Skip to content

Commit

Permalink
Merge branch 'master' into merge-enable-tenant-qualified-url
Browse files Browse the repository at this point in the history
  • Loading branch information
@Thisara-Welmilla
Thisara-Welmilla committed Oct 20, 2023
2 parents 42c3aed + f421102 commit c9dfbba
Show file tree
Hide file tree
Showing 8 changed files with 45 additions and 149 deletions.
8 changes: 8 additions & 0 deletions modules/api-resources/api-resources-full/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -501,5 +501,13 @@
<groupId>org.wso2.carbon.identity.server.api</groupId>
<artifactId>org.wso2.carbon.identity.api.server.organization.configs.common</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.server.api</groupId>
<artifactId>org.wso2.carbon.identity.api.server.organization.selfservice.v1</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.server.api</groupId>
<artifactId>org.wso2.carbon.identity.api.server.organization.selfservice.common</artifactId>
</dependency>
</dependencies>
</project>
2 changes: 2 additions & 0 deletions modules/api-resources/api-resources-full/src/main/webapp/WEB-INF/beans.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@
<import resource="classpath:META-INF/cxf/rfc-server-v1-cxf.xml"/>
<import resource="classpath:META-INF/cxf/organization-user-invitation-mgt-v1-cxf.xml"/>
<import resource="classpath:META-INF/cxf/organization-configs-server-v1-cxf.xml"/>
<import resource="classpath:META-INF/cxf/self-service-mgt-v1-cxf.xml"/>

<!-- Legacy identity APIs -->
<import resource="classpath:META-INF/cxf/config-mgt-server-v1-cxf.xml"/>
Expand Down Expand Up @@ -123,6 +124,7 @@
<bean class="org.wso2.carbon.identity.api.expired.password.identification.v1.PasswordExpiredUsersApi"/>
<bean class="org.wso2.carbon.identity.api.server.api.resource.v1.ApiResourcesApi"/>
<bean class="org.wso2.carbon.identity.api.server.api.resource.v1.ScopesApi"/>
<bean class="org.wso2.carbon.identity.api.server.organization.selfservice.v1.SelfServiceApi"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
<bean class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider">
Expand Down
10 changes: 10 additions & 0 deletions modules/api-resources/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -495,6 +495,16 @@
<artifactId>org.wso2.carbon.identity.api.server.organization.configs.common</artifactId>
<version>${identity.server.api.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.server.api</groupId>
<artifactId>org.wso2.carbon.identity.api.server.organization.selfservice.v1</artifactId>
<version>${identity.server.api.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.server.api</groupId>
<artifactId>org.wso2.carbon.identity.api.server.organization.selfservice.common</artifactId>
<version>${identity.server.api.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.server.api</groupId>
<artifactId>org.wso2.carbon.identity.api.expired.password.identification.v1</artifactId>
Expand Down
148 changes: 12 additions & 136 deletions ...test/java/org/wso2/identity/integration/test/identity/mgt/AccountLockEnabledTestCase.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,31 +25,22 @@
import org.json.simple.JSONObject;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment;
import org.wso2.carbon.automation.engine.annotations.SetEnvironment;
import org.wso2.carbon.automation.test.utils.common.TestConfigurationProvider;
import org.wso2.carbon.automation.test.utils.dbutils.H2DataBaseManager;
import org.wso2.carbon.integration.common.utils.mgt.ServerConfigurationManager;
import org.wso2.identity.integration.common.utils.ISIntegrationTest;
import org.wso2.identity.integration.test.rest.api.server.identity.governance.v1.dto.ConnectorsPatchReq;
import org.wso2.identity.integration.test.rest.api.server.identity.governance.v1.dto.ConnectorsPatchReq.OperationEnum;
import org.wso2.identity.integration.test.rest.api.server.identity.governance.v1.dto.PropertyReq;
import org.wso2.identity.integration.test.rest.api.server.user.store.v1.model.UserStoreReq;
import org.wso2.identity.integration.test.rest.api.user.common.model.ListObject;
import org.wso2.identity.integration.test.rest.api.user.common.model.PatchOperationRequestObject;
import org.wso2.identity.integration.test.rest.api.user.common.model.RoleItemAddGroupobj;
import org.wso2.identity.integration.test.rest.api.user.common.model.RoleRequestObject;
import org.wso2.identity.integration.test.rest.api.user.common.model.UserObject;
import org.wso2.identity.integration.test.restclients.AuthenticatorRestClient;
import org.wso2.identity.integration.test.restclients.EmailTemplatesRestClient;
import org.wso2.identity.integration.test.restclients.IdentityGovernanceRestClient;
import org.wso2.identity.integration.test.restclients.SCIM2RestClient;
import org.wso2.identity.integration.test.restclients.UserStoreMgtRestClient;

import java.io.File;
import java.io.IOException;

public class AccountLockEnabledTestCase extends ISIntegrationTest {

Expand All @@ -62,17 +53,7 @@ public class AccountLockEnabledTestCase extends ISIntegrationTest {
private static final String TEST_LOCK_USER_2_PASSWORD = "TestLockUser2Password";
private static final String TEST_LOCK_USER_3 = "TestLockUser3";
private static final String TEST_LOCK_USER_3_PASSWORD = "TestLockUser3Password";
private static final String USER_STORE_DB_NAME = "SECONDARY_USER_STORE_DB";
private static final String USER_STORE_TYPE = "VW5pcXVlSURKREJDVXNlclN0b3JlTWFuYWdlcg";
private static final String DB_USER_NAME = "wso2automation";
private static final String DB_USER_PASSWORD = "wso2automation";
private static final String DOMAIN_ID = "WSO2TEST.COM";
private static final String TEST_LOCK_USER_SECONDARY = "TestLockUserSecondary";
private static final String TEST_LOCK_USER_SECONDARY_PASSWORD = "TestLockUserSecondaryPassword";
private static final String TEST_LOCK_USER_SECONDARY_WRONG_PASSWORD = "TestLockUserSecondaryWrongPassword";
private static final String PRIMARY_USER_ROLE = "PRIMARY_USER_ROLE";
private static final String SECONDARY_USER_ROLE = "SECONDARY_USER_ROLE";
private static final String PERMISSION_LOGIN = "/permission/admin/login";

private static final String ACCOUNT_LOCK_TEMPLATE_WHEN_USER_EXCEEDS_FAILED_ATTEMPTS = "accountlockfailedattempt";
private static final String ACCOUNT_LOCK_TEMPLATE_WHEN_ADMIN_TRIGGERED = "accountlockadmin";
private static final String ACCOUNT_UNLOCK_TEMPLATE_ADMIN_TRIGGERED = "accountunlockadmin";
Expand All @@ -91,70 +72,43 @@ public class AccountLockEnabledTestCase extends ISIntegrationTest {
private EmailTemplatesRestClient emailTemplatesRestClient;
private IdentityGovernanceRestClient identityGovernanceRestClient;
private ConnectorsPatchReq connectorPatchRequest;
private UserStoreMgtRestClient userStoreMgtRestClient;


private String testLockUserId;
private String testLockUser2Id;
private String testLockUser3Id;
private String testLockRoleId;
private String userStoreId;

@DataProvider(name = "userDetailsProvider")
public Object[][] getUserDetails() {
return new Object[][]{
{TEST_LOCK_USER_1, TEST_LOCK_USER_1_PASSWORD, TEST_LOCK_USER_1_WRONG_PASSWORD, false},
{TEST_LOCK_USER_SECONDARY, TEST_LOCK_USER_SECONDARY_PASSWORD, TEST_LOCK_USER_SECONDARY_WRONG_PASSWORD, true}
};
}

@SetEnvironment(executionEnvironments = {ExecutionEnvironment.ALL})
@BeforeClass(alwaysRun = true)
public void testInit() throws Exception {
super.init();
userStoreMgtRestClient = new UserStoreMgtRestClient(serverURL, tenantInfo);
addSecondaryJDBCUserStore();
authenticatorRestClient = new AuthenticatorRestClient(serverURL);
enableAccountLocking();
scim2RestClient = new SCIM2RestClient(serverURL, tenantInfo);
emailTemplatesRestClient = new EmailTemplatesRestClient(serverURL, tenantInfo);
}

@SetEnvironment(executionEnvironments = {ExecutionEnvironment.ALL})
@Test(groups = "wso2.is", description = "Check whether the user account lock successfully", dataProvider = "userDetailsProvider")
public void testSuccessfulLockedInitially(String username, String password, String wrongPassword,
boolean isSecondaryUserStore) throws IOException {

@Test(groups = "wso2.is", description = "Check whether the user account lock successfully")
public void testSuccessfulLockedInitially() {
try {
addUserIntoJDBCUserStore(username, password, isSecondaryUserStore);
testLockUserId = addAdminUser(TEST_LOCK_USER_1, TEST_LOCK_USER_1_PASSWORD, null);

int maximumAllowedFailedLogins = 5;
for (int i = 0; i < maximumAllowedFailedLogins - 1; i++) {
JSONObject response = authenticatorRestClient.login(username, wrongPassword);
for (int i = 0; i < maximumAllowedFailedLogins; i++) {
JSONObject response = authenticatorRestClient.login(TEST_LOCK_USER_1, TEST_LOCK_USER_1_WRONG_PASSWORD);

if (!response.containsKey("token")) {
log.error("Login attempt: " + (i + 1) + " for user: " + username + " failed");
log.error("Login attempt: " + i + " for user: " + TEST_LOCK_USER_1 + " failed");
}
}
// Check whether the user is locked before the maximum allowed failed login attempts.


JSONObject userParameters = (JSONObject) scim2RestClient.getUser(testLockUserId, null).get(USER_SCHEMA);
Assert.assertFalse(Boolean.parseBoolean(String.valueOf(userParameters.get(ACCOUNT_LOCK_ATTRIBUTE))),
"Test Failure : User is Locked before the maximum allowed failed login attempts");

// Check whether the user is locked after the maximum allowed failed login attempts.
JSONObject response = authenticatorRestClient.login(username, wrongPassword);
if (!response.containsKey("token")) {
log.error(
"Login attempt: " + maximumAllowedFailedLogins + " for user: " + username + " failed");
}
userParameters = (JSONObject) scim2RestClient.getUser(testLockUserId, null).get(USER_SCHEMA);
Assert.assertTrue(Boolean.parseBoolean(String.valueOf(userParameters.get(ACCOUNT_LOCK_ATTRIBUTE))),
Assert.assertTrue((Boolean) userParameters.get(ACCOUNT_LOCK_ATTRIBUTE),
"Test Failure : User Account Didn't Locked Properly");
} catch (Exception e) {
log.error("Error occurred when locking the test user.", e);
Assert.fail("Error occurred when locking the test user.");
} finally {
scim2RestClient.deleteUser(testLockUserId);
scim2RestClient.deleteRole(testLockRoleId);
}
}

Expand Down Expand Up @@ -202,14 +156,14 @@ public void testSuccessfulEmailTemplateRetrievalAccountUnLock() throws Exception
@SetEnvironment(executionEnvironments = {ExecutionEnvironment.ALL})
@AfterClass(alwaysRun = true)
public void atEnd() throws Exception {
scim2RestClient.deleteUser(testLockUserId);
scim2RestClient.deleteUser(testLockUser2Id);
scim2RestClient.deleteUser(testLockUser3Id);
disableAccountLocking();
emailTemplatesRestClient.closeHttpClient();
identityGovernanceRestClient.closeHttpClient();
scim2RestClient.closeHttpClient();
authenticatorRestClient.closeHttpClient();
userStoreMgtRestClient.deleteUserStore(userStoreId);
}

protected String getISResourceLocation() {
Expand Down Expand Up @@ -237,30 +191,7 @@ protected void disableAccountLocking() throws Exception {
connectorPatchRequest);
}

private void addUserIntoJDBCUserStore(String username, String password, boolean isSecondaryStoreUser)
throws Exception {

if (isSecondaryStoreUser) {
testLockUserId = scim2RestClient.createUser(new UserObject()
.userName(DOMAIN_ID + "/" + username)
.password(password));
testLockRoleId = scim2RestClient.addRole(new RoleRequestObject()
.displayName(SECONDARY_USER_ROLE)
.addPermissions(PERMISSION_LOGIN)
.addUsers(new ListObject().value(testLockUserId)));
} else {
testLockUserId = scim2RestClient.createUser(new UserObject()
.userName(username)
.password(password));
testLockRoleId = scim2RestClient.addRole(new RoleRequestObject()
.displayName(PRIMARY_USER_ROLE)
.addPermissions(PERMISSION_LOGIN)
.addUsers(new ListObject().value(testLockUserId)));
}
}

protected String addAdminUser(String username, String password, String locale) throws Exception {

UserObject userInfo = new UserObject();
userInfo.setUserName(username);
userInfo.setPassword(password);
Expand All @@ -277,59 +208,4 @@ protected String addAdminUser(String username, String password, String locale) t
scim2RestClient.updateUserRole(new PatchOperationRequestObject().addOperations(patchRoleItem), roleId);
return userId;
}

private void addSecondaryJDBCUserStore() throws Exception {

// Creating database.
H2DataBaseManager dbmanager = new H2DataBaseManager("jdbc:h2:" + ServerConfigurationManager.getCarbonHome()
+ "/repository/database/" + USER_STORE_DB_NAME, DB_USER_NAME, DB_USER_PASSWORD);
dbmanager.executeUpdate(new File(ServerConfigurationManager.getCarbonHome() + "/dbscripts/h2.sql"));
dbmanager.disconnect();

// Register a secondary user store.
UserStoreReq userStore = new UserStoreReq()
.typeId(USER_STORE_TYPE)
.name(DOMAIN_ID)
.addPropertiesItem(new UserStoreReq.Property()
.name("driverName")
.value("org.h2.Driver"))
.addPropertiesItem(new UserStoreReq.Property()
.name("url")
.value("jdbc:h2:./repository/database/" + USER_STORE_DB_NAME))
.addPropertiesItem(new UserStoreReq.Property()
.name("userName")
.value(DB_USER_NAME))
.addPropertiesItem(new UserStoreReq.Property()
.name("password")
.value(DB_USER_PASSWORD))
.addPropertiesItem(new UserStoreReq.Property()
.name("PasswordJavaRegEx")
.value("^[\\S]{5,30}$"))
.addPropertiesItem(new UserStoreReq.Property()
.name("UsernameJavaRegEx")
.value("^[\\S]{5,30}$"))
.addPropertiesItem(new UserStoreReq.Property()
.name("Disabled")
.value("false"))
.addPropertiesItem(new UserStoreReq.Property()
.name("PasswordDigest")
.value("SHA-256"))
.addPropertiesItem(new UserStoreReq.Property()
.name("StoreSaltedPassword")
.value("true"))
.addPropertiesItem(new UserStoreReq.Property()
.name("SCIMEnabled")
.value("true"))
.addPropertiesItem(new UserStoreReq.Property()
.name("CountRetrieverClass")
.value("org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever"))
.addPropertiesItem(new UserStoreReq.Property()
.name("UserIDEnabled")
.value("true"));

userStoreId = userStoreMgtRestClient.addUserStore(userStore);
Thread.sleep(5000);
boolean isSecondaryUserStoreDeployed = userStoreMgtRestClient.waitForUserStoreDeployment(DOMAIN_ID);
Assert.assertTrue(isSecondaryUserStoreDeployed);
}
}
2 changes: 1 addition & 1 deletion ...entity/integration/test/rest/api/server/email/template/v1/EmailTemplatesPositiveTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ public void testGetAllEmailTemplateTypesWithRequiredAttribute() throws Exception
.body(baseIdentifier + "displayName", equalTo("AccountConfirmation"))
.body(baseIdentifier + "templates", notNullValue())
.body(baseIdentifier + "templates.find{ it.id == 'en_US' }." + "subject",
equalTo("WSO2 - Account Confirmation"));
equalTo("Confirm your account"));
}

// Get the list of templates of the default AccountEnable email template type
Expand Down
2 changes: 1 addition & 1 deletion ...ation/test/rest/api/server/organization/management/v1/OrganizationManagementBaseTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ private String createBaseOrg() {
" \"name\": \"ABC Builders\",\n" +
" \"description\": \"Building constructions\",\n" +
" \"type\": \"TENANT\",\n" +
" \"parentId\": \"Super\",\n" +
" \"parentId\": \"10084a8d-113f-4211-a0d5-efe36b082211\",\n" +
" \"attributes\": [\n" +
" {\n" +
" \"key\": \"Country\",\n" +
Expand Down
2 changes: 1 addition & 1 deletion ...on/test/rest/api/server/organization/management/v1/OrganizationManagementSuccessTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ public void createOrganization() throws Exception {

if (OrganizationLevel.SUPER_ORGANIZATION.equals(this.organizationLevel)) {
org = "Level1Org";
parentId = SUPER_ORGANIZATION_NAME;
parentId = SUPER_ORGANIZATION_ID;
} else {
org = "Level2Org";
parentId = subOrganizationId;
Expand Down
Loading

0 comments on commit c9dfbba

Please sign in to comment.