From da2e5b8d745675c76480a2ad191fab62f4d60102 Mon Sep 17 00:00:00 2001 From: Shenali Date: Fri, 6 Sep 2024 14:54:55 +0530 Subject: [PATCH] Update user permission implmentation --- ...ssTokenClientCredentialsGrantTestCase.java | 57 ++++++------------ ...IssueAccessTokenPasswordGrantTestCase.java | 58 ++++++------------- .../OAuth2ServiceAbstractIntegrationTest.java | 1 + 3 files changed, 35 insertions(+), 81 deletions(-) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenClientCredentialsGrantTestCase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenClientCredentialsGrantTestCase.java index 0f26c5ea36..476c4fd523 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenClientCredentialsGrantTestCase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenClientCredentialsGrantTestCase.java @@ -71,7 +71,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.stream.Collectors; import static org.testng.Assert.assertNotNull; import static org.testng.Assert.assertTrue; @@ -96,23 +95,14 @@ public class PreIssueAccessTokenClientCredentialsGrantTestCase extends ActionsBa private static final String EXTERNAL_SERVICE_URI = "http://localhost:8587/test/action"; private static final String PRE_ISSUE_ACCESS_TOKEN_API_PATH = "preIssueAccessToken"; - private static final String CLIENT_CREDENTIALS_GRANT_TYPE = "client_credentials"; private static final String APPLICATION_AUDIENCE = "APPLICATION"; private static final String TEST_ROLE_APPLICATION = "test_role_application"; - private static final String INTERNAL_ACTION_MANAGEMENT_VIEW = "internal_action_mgt_view"; - private static final String INTERNAL_ACTION_MANAGEMENT_CREATE = "internal_action_mgt_create"; - private static final String INTERNAL_ACTION_MANAGEMENT_UPDATE = "internal_action_mgt_update"; - private static final String INTERNAL_ACTION_MANAGEMENT_DELETE = "internal_action_mgt_delete"; private static final String INTERNAL_ORG_USER_MANAGEMENT_LIST = "internal_org_user_mgt_list"; private static final String INTERNAL_ORG_USER_MANAGEMENT_VIEW = "internal_org_user_mgt_view"; private static final String INTERNAL_ORG_USER_MANAGEMENT_CREATE = "internal_org_user_mgt_create"; private static final String INTERNAL_ORG_USER_MANAGEMENT_UPDATE = "internal_org_user_mgt_update"; private static final String INTERNAL_ORG_USER_MANAGEMENT_DELETE = "internal_org_user_mgt_delete"; - private static final String INTERNAL_APPLICATION_MANAGEMENT_VIEW = "internal_application_mgt_view"; - private static final String INTERNAL_APPLICATION_MANAGEMENT_UPDATE = "internal_application_mgt_update"; - private static final String INTERNAL_API_RESOURCE_VIEW = "internal_api_resource_view"; - private static final String INTERNAL_API_RESOURCE_CREATE = "internal_api_resource_create"; private static final String CUSTOM_SCOPE_1 = "test_custom_scope_1"; private static final String CUSTOM_SCOPE_2 = "test_custom_scope_2"; private static final String CUSTOM_SCOPE_3 = "test_custom_scope_3"; @@ -127,11 +117,9 @@ public class PreIssueAccessTokenClientCredentialsGrantTestCase extends ActionsBa private static final String API_RESOURCE_MANAGEMENT_API = "/api/server/v1/api-resources"; private static final String MOCK_SERVER_ENDPOINT = "/test/action"; - private Lookup cookieSpecRegistry; - private RequestConfig requestConfig; + private List permissions = new ArrayList<>(); private CloseableHttpClient client; private SCIM2RestClient scim2RestClient; - private List customScopes; private String accessToken; private String clientId; private String clientSecret; @@ -152,10 +140,10 @@ public void testInit() throws Exception { super.init(TestUserMode.TENANT_USER); - cookieSpecRegistry = RegistryBuilder.create() + Lookup cookieSpecRegistry = RegistryBuilder.create() .register(CookieSpecs.DEFAULT, new RFC6265CookieSpecProvider()) .build(); - requestConfig = RequestConfig.custom() + RequestConfig requestConfig = RequestConfig.custom() .setCookieSpec(CookieSpecs.DEFAULT) .build(); client = HttpClientBuilder.create() @@ -171,9 +159,10 @@ protected boolean isRedirectable(String method) { scim2RestClient = new SCIM2RestClient(serverURL, tenantInfo); - customScopes = Arrays.asList(CUSTOM_SCOPE_1, CUSTOM_SCOPE_2, CUSTOM_SCOPE_3); + List customScopes = Arrays.asList(CUSTOM_SCOPE_1, CUSTOM_SCOPE_2, CUSTOM_SCOPE_3); - ApplicationResponseModel application = addApplicationWithGrantType(CLIENT_CREDENTIALS_GRANT_TYPE); + ApplicationResponseModel application = addApplicationWithGrantType( + OAuth2Constant.OAUTH2_GRANT_TYPE_CLIENT_CREDENTIALS); applicationId = application.getId(); OpenIDConnectConfiguration oidcConfig = getOIDCInboundDetailsOfApplication(applicationId); clientId = oidcConfig.getClientId(); @@ -214,20 +203,7 @@ public void testGetAccessTokenWithClientCredentialsGrant() throws Exception { List parameters = new ArrayList<>(); parameters.add(new BasicNameValuePair("grant_type", OAuth2Constant.OAUTH2_GRANT_TYPE_CLIENT_CREDENTIALS)); - List permissions = new ArrayList<>(); - Collections.addAll(permissions, - INTERNAL_ORG_USER_MANAGEMENT_LIST, - INTERNAL_ORG_USER_MANAGEMENT_VIEW, - INTERNAL_ORG_USER_MANAGEMENT_CREATE, - INTERNAL_ORG_USER_MANAGEMENT_UPDATE, - INTERNAL_ORG_USER_MANAGEMENT_DELETE - ); - permissions.addAll(customScopes); - - String scopes = permissions.stream() - .map(String::toLowerCase) - .collect(Collectors.joining(" ")); - parameters.add(new BasicNameValuePair("scope", scopes)); + parameters.add(new BasicNameValuePair("scope", String.join(" ", permissions))); List
headers = new ArrayList<>(); headers.add(new BasicHeader(AUTHORIZATION_HEADER, OAuth2Constant.BASIC_HEADER + " " + @@ -373,9 +349,9 @@ private JWTClaimsSet extractJwtClaims(String jwtToken) throws ParseException { */ private void addUserWithRole(String appID, List customScopes) throws Exception { // Creates roles - List permissions = addPermissions(customScopes); + List userPermissions = addPermissions(customScopes); Audience roleAudience = new Audience(APPLICATION_AUDIENCE, appID); - RoleV2 role = new RoleV2(roleAudience, TEST_ROLE_APPLICATION, permissions, Collections.emptyList()); + RoleV2 role = new RoleV2(roleAudience, TEST_ROLE_APPLICATION, userPermissions, Collections.emptyList()); roleId = addRole(role); // Creates user @@ -403,14 +379,15 @@ private void addUserWithRole(String appID, List customScopes) throws Exc private List addPermissions(List customScopes) { List userPermissions = new ArrayList<>(); - Collections.addAll(userPermissions, - new Permission(INTERNAL_ORG_USER_MANAGEMENT_LIST), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_VIEW), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_CREATE), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_UPDATE), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_DELETE) + Collections.addAll(permissions, + INTERNAL_ORG_USER_MANAGEMENT_CREATE, + INTERNAL_ORG_USER_MANAGEMENT_LIST, + INTERNAL_ORG_USER_MANAGEMENT_VIEW, + INTERNAL_ORG_USER_MANAGEMENT_UPDATE, + INTERNAL_ORG_USER_MANAGEMENT_DELETE ); - customScopes.forEach(scope -> userPermissions.add(new Permission(scope))); + permissions.addAll(customScopes); + permissions.forEach(permission -> userPermissions.add(new Permission(permission))); return userPermissions; } diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java index 10b7f3273a..e266c287ff 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java @@ -71,7 +71,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.stream.Collectors; import static org.testng.Assert.assertNotNull; import static org.testng.Assert.assertTrue; @@ -99,20 +98,11 @@ public class PreIssueAccessTokenPasswordGrantTestCase extends ActionsBaseTestCas private static final String PASSWORD_GRANT_TYPE = "password"; private static final String APPLICATION_AUDIENCE = "APPLICATION"; private static final String TEST_ROLE_APPLICATION = "test_role_application"; - - private static final String INTERNAL_ACTION_MANAGEMENT_VIEW = "internal_action_mgt_view"; - private static final String INTERNAL_ACTION_MANAGEMENT_CREATE = "internal_action_mgt_create"; - private static final String INTERNAL_ACTION_MANAGEMENT_UPDATE = "internal_action_mgt_update"; - private static final String INTERNAL_ACTION_MANAGEMENT_DELETE = "internal_action_mgt_delete"; private static final String INTERNAL_ORG_USER_MANAGEMENT_LIST = "internal_org_user_mgt_list"; private static final String INTERNAL_ORG_USER_MANAGEMENT_VIEW = "internal_org_user_mgt_view"; private static final String INTERNAL_ORG_USER_MANAGEMENT_CREATE = "internal_org_user_mgt_create"; private static final String INTERNAL_ORG_USER_MANAGEMENT_UPDATE = "internal_org_user_mgt_update"; private static final String INTERNAL_ORG_USER_MANAGEMENT_DELETE = "internal_org_user_mgt_delete"; - private static final String INTERNAL_APPLICATION_MANAGEMENT_VIEW = "internal_application_mgt_view"; - private static final String INTERNAL_APPLICATION_MANAGEMENT_UPDATE = "internal_application_mgt_update"; - private static final String INTERNAL_API_RESOURCE_VIEW = "internal_api_resource_view"; - private static final String INTERNAL_API_RESOURCE_CREATE = "internal_api_resource_create"; private static final String CUSTOM_SCOPE_1 = "test_custom_scope_1"; private static final String CUSTOM_SCOPE_2 = "test_custom_scope_2"; private static final String CUSTOM_SCOPE_3 = "test_custom_scope_3"; @@ -126,11 +116,11 @@ public class PreIssueAccessTokenPasswordGrantTestCase extends ActionsBaseTestCas private static final String APPLICATION_MANAGEMENT_API = "/api/server/v1/applications"; private static final String API_RESOURCE_MANAGEMENT_API = "/api/server/v1/api-resources"; private static final String MOCK_SERVER_ENDPOINT = "/test/action"; + + private List permissions = new ArrayList<>(); + protected SCIM2RestClient scim2RestClient; - private Lookup cookieSpecRegistry; - private RequestConfig requestConfig; private CloseableHttpClient client; - private List customScopes; private String accessToken; private String clientId; private String clientSecret; @@ -151,10 +141,10 @@ public void testInit() throws Exception { super.init(TestUserMode.TENANT_USER); - cookieSpecRegistry = RegistryBuilder.create() + Lookup cookieSpecRegistry = RegistryBuilder.create() .register(CookieSpecs.DEFAULT, new RFC6265CookieSpecProvider()) .build(); - requestConfig = RequestConfig.custom() + RequestConfig requestConfig = RequestConfig.custom() .setCookieSpec(CookieSpecs.DEFAULT) .build(); client = HttpClientBuilder.create() @@ -170,7 +160,7 @@ protected boolean isRedirectable(String method) { scim2RestClient = new SCIM2RestClient(serverURL, tenantInfo); - customScopes = Arrays.asList(CUSTOM_SCOPE_1, CUSTOM_SCOPE_2, CUSTOM_SCOPE_3); + List customScopes = Arrays.asList(CUSTOM_SCOPE_1, CUSTOM_SCOPE_2, CUSTOM_SCOPE_3); ApplicationResponseModel application = addApplicationWithGrantType(PASSWORD_GRANT_TYPE); applicationId = application.getId(); @@ -215,20 +205,7 @@ public void testGetAccessTokenWithPasswordGrant() throws Exception { parameters.add(new BasicNameValuePair("username", TEST_USER)); parameters.add(new BasicNameValuePair("password", ADMIN_WSO2)); - List permissions = new ArrayList<>(); - Collections.addAll(permissions, - INTERNAL_ORG_USER_MANAGEMENT_LIST, - INTERNAL_ORG_USER_MANAGEMENT_VIEW, - INTERNAL_ORG_USER_MANAGEMENT_CREATE, - INTERNAL_ORG_USER_MANAGEMENT_UPDATE, - INTERNAL_ORG_USER_MANAGEMENT_DELETE - ); - permissions.addAll(customScopes); - - String scopes = permissions.stream() - .map(String::toLowerCase) - .collect(Collectors.joining(" ")); - parameters.add(new BasicNameValuePair("scope", scopes)); + parameters.add(new BasicNameValuePair("scope", String.join(" ", permissions))); List
headers = new ArrayList<>(); headers.add(new BasicHeader(AUTHORIZATION_HEADER, OAuth2Constant.BASIC_HEADER + " " + @@ -374,9 +351,9 @@ private JWTClaimsSet extractJwtClaims(String jwtToken) throws ParseException { */ private void addUserWithRole(String appID, List customScopes) throws Exception { // Creates roles - List permissions = addPermissions(customScopes); + List userPermissions = addPermissions(customScopes); Audience roleAudience = new Audience(APPLICATION_AUDIENCE, appID); - RoleV2 role = new RoleV2(roleAudience, TEST_ROLE_APPLICATION, permissions, Collections.emptyList()); + RoleV2 role = new RoleV2(roleAudience, TEST_ROLE_APPLICATION, userPermissions, Collections.emptyList()); roleId = addRole(role); // Creates user @@ -404,16 +381,15 @@ private void addUserWithRole(String appID, List customScopes) throws Exc private List addPermissions(List customScopes) { List userPermissions = new ArrayList<>(); - - Collections.addAll(userPermissions, - new Permission(INTERNAL_ORG_USER_MANAGEMENT_LIST), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_VIEW), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_CREATE), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_UPDATE), - new Permission(INTERNAL_ORG_USER_MANAGEMENT_DELETE) + Collections.addAll(permissions, + INTERNAL_ORG_USER_MANAGEMENT_CREATE, + INTERNAL_ORG_USER_MANAGEMENT_LIST, + INTERNAL_ORG_USER_MANAGEMENT_VIEW, + INTERNAL_ORG_USER_MANAGEMENT_UPDATE, + INTERNAL_ORG_USER_MANAGEMENT_DELETE ); - - customScopes.forEach(scope -> userPermissions.add(new Permission(scope))); + permissions.addAll(customScopes); + permissions.forEach(permission -> userPermissions.add(new Permission(permission))); return userPermissions; } diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2ServiceAbstractIntegrationTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2ServiceAbstractIntegrationTest.java index d4a5685799..2fa3eb0682 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2ServiceAbstractIntegrationTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/oauth2/OAuth2ServiceAbstractIntegrationTest.java @@ -253,6 +253,7 @@ public ApplicationResponseModel addApplicationWithGrantType(String grantType) th application.setInboundProtocolConfiguration(inboundProtocolsConfig); application.setName(SERVICE_PROVIDER_NAME); application.setIsManagementApp(true); + application.advancedConfigurations(new AdvancedApplicationConfiguration().skipLoginConsent(true)); String appId = addApplication(application); return getApplication(appId);