySecretKey"); + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn(null); + when(TOTPUtil.getLoginPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + when(TOTPUtil.getErrorPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + when(mockedContext.getSequenceConfig()).thenReturn(sequenceConfig); + when(sequenceConfig.getStepMap()).thenReturn(mockedMap); + when(mockedMap.get(anyObject())).thenReturn(stepConfig); + when(stepConfig.getAuthenticatedAutenticator()).thenReturn(authenticatorConfig); + when(authenticatorConfig.getApplicationAuthenticator()).thenReturn(applicationAuthenticator); + totpAuthenticator.initiateAuthenticationRequest(httpServletRequest, httpServletResponse, mockedContext); + Assert.assertEquals(mockedContext.getProperty(TOTPAuthenticatorConstants.AUTHENTICATION), + TOTPAuthenticatorConstants.FEDERETOR); + } + + @Test(description = "Test case for initiateAuthenticationRequest() method when admin enforces TOTP and " + + "TOTP is not enabled for the user.", priority=2) + public void testInitiateAuthenticationRequestAdminEnforces() throws AuthenticationFailedException, UserStoreException, IOException { + String username = "admin"; + AuthenticatedUser authenticatedUser = AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(username); + context.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + context.setProperty("username", username); + context.setProperty("authenticatedUser", authenticatedUser); + Map claims = new HashMap<>(); + claims.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, "AnySecretKey"); + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn(null); + when(IdentityHelperUtil.checkSecondStepEnableByAdmin(context)).thenReturn(true); + when(TOTPUtil.getLoginPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + when(TOTPUtil.getErrorPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + when(context.getSequenceConfig()).thenReturn(sequenceConfig); + when(sequenceConfig.getStepMap()).thenReturn(mockedMap); + when(mockedMap.get(anyObject())).thenReturn(stepConfig); + when(stepConfig.getAuthenticatedAutenticator()).thenReturn(authenticatorConfig); + when(authenticatorConfig.getApplicationAuthenticator()).thenReturn(applicationAuthenticator); + ArgumentCaptor captor = ArgumentCaptor.forClass(String.class); + totpAuthenticator.initiateAuthenticationRequest(httpServletRequest, httpServletResponse, context); + verify(httpServletResponse).sendRedirect(captor.capture()); + Assert.assertTrue(captor.getValue().contains(TOTPAuthenticatorConstants.AUTHENTICATOR_NAME)); + } + + @Test(description = "Test case for initiateAuthenticationRequest() method when admin enforces TOTP and " + + "TOTP is not enabled for the user.", priority=2) + public void testInitiateAuthenticationWithEnableTOTP() throws AuthenticationFailedException, UserStoreException, IOException { + String username = "admin"; + AuthenticatedUser authenticatedUser = AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(username); + context.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + context.setProperty("username", username); + context.setProperty("authenticatedUser", authenticatedUser); + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + when(httpServletRequest.getParameter(TOTPAuthenticatorConstants.ENABLE_TOTP)).thenReturn(null); + when(IdentityHelperUtil.checkSecondStepEnableByAdmin(context)).thenReturn(true); + when(TOTPUtil.getLoginPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + when(TOTPUtil.getErrorPageFromXMLFile(any(AuthenticationContext.class), anyString())). + thenReturn(TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE); + when(TOTPUtil.isEnrolUserInAuthenticationFlowEnabled(context)).thenReturn(true); + totpAuthenticator.initiateAuthenticationRequest(httpServletRequest, httpServletResponse, context); + } + + @ObjectFactory + public IObjectFactory getObjectFactory() { + return new PowerMockObjectFactory(); + } + +} \ No newline at end of file diff --git a/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPKeyGeneratorTest.java b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPKeyGeneratorTest.java new file mode 100644 index 000000000..8d11455a1 --- /dev/null +++ b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/TOTPKeyGeneratorTest.java @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.wso2.carbon.identity.application.authenticator.totp; + +import org.mockito.Mock; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.testng.PowerMockObjectFactory; +import org.testng.Assert; +import org.testng.IObjectFactory; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.ObjectFactory; +import org.testng.annotations.Test; +import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext; +import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException; +import org.wso2.carbon.identity.application.authenticator.totp.exception.TOTPException; +import org.wso2.carbon.identity.application.authenticator.totp.util.TOTPUtil; +import org.wso2.carbon.user.core.UserRealm; +import org.wso2.carbon.user.core.UserStoreException; +import org.wso2.carbon.user.core.UserStoreManager; +import org.wso2.carbon.utils.multitenancy.MultitenantUtils; + +import java.util.HashMap; +import java.util.Map; + +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +@PrepareForTest({TOTPUtil.class}) +public class TOTPKeyGeneratorTest { + + @Mock + UserStoreManager userStoreManager; + + @Mock + UserRealm userRealm; + + @Mock + AuthenticationContext authenticationContext; + + @BeforeMethod + public void setUp() { + mockStatic(TOTPUtil.class); + } + + @Test + public void testGenerateClaims() throws UserStoreException, TOTPException, AuthenticationFailedException { + Map claims = new HashMap<>(); + String username = "admin"; + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + claims.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, "AnySecretKey"); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + when(userStoreManager.getUserClaimValues(MultitenantUtils.getTenantAwareUsername(username), new String[] { + TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL }, null)).thenReturn(claims); + userStoreManager.setUserClaimValues(MultitenantUtils.getTenantAwareUsername(username), claims, null ); + Assert.assertNotNull(TOTPKeyGenerator.generateClaims(username,false, authenticationContext)); + } + + @Test(expectedExceptions = {TOTPException.class}) + public void testResetLocalWithException() throws AuthenticationFailedException, TOTPException, UserStoreException { + TOTPKeyGenerator.resetLocal("admin"); + } + + @Test + public void testAddTOTPClaimsAndRetrievingQRCodeURL() throws AuthenticationFailedException, + UserStoreException, TOTPException { + Map claims = new HashMap<>(); + String qrCodeUrl = "http://wso2.org/claims/identity/" + + "qrcodeurl=b3RwYXV0aDovL3RvdHAvY2FyYm9uLnN1cGVyOmFkbWluP3NlY3JldD1udWxsJmlzc3Vlcj1jYXJib24uc3VwZXI="; + String username = "admin"; + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + claims.put(TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL, qrCodeUrl); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + Assert.assertEquals(TOTPKeyGenerator.addTOTPClaimsAndRetrievingQRCodeURL(claims, username, + authenticationContext), qrCodeUrl); + } + + @Test + public void testResetLocal() throws Exception { + when(TOTPUtil.getUserRealm(anyString())).thenReturn(userRealm); + when(userRealm.getUserStoreManager()).thenReturn(userStoreManager); + Assert.assertTrue(TOTPKeyGenerator.resetLocal("admin")); + } + + @ObjectFactory + public IObjectFactory getObjectFactory() { + return new PowerMockObjectFactory(); + } +} diff --git a/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPAuthenticatorConfigTest.java b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPAuthenticatorConfigTest.java new file mode 100644 index 000000000..fb7e08e43 --- /dev/null +++ b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPAuthenticatorConfigTest.java @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.wso2.carbon.identity.application.authenticator.totp.util; + +import org.testng.Assert; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.Test; + +import java.util.concurrent.TimeUnit; + +import static org.mockito.MockitoAnnotations.initMocks; + +public class TOTPAuthenticatorConfigTest { + + private TOTPAuthenticatorConfig totpAuthenticatorConfig; + + @BeforeMethod + public void setUp() { + totpAuthenticatorConfig = new TOTPAuthenticatorConfig(); + initMocks(this); + } + + @Test + public void testGetKeyModulus() { + Assert.assertEquals(totpAuthenticatorConfig.getKeyModulus(), (int) Math.pow(10, 6)); + } + + @Test + public void testGetKeyRepresentation() { + Assert.assertEquals(totpAuthenticatorConfig.getKeyRepresentation(), TOTPKeyRepresentation.BASE32); + } + + @Test + public void testGetTimeWindowFromTime() { + Assert.assertEquals(totpAuthenticatorConfig.getTimeStepSizeInMillis(), TimeUnit.SECONDS.toMillis(30)); + } + + @Test(expectedExceptions = IllegalArgumentException.class) + public void testSetWindowSize() { + TOTPAuthenticatorConfig.TOTPAuthenticatorConfigBuilder totpAuthenticatorConfigBuilder = new + TOTPAuthenticatorConfig.TOTPAuthenticatorConfigBuilder(); + totpAuthenticatorConfigBuilder.setWindowSize(0); + } + + @Test(expectedExceptions = IllegalArgumentException.class) + public void testSetTimeStepSizeInMillis() { + TOTPAuthenticatorConfig.TOTPAuthenticatorConfigBuilder totpAuthenticatorConfigBuilder = new + TOTPAuthenticatorConfig.TOTPAuthenticatorConfigBuilder(); + totpAuthenticatorConfigBuilder.setTimeStepSizeInMillis(0); + } + + @Test(expectedExceptions = IllegalArgumentException.class) + public void testSetKeyRepresentation() { + TOTPAuthenticatorConfig.TOTPAuthenticatorConfigBuilder totpAuthenticatorConfigBuilder = new + TOTPAuthenticatorConfig.TOTPAuthenticatorConfigBuilder(); + totpAuthenticatorConfigBuilder.setKeyRepresentation(null); + } + +} diff --git a/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtilTest.java b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtilTest.java new file mode 100644 index 000000000..8af7704bc --- /dev/null +++ b/component/authenticator/src/test/java/org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtilTest.java @@ -0,0 +1,379 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.wso2.carbon.identity.application.authenticator.totp.util; + +import org.mockito.Mock; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.testng.PowerMockObjectFactory; +import org.powermock.reflect.Whitebox; +import org.testng.Assert; +import org.testng.IObjectFactory; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.ObjectFactory; +import org.testng.annotations.Test; +import org.wso2.carbon.extension.identity.helper.IdentityHelperConstants; +import org.wso2.carbon.extension.identity.helper.util.IdentityHelperUtil; +import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade; +import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder; +import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig; +import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext; +import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException; +import org.wso2.carbon.identity.application.authenticator.totp.TOTPAuthenticatorConstants; +import org.wso2.carbon.identity.core.util.IdentityTenantUtil; +import org.wso2.carbon.user.core.service.RealmService; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import static org.mockito.Matchers.anyString; +import static org.mockito.MockitoAnnotations.initMocks; +import static org.powermock.api.mockito.PowerMockito.*; + +@PrepareForTest({FileBasedConfigurationBuilder.class, IdentityHelperUtil.class, ConfigurationFacade.class, + IdentityTenantUtil.class}) +public class TOTPUtilTest { + private TOTPUtil totpUtil; + AuthenticationContext authenticationContext; + @Mock + private FileBasedConfigurationBuilder fileBasedConfigurationBuilder; + + @Mock + private ConfigurationFacade configurationFacade; + + @Mock + private HttpServletRequest httpServletRequest; + + @Mock + private HttpServletResponse httpServletResponse; + + @Mock + private AuthenticationContext context; + + @Mock + private RealmService realmService; + + @Mock + private IdentityHelperUtil identityHelperUtil; + + @BeforeMethod + public void setUp() { + totpUtil = new TOTPUtil(); + initMocks(this); + mockStatic(FileBasedConfigurationBuilder.class); + mockStatic(IdentityHelperUtil.class); + mockStatic(ConfigurationFacade.class); + mockStatic(IdentityTenantUtil.class); + mockStatic(IdentityHelperUtil.class); + } + + @Test + public void testGetTOTPParameters() throws Exception { + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL, + "totpauthenticationendpoint/custom/totp.jsp"); + when(FileBasedConfigurationBuilder.getInstance()).thenReturn(fileBasedConfigurationBuilder); + + //test with empty parameters map. + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + Assert.assertNull(Whitebox.invokeMethod(totpUtil, "getTOTPParameters")); + + //test with non-empty parameters map. + authenticatorConfig.setParameterMap(parameters); + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + Assert.assertEquals(Whitebox.invokeMethod(totpUtil, "getTOTPParameters"), parameters); + + } + + @Test + public void testGetLoginPageFromXMLFile() throws Exception { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + authenticationContext.setProperty(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL, "totpauthenticationendpoint/custom/totp.jsp"); + Assert.assertEquals(TOTPUtil.getLoginPageFromXMLFile(authenticationContext, TOTPAuthenticatorConstants.AUTHENTICATOR_NAME), "totpauthenticationendpoint/custom/totp.jsp"); + } + + @Test(description = "getLoginPage from local file.") + public void testGetLoginPage() throws Exception { + AuthenticationContext authenticationContext = new AuthenticationContext(); + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + Map parameters = new HashMap<>(); + authenticationContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + authenticationContext.setProperty(IdentityHelperConstants.GET_PROPERTY_FROM_REGISTRY, + IdentityHelperConstants.GET_PROPERTY_FROM_REGISTRY); + parameters.put(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL, + "totpauthenticationendpoint/custom/totp.jsp"); + when(FileBasedConfigurationBuilder.getInstance()).thenReturn(fileBasedConfigurationBuilder); + authenticatorConfig.setParameterMap(parameters); + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + + Assert.assertEquals(TOTPUtil.getLoginPageFromXMLFile(authenticationContext, TOTPAuthenticatorConstants.AUTHENTICATOR_NAME), "totpauthenticationendpoint/custom/totp.jsp"); + } + + @Test(description = "Test case for getErrorPageFromXMLFile(): getErrorPage from registry file.") + public void testGetErrorPageFromXMLFile() throws Exception { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + authenticationContext.setProperty(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ERROR_PAGE_URL, + "totpauthenticationendpoint/custom/error.jsp"); + Assert.assertEquals(TOTPUtil.getErrorPageFromXMLFile(authenticationContext, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME), "totpauthenticationendpoint/custom/error.jsp"); + } + + @Test(description = "Test case for getErrorPageFromXMLFile(): getErrorPage from local file.") + public void testGetErrorPageFromXMLFileForSuperTenant() throws Exception { + AuthenticationContext authenticationContext = new AuthenticationContext(); + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + Map parameters = new HashMap<>(); + authenticationContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + authenticationContext.setProperty(IdentityHelperConstants.GET_PROPERTY_FROM_REGISTRY, + IdentityHelperConstants.GET_PROPERTY_FROM_REGISTRY); + parameters.put(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ERROR_PAGE_URL, + "totpauthenticationendpoint/custom/error.jsp"); + authenticatorConfig.setParameterMap(parameters); + when(FileBasedConfigurationBuilder.getInstance()).thenReturn(fileBasedConfigurationBuilder); + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + + Assert.assertEquals(TOTPUtil.getErrorPageFromXMLFile(authenticationContext, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME), "totpauthenticationendpoint/custom/error.jsp"); + } + + @Test(description = "Test case for getEnableTOTPPageFromXMLFile(): getEnableTOTPPage from registry file.") + public void testGetEnableTOTPPageFromRgistry() throws Exception { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + authenticationContext.setProperty(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL, + TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + Assert.assertEquals(Whitebox.invokeMethod(totpUtil, "getEnableTOTPPage", + authenticationContext), TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + } + + @Test(description = "Test case for getEnableTOTPPageFromXMLFile(): getEnableTOTPPage from registry file.") + public void testGetEnableTOTPPageFromXMLFile() throws Exception { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + when(ConfigurationFacade.getInstance()).thenReturn(configurationFacade); + when(configurationFacade.getAuthenticationEndpointURL()). + thenReturn(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + Assert.assertEquals(Whitebox.invokeMethod(totpUtil, "getEnableTOTPPage", + authenticationContext), TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + } + + @Test(description = "TOTPAuthenticator:getEnableTOTPPage() test for get the enableTOTPPage url from authentication.xml file.") + public void testGetEnableTOTPPage() throws Exception { + AuthenticationContext authenticationContext = new AuthenticationContext(); + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + Map parameters = new HashMap<>(); + authenticationContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + authenticationContext.setProperty(IdentityHelperConstants.GET_PROPERTY_FROM_REGISTRY, + IdentityHelperConstants.GET_PROPERTY_FROM_REGISTRY); + parameters.put(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL, + TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + authenticatorConfig.setParameterMap(parameters); + when(FileBasedConfigurationBuilder.getInstance()).thenReturn(fileBasedConfigurationBuilder); + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + Assert.assertEquals(Whitebox.invokeMethod(totpUtil, "getEnableTOTPPage", + authenticationContext), TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + } + + @Test(description = "Test case for getTimeStepSize with super tenant use case") + public void testGetTimeStepSizeForTenant() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + authenticationContext.setProperty(TOTPAuthenticatorConstants.TIME_STEP_SIZE, 30); + Assert.assertEquals(TOTPUtil.getTimeStepSize(authenticationContext), 30); + } + + @Test(description = "Test case for getTimeStepSize with super tenant use case") + public void testGetTimeStepSizeForSuperTenant() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.TIME_STEP_SIZE, "60"); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + Assert.assertEquals(TOTPUtil.getTimeStepSize(authenticationContext), 60); + } + + @Test(description = "Test case for getTimeStepSize from identityConfig") + public void testGetTimeStepSize() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, + TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.TIME_STEP_SIZE, "60"); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + Assert.assertEquals(TOTPUtil.getTimeStepSize(authenticationContext), 60); + } + + @Test(description = "Test case for getWindowSize with tenant use case") + public void testGetWindowSizeForTenant() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + authenticationContext.setProperty(TOTPAuthenticatorConstants.WINDOW_SIZE, + 3); + Assert.assertEquals(TOTPUtil.getWindowSize(authenticationContext), 3); + } + + @Test(description = "Test case for getWindowSize with super tenant use case") + public void testGetWindowSizeForSuperTenant() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.WINDOW_SIZE, "5"); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + Assert.assertEquals(TOTPUtil.getWindowSize(authenticationContext), 5); + } + + @Test(description = "Test case for getWindowSize from identityConfig") + public void testGetWindowSizeFromIdentityConfig() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, + TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.WINDOW_SIZE, "5"); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + Assert.assertEquals(TOTPUtil.getWindowSize(authenticationContext), 5); + } + + @Test + public void testRedirectToEnableTOTPReqPage() throws AuthenticationFailedException { + AuthenticationContext authenticationContext = new AuthenticationContext(); + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + Map parameters = new HashMap<>(); + authenticationContext.setTenantDomain(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN); + authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, null); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + parameters.put(TOTPAuthenticatorConstants.ENROL_USER_IN_AUTHENTICATIONFLOW, "true"); + parameters.put(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL, + "totpauthenticationendpoint/custom/totp.jsp"); + parameters.put(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL, + TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + authenticatorConfig.setParameterMap(parameters); + when(FileBasedConfigurationBuilder.getInstance()).thenReturn(fileBasedConfigurationBuilder); + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + when(ConfigurationFacade.getInstance()).thenReturn(configurationFacade); + when(configurationFacade.getAuthenticationEndpointURL()).thenReturn(TOTPAuthenticatorConstants.LOGIN_PAGE); + TOTPUtil.redirectToEnableTOTPReqPage(httpServletResponse, authenticationContext, + TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL); + } + + @Test(expectedExceptions = {AuthenticationFailedException.class}) + public void testRedirectToEnableTOTPReqPageForTenant() throws AuthenticationFailedException { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, null); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + authenticationContext.setProperty(TOTPAuthenticatorConstants.ENROL_USER_IN_AUTHENTICATIONFLOW, "false"); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.ENROL_USER_IN_AUTHENTICATIONFLOW, "true"); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + TOTPUtil.redirectToEnableTOTPReqPage(httpServletResponse, authenticationContext, + TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL); + } + + @Test() + public void testRedirectToEnableTOTPReqPageForSuperTenantEntrol() throws AuthenticationFailedException, IOException { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setTenantDomain("wso2.org"); + authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, null); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATION, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + authenticationContext.setProperty(TOTPAuthenticatorConstants.ENROL_USER_IN_AUTHENTICATIONFLOW, "true"); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.ENROL_USER_IN_AUTHENTICATIONFLOW, "true"); + parameters.put(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL, + TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + authenticatorConfig.setParameterMap(parameters); + when(ConfigurationFacade.getInstance()).thenReturn(configurationFacade); + when(configurationFacade.getAuthenticationEndpointURL()).thenReturn(TOTPAuthenticatorConstants.LOGIN_PAGE); + doNothing().when(httpServletResponse).sendRedirect(anyString()); + TOTPUtil.redirectToEnableTOTPReqPage(httpServletResponse, authenticationContext, + TOTPAuthenticatorConstants.QR_CODE_CLAIM_URL); + } + + @Test(description = "Test case for getEncodingMethod() for super tenant user") + public void testGetEncodingMethodWithContex() throws AuthenticationFailedException { + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.ENCODING_METHOD, + TOTPAuthenticatorConstants.BASE64); + when(FileBasedConfigurationBuilder.getInstance()).thenReturn(fileBasedConfigurationBuilder); + authenticatorConfig.setParameterMap(parameters); + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + Assert.assertEquals(TOTPUtil.getEncodingMethod(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN, context), + TOTPAuthenticatorConstants.BASE64); + } + + @Test(description = "Test case for getEncodingMethod() for tenant user from local file.") + public void testGetEncodingMethodFromRLocalFile() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + authenticationContext.setProperty(TOTPAuthenticatorConstants.ENCODING_METHOD, + TOTPAuthenticatorConstants.BASE32); + Assert.assertEquals(TOTPUtil.getEncodingMethod("wso2.org", authenticationContext), + TOTPAuthenticatorConstants.BASE32); + } + + @Test(description = "Test case for getEncodingMethod() for tenant user from registry.") + public void testGetEncodingMethodFromRegistry() { + AuthenticationContext authenticationContext = new AuthenticationContext(); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.ENCODING_METHOD, + TOTPAuthenticatorConstants.BASE32); + when(IdentityHelperUtil.getAuthenticatorParameters(anyString())).thenReturn(parameters); + authenticationContext.setProperty(TOTPAuthenticatorConstants.AUTHENTICATOR_NAME, + TOTPAuthenticatorConstants.AUTHENTICATOR_NAME); + authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, + TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG); + Assert.assertEquals(TOTPUtil.getEncodingMethod("wso2.org", authenticationContext), + TOTPAuthenticatorConstants.BASE32); + } + + @Test(description = "Test case for getEncodingMethod() for super tenant user") + public void testGetEncodingMethod() throws AuthenticationFailedException { + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + Map parameters = new HashMap<>(); + parameters.put(TOTPAuthenticatorConstants.ENCODING_METHOD, + TOTPAuthenticatorConstants.BASE64); + when(FileBasedConfigurationBuilder.getInstance()).thenReturn(fileBasedConfigurationBuilder); + authenticatorConfig.setParameterMap(parameters); + when(fileBasedConfigurationBuilder.getAuthenticatorBean(anyString())).thenReturn(authenticatorConfig); + Assert.assertEquals(TOTPUtil.getEncodingMethod(TOTPAuthenticatorConstants.SUPER_TENANT_DOMAIN), + TOTPAuthenticatorConstants.BASE64); + } + + @ObjectFactory + public IObjectFactory getObjectFactory() { + return new PowerMockObjectFactory(); + } +} diff --git a/component/authenticator/src/test/resources/testng.xml b/component/authenticator/src/test/resources/testng.xml new file mode 100644 index 000000000..525d09e16 --- /dev/null +++ b/component/authenticator/src/test/resources/testng.xml @@ -0,0 +1,30 @@ + + + + + + + + + + + + + + diff --git a/pom.xml b/pom.xml index a5ee63908..7749cc90f 100644 --- a/pom.xml +++ b/pom.xml @@ -110,699 +110,61 @@ - - - org.eclipse.osgi - org.eclipse.osgi - ${version.equinox.osgi} - - - org.wso2.carbon - javax.cache.wso2 - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.user.core - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.registry.core - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.core.services - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.logging - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.server.admin - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.core - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.core.common - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.user.api - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.utils - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.ui - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.ui.menu.tools - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.ndatasource.core - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.ndatasource.rdbms - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.authenticator.proxy - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.base - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.authenticator.stub - ${carbon.kernel.version} - - - org.wso2.carbon - org.wso2.carbon.core.ui - ${carbon.kernel.version} - - - org.apache.neethi.wso2 - neethi - ${neethi.osgi.version} - - - org.apache.axis2.wso2 - axis2 - ${axis2.wso2.version} - - - org.apache.axis2.wso2 - axis2-client - ${axis2.wso2.version} - - - org.apache.axis2.transport - axis2-transport-mail - ${axis2-transports.version} - - - org.apache.ws.commons.axiom.wso2 - axiom - ${axiom.wso2.version} - - - org.apache.rampart.wso2 - rampart-core - ${rampart.wso2.version} - - - org.apache.rampart.wso2 - rampart-policy - ${rampart.wso2.version} - - - org.apache.rampart.wso2 - rampart-trust - ${rampart.wso2.version} - - - org.apache.ws.security.wso2 - wss4j - ${wss4j.version} - - - org.wso2.charon - org.wso2.charon.core - ${charon.wso2.version.identity} - - - org.wso2.charon - org.wso2.charon.utils - ${charon.wso2.version.identity} - - - opensaml.wso2 - opensaml - ${opensaml.wso2.version} - - - org.wso2.balana - org.wso2.balana - ${balana.version} - - - com.google.gdata.wso2 - gdata-core - ${gdata-core.wso2.version} - - - org.igniterealtime.smack.wso2 - smack - ${smack.wso2.version} - - - org.igniterealtime.smack.wso2 - smackx - ${smackx.wso2.version} - - - libthrift.wso2 - libthrift - ${libthrift.wso2.version} - - - org.wso2.carbon.identity - org.wso2.carbon.user.mgt.common - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.sso.agent - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.user.mgt - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.user.mgt.stub - ${carbon.identity.version} + commons-io.wso2 + commons-io + ${commons-io.wso2.version} org.wso2.carbon.identity - org.wso2.carbon.user.mgt.ui + org.wso2.carbon.identity.totp ${carbon.identity.version} - - org.apache.cxf.wso2 - cxf-bundle - ${cxf-bundle.wso2.version} - - - org.wso2.securevault - org.wso2.securevault - ${org.wso2.securevault.version} - - - org.wso2.orbit.org.apache.directory - apacheds - ${orbit.version.apacheds} - - - org.apache.directory.shared - shared-ldap-schema - ${version.apacheds.shared.ldap} - - - log4j - log4j - ${log4j.version} - - - xerces.wso2 - xercesImpl - ${xercesImpl.version} - - - commons-fileupload.wso2 - commons-fileupload - ${commons-fileupload.wso2.version} - org.wso2.carbon.identity - org.wso2.carbon.security.mgt.stub + org.wso2.carbon.identity.mgt ${carbon.identity.version} + junit junit - test ${junit.version} - - au.com.bytecode.opencsv.wso2 - opencsv - ${opencsv.wso2.version} - - - org.apache.poi.wso2 - poi-scratchpad - ${apache.poi.wso2.version} - - - org.apache.poi.wso2 - poi-ooxml - ${apache.poi.wso2.version} - - - org.apache.ws.commons.axiom - axiom-api - ${axiom.version} - - - wsdl4j.wso2 - wsdl4j - ${wsdl4j.wso2.version} - - - org.apache.ws.commons.schema.wso2 - XmlSchema - ${orbit.version.xmlschema} - - - commons-logging - commons-logging - ${commons-logging.version} - - - opensaml.wso2 - opensaml2 - ${opensaml2.wso2.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.authenticator.saml2.sso.common - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.authenticator.saml2.sso.stub - ${carbon.identity.version} - - - org.wso2.carbon.commons - org.wso2.carbon.wsdl2form - ${carbon.commons.version} - - - org.wso2.carbon.identity - org.wso2.carbon.directory.server.manager.common - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.directory.server.manager - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.directory.server.manager.stub - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.directory.server.manager.ui - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.base - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.core - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.core.server.feature - ${carbon.identity.version} - zip - - - org.wso2.carbon.identity - org.wso2.carbon.identity.core.ui.feature - ${carbon.identity.version} - zip - - - org.wso2.carbon.identity - org.wso2.carbon.idp.mgt - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.application.common - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.notification.mgt - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.notification.mgt.email - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.notification.mgt.json - ${carbon.identity.version} - - - kaptcha.wso2 - kaptcha - ${kaptcha.wso2.version} - - - com.google.code - kaptcha - - - - - org.wso2.carbon.identity - org.wso2.carbon.identity.provider - ${carbon.identity.version} - - - org.apache.ws.commons.axiom - axiom-impl - ${axiom.version} - - - org.apache.ws.commons.axiom - axiom-dom - ${axiom.version} - - - commons-httpclient.wso2 - commons-httpclient - ${commons-httpclient.wso2.version} - - - commons-io.wso2 - commons-io - ${commons-io.wso2.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.provisioning - ${carbon.identity.version} - - - org.openspml - openspml2 - ${openspml.version} - - - commons-lang.wso2 - commons-lang - ${commons-lang.wso2.version} - - - commons-codec.wso2 - commons-codec - ${commons-codec.wso2.version} - - - commons-codec - commons-codec - ${commons-codec.version} - - - commons-collections.wso2 - commons-collections - ${commons-collections.version} - - - org.apache.httpcomponents.wso2 - httpcore - ${httpcore.version} - + org.testng testng ${testng.version} - org.wso2.carbon.identity - org.wso2.carbon.identity.application.authentication.framework - ${carbon.identity.version} + org.jacoco + org.jacoco.agent + runtime + ${jacoco.version} + - org.wso2.carbon.identity - org.wso2.carbon.identity.tools.saml.validator - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.tools.saml.validator.ui - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.tools.saml.validator.stub - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.mgt.stub - ${carbon.identity.version} - - - org.openid4java - openid4java - ${openid4java.version} - - - org.wso2.orbit.org.openid4java - openid4java - ${openid4java.wso2.version} - - - com.google.step2.wso2 - step2 - ${google.step2.wso2.version} - - - com.google.guice.wso2 - guice - ${google.guice.wso2.version} - - - org.wso2.orbit.org.apache.httpcomponents - httpclient - ${httpcomponents-httpclient.wso2.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.entitlement.common - ${carbon.identity.version} - - - javax.servlet - javax.servlet-api - ${javax.servlet-api.version} - - - com.google.code.gson - gson - ${com.google.code.gson.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.sso.saml.stub - ${carbon.identity.version} - - - org.wso2.orbit.org.apache.oltu.oauth2 - oltu - ${oltu.version} - - - com.thetransactioncompany.wso2 - cors-filter - ${thetransactioncompany.cors-filter.wso2.version} - - - com.thetransactioncompany.wso2 - java-property-utils - ${thetransactioncompany.utils.wso2.version} - - - javax.ws.rs - jsr311-api - ${jsr311-api.version} - provided - - - org.eclipse.equinox - javax.servlet - ${version.javax.servlet} - - - org.opensaml - opensaml - ${opensaml.version} - - - javax.servlet - servlet-api - ${servlet-api.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.user.store.configuration.stub - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.user.store.configuration - ${carbon.identity.version} - - - org.wso2.carbon.commons - org.wso2.carbon.tenant.common - ${carbon.commons.version} - - - org.wso2.carbon.identity - org.wso2.carbon.idp.mgt.stub - ${carbon.identity.version} + org.powermock + powermock-module-testng + ${powermock.version} + test - org.slf4j - slf4j-log4j12 - ${org.slf4j.verison} + org.powermock + powermock-api-mockito + ${powermock.version} + test org.slf4j slf4j-api - ${org.slf4j.verison} - - - backport-util-concurrent.wso2 - backport-util-concurrent - ${orbit.version.backport.util} - - - org.hectorclient.wso2 - hector-core - ${hector-core.wso2.version} - - - org.wso2.carbon.identity - org.wso2.carbon.captcha.mgt - ${carbon.captcha.mgt.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.application.authentication.endpoint.util - ${carbon.identity.version} - - - org.wso2.orbit.org.owasp.encoder - encoder - ${encoder.wso2.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.totp - ${carbon.identity.version} - - - org.wso2.carbon - org.wso2.carbon.tomcat - 4.2.0 - - - org.wso2.carbon.identity - org.wso2.carbon.claim.mgt - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.core.ui - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.user.profile - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.application.mgt - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.mgt - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.mgt.ui - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.sts.store - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.application.authentication.endpoint - ${carbon.identity.version} - war - - - javax.servlet - jstl - ${javax.servelet.jstl.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.user.registration.stub - ${carbon.identity.version} - - - org.wso2.carbon.identity - org.wso2.carbon.identity.application.authenticator.fido - ${carbon.identity.version} - - - org.apache.oltu.oauth2 - org.apache.oltu.oauth2.client - ${org.apache.oltu.oauth2.client.version} - - - net.sf.ehcache.wso2 - ehcache - ${ehcache.version} + test + ${slf4j.api.version} - UTF-8 - 4.4.3 [4.4.0, 5.0.0) [1.0.1, 2.0.0) @@ -870,7 +232,6 @@ 1.0.1 2.8.1.wso2v2 3.0.3.wso2v2 - 4.11 3.0.0.v201112011016 1.0.0.wso2v3 1.0.0 @@ -1001,6 +362,14 @@ 1.5.0.wso2v3 my-scm-server 1.0.5 + + + 4.12 + 6.9.10 + 0.7.9 + 1.6.5 + 1.7.12 + 2.18.1