From 622eb04b55b3b710d8c490ae2c654b3886ea4522 Mon Sep 17 00:00:00 2001 From: Shenali Date: Wed, 4 Dec 2024 15:20:50 +0530 Subject: [PATCH 01/10] Add new tests to validate OIDC IdPs --- .../api/server/idp/v1/IdPFailureTest.java | 31 +++++ .../api/server/idp/v1/IdPSuccessTest.java | 82 +++++++++++++ .../idp/v1/add-idp-without-authenticator.json | 77 ++++++++++++ .../add-oidc-idp-with-duplicated-scopes.json | 112 ++++++++++++++++++ .../v1/add-oidc-idp-without-openid-scope.json | 108 +++++++++++++++++ .../update-idp-oidc-without-openid-scope.json | 11 ++ 6 files changed, 421 insertions(+) create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-without-authenticator.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-without-openid-scope.json diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java index b79c1eb920..3ea5d0f304 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java @@ -35,6 +35,7 @@ import java.util.Map; import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.Matchers.nullValue; import static org.hamcrest.core.IsNull.notNullValue; import static org.testng.Assert.assertNotNull; @@ -213,6 +214,36 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { deleteCreatedIdP(oidcIdPId); } + @Test + public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { + + String body = readResource("add-idp-oidc-standard-based.json"); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_CREATED) + .header(HttpHeaders.LOCATION, notNullValue()); + + String location = response.getHeader(HttpHeaders.LOCATION); + assertNotNull(location); + String oidcIdPId = location.substring(location.lastIndexOf("/") + 1); + assertNotNull(oidcIdPId); + + // update the OIDC IdP without openid scope + String updateBody = readResource("update-idp-oidc-without-openid-scope.json"); + Response updateResponse = getResponseOfPut(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId + + PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody); + updateResponse.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_BAD_REQUEST) + .body("message", equalTo("Invalid OIDC Scopes.")) + .body("description", equalTo("Scopes must contain 'openid'.")); + + deleteCreatedIdP(oidcIdPId); + } + /** * Deletes an Identity Provider by its ID and verifies the deletion. * diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java index d009c0a5c7..fbed4da046 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java @@ -21,6 +21,7 @@ import org.apache.commons.lang.StringUtils; import org.apache.http.HttpHeaders; import org.apache.http.HttpStatus; +import org.hamcrest.Matchers; import org.testng.annotations.AfterClass; import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeClass; @@ -277,6 +278,64 @@ public void testAddIdP() throws IOException { assertNotNull(idPId); } + @Test() + public void addIdPWithoutAuthenticator() throws IOException { + + String body = readResource("add-idp-without-authenticator.json"); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_CREATED) + .body("federatedAuthenticators.authenticators", Matchers.emptyIterable()) + .header(HttpHeaders.LOCATION, notNullValue()); + + String location = response.getHeader(HttpHeaders.LOCATION); + assertNotNull(location); + String idpIdWithoutAuth = location.substring(location.lastIndexOf("/") + 1); + assertNotNull(idpIdWithoutAuth); + + deleteCreatedIdP(idpIdWithoutAuth); + } + + @Test + public void addIdPWithDuplicatedOIDCScopes() throws IOException { + + String body = readResource("add-oidc-idp-with-duplicated-scopes.json"); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_CREATED) + .header(HttpHeaders.LOCATION, notNullValue()); + + String location = response.getHeader(HttpHeaders.LOCATION); + assertNotNull(location); + String oidcIdpId = location.substring(location.lastIndexOf("/") + 1); + assertNotNull(oidcIdpId); + + deleteCreatedIdP(oidcIdpId); + } + + @Test + public void addOIDCIdPWithoutOpenidScope() throws IOException { + + String body = readResource("add-oidc-idp-without-openid-scope.json"); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_CREATED) + .header(HttpHeaders.LOCATION, notNullValue()); + + String location = response.getHeader(HttpHeaders.LOCATION); + assertNotNull(location); + String oidcIdpId = location.substring(location.lastIndexOf("/") + 1); + assertNotNull(oidcIdpId); + + deleteCreatedIdP(oidcIdpId); + } + @Test(dependsOnMethods = {"testAddIdP"}) public void testGetIdP() throws IOException { @@ -760,4 +819,27 @@ public void testDeleteIdPTemplate() throws Exception { .assertThat() .statusCode(HttpStatus.SC_NO_CONTENT); } + + /** + * Deletes an Identity Provider by its ID and verifies the deletion. + * + * @param idPId ID of the Identity Provider to be deleted. + */ + private void deleteCreatedIdP(String idPId) { + + Response response = getResponseOfDelete(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_NO_CONTENT); + + Response responseOfGet = getResponseOfGet(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId); + responseOfGet.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_NOT_FOUND) + .body("message", equalTo("Resource not found.")) + .body("description", equalTo("Unable to find a resource matching the provided identity " + + "provider identifier " + idPId + ".")); + } } diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-without-authenticator.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-without-authenticator.json new file mode 100644 index 0000000000..c7b1f1bc61 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-without-authenticator.json @@ -0,0 +1,77 @@ +{ + "name": "Google-3", + "description": "IDP for Google Federation", + "image": "google-logo-url", + "isPrimary": false, + "isFederationHub": false, + "homeRealmIdentifier": "localhost", + "certificate": { + "certificates": [ + "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURzRENDQXBpZ0F3SUJBZ0lKQUs0eml2ckVsYzBJTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdETVJFd0R3WUQKVlFRRERBaENkV1JrYUdsdFlURUxNQWtHQTFVRUJoTUNVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBTwpCZ05WQkFjTUIwTnZiRzl0WW04eERUQUxCZ05WQkFvTUJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKCktvWklodmNOQVFrQkZoSmlkV1JrYUdsdFlYVkFkM052TWk1amIyMHdJQmNOTVRrd056RTJNRFF5TXpFd1doZ1AKTXpBeE9ERXhNVFl3TkRJek1UQmFNSUdETVJFd0R3WURWUVFEREFoQ2RXUmthR2x0WVRFTE1Ba0dBMVVFQmhNQwpVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBT0JnTlZCQWNNQjBOdmJHOXRZbTh4RFRBTEJnTlZCQW9NCkJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKS29aSWh2Y05BUWtCRmhKaWRXUmthR2x0WVhWQWQzTnYKTWk1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDcFo3V09VMTZpeGpiQwpiWGR3R3JhTW5xbmxnb2kzMDN5aVFxbHAySzlWTmZHT21nTlFhdFdlbjB0MVVWcjYxd0Y4eVlHaDJyc1lnbithCjhwYXVmUVVQQ1laeFRFR1FpT2RPZ0RNcE5tWW82ZHU2K2MvenJqcHNncGh5SHIxNEZPVHAxaVRDSXBmanVwVjEKd1BUeXJveURySGRvMkpuOHI3V3F1cklJVTRBYllBN2NrdVVqL0tqYUovTTZrZitwRFd5SVJvaDBKTFJlWWM4UQp5bmhYcjdrQWp5RnFqNitnWndBYkh4ckhrckVzYTJoVjQ0UFJXWjFQUERxTCswVU8veE1hQW5udndsdGd4QlVpCkhLUTFXWDVwdVVPaC9kQTQ5b0RsbEpraHpxd2d5eDQxc1FYbFNhVmdKaklUZVdSQmdvNnh6ajNmd3VvenBGS1gKbzRaeXBITDNBZ01CQUFHakl6QWhNQjhHQTFVZEVRUVlNQmFDQkhkemJ6S0NDSGR6YnpJdVkyOXRnZ1IzYzI4eQpNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJTSzBKa1pyYlpvYmRDNHhZSG1IcnlVbkZVbkZZWUFvZmc0TFVGCkJRbWxDY0NKR0ZwR1BtN2ZDWHM0Y0h4Z0hPVTN5SkhtQ2pYaU9FRTc2dzhIU0NRcVhkNmROSEwxRkxtN0pqQTUKTEZmbHhiWXNOcmVVNVpJTmREVGZvWmxSSXR0Mkd4MlpIa3pjQVRJZm1yUFNwODV2WDhGem1mbTNBVTVpM3FXZQo4a2YyZk5nQjlMbE5XRFk1V09paVlHUWMrRk13WWdLcDJkNGM3dzMrWnRTUXJWRy9YdGpqYTJYV09Xdm1sV3dLCnB4b3pyNjIvTTdUUmVkc3hJNU90bzJvWExGZXp1MUdCWHdpNEFaempMSFVsNWpSR2hMbkNZa05qdWZGZi9EQ0cKeUFWdnpMVXQwZ2F0b0dJdTV2eG9la05JVWV5YTZpRzJBaG9jSmM0SEJMT3l4TXE3Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + ] + }, + "alias": "https://localhost:9444/oauth2/token", + "claims": { + "userIdClaim": { + "uri": "http://wso2.org/claims/username" + }, + "roleClaim": { + "uri": "http://wso2.org/claims/role" + }, + "provisioningClaims": [ + { + "claim": { + "uri": "http://wso2.org/claims/username" + }, + "defaultValue": "sathya" + } + ] + }, + "roles": { + "mappings": [ + { + "idpRole": "google-manager", + "localRole": "admin" + } + ], + "outboundProvisioningRoles": [ + "admin" + ] + }, + "provisioning": { + "jit": { + "isEnabled": true, + "scheme": "PROVISION_SILENTLY", + "userstore": "PRIMARY" + }, + "outboundConnectors": { + "defaultConnectorId": "c2NpbQ", + "connectors": [ + { + "connectorId": "c2NpbQ", + "isEnabled": true, + "blockingEnabled": false, + "rulesEnabled": false, + "properties": [ + { + "key": "scim-user-ep", + "value": "https://localhost:9445/userinfo" + }, + { + "key": "scim-username", + "value": "admin" + }, + { + "key": "scim-enable-pwd-provisioning", + "value": "true" + }, + { + "key": "scim-password", + "value": "admin" + } + ] + } + ] + } + } +} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json new file mode 100644 index 0000000000..48bc382c0a --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json @@ -0,0 +1,112 @@ +{ + "name": "Google-3", + "description": "IDP for Google Federation", + "image": "google-logo-url", + "isPrimary": false, + "isFederationHub": false, + "homeRealmIdentifier": "localhost", + "certificate": { + "certificates": [ + "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURzRENDQXBpZ0F3SUJBZ0lKQUs0eml2ckVsYzBJTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdETVJFd0R3WUQKVlFRRERBaENkV1JrYUdsdFlURUxNQWtHQTFVRUJoTUNVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBTwpCZ05WQkFjTUIwTnZiRzl0WW04eERUQUxCZ05WQkFvTUJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKCktvWklodmNOQVFrQkZoSmlkV1JrYUdsdFlYVkFkM052TWk1amIyMHdJQmNOTVRrd056RTJNRFF5TXpFd1doZ1AKTXpBeE9ERXhNVFl3TkRJek1UQmFNSUdETVJFd0R3WURWUVFEREFoQ2RXUmthR2x0WVRFTE1Ba0dBMVVFQmhNQwpVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBT0JnTlZCQWNNQjBOdmJHOXRZbTh4RFRBTEJnTlZCQW9NCkJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKS29aSWh2Y05BUWtCRmhKaWRXUmthR2x0WVhWQWQzTnYKTWk1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDcFo3V09VMTZpeGpiQwpiWGR3R3JhTW5xbmxnb2kzMDN5aVFxbHAySzlWTmZHT21nTlFhdFdlbjB0MVVWcjYxd0Y4eVlHaDJyc1lnbithCjhwYXVmUVVQQ1laeFRFR1FpT2RPZ0RNcE5tWW82ZHU2K2MvenJqcHNncGh5SHIxNEZPVHAxaVRDSXBmanVwVjEKd1BUeXJveURySGRvMkpuOHI3V3F1cklJVTRBYllBN2NrdVVqL0tqYUovTTZrZitwRFd5SVJvaDBKTFJlWWM4UQp5bmhYcjdrQWp5RnFqNitnWndBYkh4ckhrckVzYTJoVjQ0UFJXWjFQUERxTCswVU8veE1hQW5udndsdGd4QlVpCkhLUTFXWDVwdVVPaC9kQTQ5b0RsbEpraHpxd2d5eDQxc1FYbFNhVmdKaklUZVdSQmdvNnh6ajNmd3VvenBGS1gKbzRaeXBITDNBZ01CQUFHakl6QWhNQjhHQTFVZEVRUVlNQmFDQkhkemJ6S0NDSGR6YnpJdVkyOXRnZ1IzYzI4eQpNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJTSzBKa1pyYlpvYmRDNHhZSG1IcnlVbkZVbkZZWUFvZmc0TFVGCkJRbWxDY0NKR0ZwR1BtN2ZDWHM0Y0h4Z0hPVTN5SkhtQ2pYaU9FRTc2dzhIU0NRcVhkNmROSEwxRkxtN0pqQTUKTEZmbHhiWXNOcmVVNVpJTmREVGZvWmxSSXR0Mkd4MlpIa3pjQVRJZm1yUFNwODV2WDhGem1mbTNBVTVpM3FXZQo4a2YyZk5nQjlMbE5XRFk1V09paVlHUWMrRk13WWdLcDJkNGM3dzMrWnRTUXJWRy9YdGpqYTJYV09Xdm1sV3dLCnB4b3pyNjIvTTdUUmVkc3hJNU90bzJvWExGZXp1MUdCWHdpNEFaempMSFVsNWpSR2hMbkNZa05qdWZGZi9EQ0cKeUFWdnpMVXQwZ2F0b0dJdTV2eG9la05JVWV5YTZpRzJBaG9jSmM0SEJMT3l4TXE3Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + ] + }, + "alias": "https://localhost:9444/oauth2/token", + "claims": { + "userIdClaim": { + "uri": "http://wso2.org/claims/username" + }, + "roleClaim": { + "uri": "http://wso2.org/claims/role" + }, + "provisioningClaims": [ + { + "claim": { + "uri": "http://wso2.org/claims/username" + }, + "defaultValue": "sathya" + } + ] + }, + "roles": { + "mappings": [ + { + "idpRole": "google-manager", + "localRole": "admin" + } + ], + "outboundProvisioningRoles": [ + "admin" + ] + }, + "federatedAuthenticators": { + "defaultAuthenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", + "authenticators": [ + { + "authenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", + "isEnabled": true, + "properties": [ + { + "key": "AdditionalQueryParameters", + "value": "scope=openid email profile" + }, + { + "key": "ClientId", + "value": "165474950684-7mvqd8m6hieb8mdnffcarnku2aua0tpl.apps.googleusercontent.com" + }, + { + "key": "ClientSecret", + "value": "testclientsecret" + }, + { + "key": "callbackUrl", + "value": "https://mydomain2.com:9443/commonauth" + } + ] + } + ] + }, + "provisioning": { + "jit": { + "isEnabled": true, + "scheme": "PROVISION_SILENTLY", + "userstore": "PRIMARY" + }, + "outboundConnectors": { + "defaultConnectorId": "c2NpbQ", + "connectors": [ + { + "connectorId": "c2NpbQ", + "isEnabled": true, + "blockingEnabled": false, + "rulesEnabled": false, + "properties": [ + { + "key": "scim-user-ep", + "value": "https://localhost:9445/userinfo" + }, + { + "key": "scim-username", + "value": "admin" + }, + { + "key": "scim-enable-pwd-provisioning", + "value": "true" + }, + { + "key": "scim-password", + "value": "admin" + }, + { + "key": "commonAuthQueryParams", + "value": "scope=openid country profile" + }, + { + "key": "Scopes", + "value": "openid country profile" + } + ] + } + ] + } + } +} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json new file mode 100644 index 0000000000..21186d9768 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json @@ -0,0 +1,108 @@ +{ + "name": "Google-3", + "description": "IDP for Google Federation", + "image": "google-logo-url", + "isPrimary": false, + "isFederationHub": false, + "homeRealmIdentifier": "localhost", + "certificate": { + "certificates": [ + "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURzRENDQXBpZ0F3SUJBZ0lKQUs0eml2ckVsYzBJTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdETVJFd0R3WUQKVlFRRERBaENkV1JrYUdsdFlURUxNQWtHQTFVRUJoTUNVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBTwpCZ05WQkFjTUIwTnZiRzl0WW04eERUQUxCZ05WQkFvTUJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKCktvWklodmNOQVFrQkZoSmlkV1JrYUdsdFlYVkFkM052TWk1amIyMHdJQmNOTVRrd056RTJNRFF5TXpFd1doZ1AKTXpBeE9ERXhNVFl3TkRJek1UQmFNSUdETVJFd0R3WURWUVFEREFoQ2RXUmthR2x0WVRFTE1Ba0dBMVVFQmhNQwpVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBT0JnTlZCQWNNQjBOdmJHOXRZbTh4RFRBTEJnTlZCQW9NCkJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKS29aSWh2Y05BUWtCRmhKaWRXUmthR2x0WVhWQWQzTnYKTWk1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDcFo3V09VMTZpeGpiQwpiWGR3R3JhTW5xbmxnb2kzMDN5aVFxbHAySzlWTmZHT21nTlFhdFdlbjB0MVVWcjYxd0Y4eVlHaDJyc1lnbithCjhwYXVmUVVQQ1laeFRFR1FpT2RPZ0RNcE5tWW82ZHU2K2MvenJqcHNncGh5SHIxNEZPVHAxaVRDSXBmanVwVjEKd1BUeXJveURySGRvMkpuOHI3V3F1cklJVTRBYllBN2NrdVVqL0tqYUovTTZrZitwRFd5SVJvaDBKTFJlWWM4UQp5bmhYcjdrQWp5RnFqNitnWndBYkh4ckhrckVzYTJoVjQ0UFJXWjFQUERxTCswVU8veE1hQW5udndsdGd4QlVpCkhLUTFXWDVwdVVPaC9kQTQ5b0RsbEpraHpxd2d5eDQxc1FYbFNhVmdKaklUZVdSQmdvNnh6ajNmd3VvenBGS1gKbzRaeXBITDNBZ01CQUFHakl6QWhNQjhHQTFVZEVRUVlNQmFDQkhkemJ6S0NDSGR6YnpJdVkyOXRnZ1IzYzI4eQpNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJTSzBKa1pyYlpvYmRDNHhZSG1IcnlVbkZVbkZZWUFvZmc0TFVGCkJRbWxDY0NKR0ZwR1BtN2ZDWHM0Y0h4Z0hPVTN5SkhtQ2pYaU9FRTc2dzhIU0NRcVhkNmROSEwxRkxtN0pqQTUKTEZmbHhiWXNOcmVVNVpJTmREVGZvWmxSSXR0Mkd4MlpIa3pjQVRJZm1yUFNwODV2WDhGem1mbTNBVTVpM3FXZQo4a2YyZk5nQjlMbE5XRFk1V09paVlHUWMrRk13WWdLcDJkNGM3dzMrWnRTUXJWRy9YdGpqYTJYV09Xdm1sV3dLCnB4b3pyNjIvTTdUUmVkc3hJNU90bzJvWExGZXp1MUdCWHdpNEFaempMSFVsNWpSR2hMbkNZa05qdWZGZi9EQ0cKeUFWdnpMVXQwZ2F0b0dJdTV2eG9la05JVWV5YTZpRzJBaG9jSmM0SEJMT3l4TXE3Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + ] + }, + "alias": "https://localhost:9444/oauth2/token", + "claims": { + "userIdClaim": { + "uri": "http://wso2.org/claims/username" + }, + "roleClaim": { + "uri": "http://wso2.org/claims/role" + }, + "provisioningClaims": [ + { + "claim": { + "uri": "http://wso2.org/claims/username" + }, + "defaultValue": "sathya" + } + ] + }, + "roles": { + "mappings": [ + { + "idpRole": "google-manager", + "localRole": "admin" + } + ], + "outboundProvisioningRoles": [ + "admin" + ] + }, + "federatedAuthenticators": { + "defaultAuthenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", + "authenticators": [ + { + "authenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", + "isEnabled": true, + "properties": [ + { + "key": "AdditionalQueryParameters", + "value": "scope=openid email profile" + }, + { + "key": "ClientId", + "value": "165474950684-7mvqd8m6hieb8mdnffcarnku2aua0tpl.apps.googleusercontent.com" + }, + { + "key": "ClientSecret", + "value": "testclientsecret" + }, + { + "key": "callbackUrl", + "value": "https://mydomain2.com:9443/commonauth" + } + ] + } + ] + }, + "provisioning": { + "jit": { + "isEnabled": true, + "scheme": "PROVISION_SILENTLY", + "userstore": "PRIMARY" + }, + "outboundConnectors": { + "defaultConnectorId": "c2NpbQ", + "connectors": [ + { + "connectorId": "c2NpbQ", + "isEnabled": true, + "blockingEnabled": false, + "rulesEnabled": false, + "properties": [ + { + "key": "scim-user-ep", + "value": "https://localhost:9445/userinfo" + }, + { + "key": "scim-username", + "value": "admin" + }, + { + "key": "scim-enable-pwd-provisioning", + "value": "true" + }, + { + "key": "scim-password", + "value": "admin" + }, + { + "key": "Scopes", + "value": "country profile" + } + ] + } + ] + } + } +} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-without-openid-scope.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-without-openid-scope.json new file mode 100644 index 0000000000..77b1162493 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-without-openid-scope.json @@ -0,0 +1,11 @@ +{ + "authenticatorId": "T3BlbklEQ29ubmVjdEF1dGhlbnRpY2F0b3I", + "isEnabled": true, + "isDefault": true, + "properties": [ + { + "key": "Scopes", + "value": "country profile" + } + ] +} From 762b4eef61ab6032bfb5e1fa836651b714642352 Mon Sep 17 00:00:00 2001 From: Shenali Date: Thu, 5 Dec 2024 14:49:02 +0530 Subject: [PATCH 02/10] Add test cases for SAML and empty search --- .../api/server/idp/v1/IdPFailureTest.java | 45 +++++++ .../api/server/idp/v1/IdPSuccessTest.java | 21 ++++ ...add-idp-with-duplicated-property-keys.json | 116 ++++++++++++++++++ .../idp/v1/add-saml-idp-without-metadata.json | 60 +++++++++ .../rest/api/server/idp/v1/add-saml-idp.json | 60 +++++++++ 5 files changed, 302 insertions(+) create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java index 3ea5d0f304..3e02e729a5 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java @@ -31,10 +31,15 @@ import org.wso2.carbon.automation.engine.context.TestUserMode; import java.io.IOException; +import java.util.Collections; import java.util.HashMap; import java.util.Map; +import javax.xml.xpath.XPathExpressionException; + import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.Matchers.hasKey; +import static org.hamcrest.Matchers.not; import static org.hamcrest.Matchers.nullValue; import static org.hamcrest.core.IsNull.notNullValue; import static org.testng.Assert.assertNotNull; @@ -97,6 +102,19 @@ public void testGetIdPWithInvalidId() { validateErrorResponse(response, HttpStatus.SC_NOT_FOUND, "IDP-60002", "random-id"); } + @Test + public void testInvalidSearchAllIdPs() throws XPathExpressionException { + + Response response = getResponseOfGetWithQueryParams(IDP_API_BASE_PATH, Collections.singletonMap("filter", + "name sw InvalidIdP")); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK) + .body("totalResults", equalTo(0)) + .body("count", equalTo(0)); + } + @Test(dependsOnMethods = {"testGetIdPWithInvalidId"}) public void addIdPConflict() throws IOException { @@ -121,6 +139,19 @@ public void addIdPWithDuplicateProperties() throws IOException { validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "IDP-60025"); } + @Test + public void testAddIdPWithDuplicatedPropertyKeys() throws IOException { + + String body = readResource("add-idp-with-duplicated-property-keys.json"); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_BAD_REQUEST) + .body("message", equalTo("Invalid input.")) + .body("description", equalTo("One of the given inputs is invalid. Duplicate properties are " + + "found in the request.")); + } @Test(dependsOnMethods = {"addIdPConflict"}) public void testGetIdPFederatedAuthenticatorWithInvalidAuthId() { @@ -244,6 +275,20 @@ public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { deleteCreatedIdP(oidcIdPId); } + @Test + public void addSamlIdPWithoutMetadata() throws IOException { + + String body = readResource("add-saml-idp-without-metadata.json"); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_BAD_REQUEST) + .body("message", equalTo("Invalid SAML metadata.")) + .body("description", equalTo("SAML metadata is invalid/empty.")); + } + /** * Deletes an Identity Provider by its ID and verifies the deletion. * diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java index fbed4da046..d107fc91d0 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java @@ -298,6 +298,7 @@ public void addIdPWithoutAuthenticator() throws IOException { deleteCreatedIdP(idpIdWithoutAuth); } + // TODO: add a comment @Test public void addIdPWithDuplicatedOIDCScopes() throws IOException { @@ -317,6 +318,7 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException { deleteCreatedIdP(oidcIdpId); } + // TODO: add a comment @Test public void addOIDCIdPWithoutOpenidScope() throws IOException { @@ -336,6 +338,25 @@ public void addOIDCIdPWithoutOpenidScope() throws IOException { deleteCreatedIdP(oidcIdpId); } + @Test + public void addSAMLStandardBasedIdP() throws IOException { + + String body = readResource("add-saml-idp.json"); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_CREATED) + .header(HttpHeaders.LOCATION, notNullValue()); + + String location = response.getHeader(HttpHeaders.LOCATION); + assertNotNull(location); + String samlIdpId = location.substring(location.lastIndexOf("/") + 1); + assertNotNull(samlIdpId); + + deleteCreatedIdP(samlIdpId); + } + @Test(dependsOnMethods = {"testAddIdP"}) public void testGetIdP() throws IOException { diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json new file mode 100644 index 0000000000..19f40cd9e8 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json @@ -0,0 +1,116 @@ +{ + "name": "Google-3", + "description": "IDP for Google Federation", + "image": "google-logo-url", + "isPrimary": false, + "isFederationHub": false, + "homeRealmIdentifier": "localhost", + "certificate": { + "certificates": [ + "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURzRENDQXBpZ0F3SUJBZ0lKQUs0eml2ckVsYzBJTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdETVJFd0R3WUQKVlFRRERBaENkV1JrYUdsdFlURUxNQWtHQTFVRUJoTUNVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBTwpCZ05WQkFjTUIwTnZiRzl0WW04eERUQUxCZ05WQkFvTUJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKCktvWklodmNOQVFrQkZoSmlkV1JrYUdsdFlYVkFkM052TWk1amIyMHdJQmNOTVRrd056RTJNRFF5TXpFd1doZ1AKTXpBeE9ERXhNVFl3TkRJek1UQmFNSUdETVJFd0R3WURWUVFEREFoQ2RXUmthR2x0WVRFTE1Ba0dBMVVFQmhNQwpVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBT0JnTlZCQWNNQjBOdmJHOXRZbTh4RFRBTEJnTlZCQW9NCkJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKS29aSWh2Y05BUWtCRmhKaWRXUmthR2x0WVhWQWQzTnYKTWk1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDcFo3V09VMTZpeGpiQwpiWGR3R3JhTW5xbmxnb2kzMDN5aVFxbHAySzlWTmZHT21nTlFhdFdlbjB0MVVWcjYxd0Y4eVlHaDJyc1lnbithCjhwYXVmUVVQQ1laeFRFR1FpT2RPZ0RNcE5tWW82ZHU2K2MvenJqcHNncGh5SHIxNEZPVHAxaVRDSXBmanVwVjEKd1BUeXJveURySGRvMkpuOHI3V3F1cklJVTRBYllBN2NrdVVqL0tqYUovTTZrZitwRFd5SVJvaDBKTFJlWWM4UQp5bmhYcjdrQWp5RnFqNitnWndBYkh4ckhrckVzYTJoVjQ0UFJXWjFQUERxTCswVU8veE1hQW5udndsdGd4QlVpCkhLUTFXWDVwdVVPaC9kQTQ5b0RsbEpraHpxd2d5eDQxc1FYbFNhVmdKaklUZVdSQmdvNnh6ajNmd3VvenBGS1gKbzRaeXBITDNBZ01CQUFHakl6QWhNQjhHQTFVZEVRUVlNQmFDQkhkemJ6S0NDSGR6YnpJdVkyOXRnZ1IzYzI4eQpNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJTSzBKa1pyYlpvYmRDNHhZSG1IcnlVbkZVbkZZWUFvZmc0TFVGCkJRbWxDY0NKR0ZwR1BtN2ZDWHM0Y0h4Z0hPVTN5SkhtQ2pYaU9FRTc2dzhIU0NRcVhkNmROSEwxRkxtN0pqQTUKTEZmbHhiWXNOcmVVNVpJTmREVGZvWmxSSXR0Mkd4MlpIa3pjQVRJZm1yUFNwODV2WDhGem1mbTNBVTVpM3FXZQo4a2YyZk5nQjlMbE5XRFk1V09paVlHUWMrRk13WWdLcDJkNGM3dzMrWnRTUXJWRy9YdGpqYTJYV09Xdm1sV3dLCnB4b3pyNjIvTTdUUmVkc3hJNU90bzJvWExGZXp1MUdCWHdpNEFaempMSFVsNWpSR2hMbkNZa05qdWZGZi9EQ0cKeUFWdnpMVXQwZ2F0b0dJdTV2eG9la05JVWV5YTZpRzJBaG9jSmM0SEJMT3l4TXE3Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" + ] + }, + "alias": "https://localhost:9444/oauth2/token", + "claims": { + "userIdClaim": { + "uri": "http://wso2.org/claims/username" + }, + "roleClaim": { + "uri": "http://wso2.org/claims/role" + }, + "provisioningClaims": [ + { + "claim": { + "uri": "http://wso2.org/claims/username" + }, + "defaultValue": "sathya" + } + ] + }, + "roles": { + "mappings": [ + { + "idpRole": "google-manager", + "localRole": "admin" + } + ], + "outboundProvisioningRoles": [ + "admin" + ] + }, + "federatedAuthenticators": { + "defaultAuthenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", + "authenticators": [ + { + "authenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", + "isEnabled": true, + "properties": [ + { + "key": "AdditionalQueryParameters", + "value": "scope=openid email profile" + }, + { + "key": "ClientId", + "value": "165474950684-7mvqd8m6hieb8mdnffcarnku2aua0tpl.apps.googleusercontent.com" + }, + { + "key": "ClientSecret", + "value": "testclientsecret" + }, + { + "key": "callbackUrl", + "value": "https://mydomain2.com:9443/commonauth" + } + ] + } + ] + }, + "provisioning": { + "jit": { + "isEnabled": true, + "scheme": "PROVISION_SILENTLY", + "userstore": "PRIMARY" + }, + "outboundConnectors": { + "defaultConnectorId": "c2NpbQ", + "connectors": [ + { + "connectorId": "c2NpbQ", + "isEnabled": true, + "blockingEnabled": false, + "rulesEnabled": false, + "properties": [ + { + "key": "scim-user-ep", + "value": "https://localhost:9445/userinfo" + }, + { + "key": "scim-username", + "value": "admin" + }, + { + "key": "scim-username", + "value": "admin2" + }, + { + "key": "scim-enable-pwd-provisioning", + "value": "true" + }, + { + "key": "scim-password", + "value": "admin" + }, + { + "key": "commonAuthQueryParams", + "value": "scope=openid country profile" + }, + { + "key": "Scopes", + "value": "openid country profile" + } + ] + } + ] + } + } +} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json new file mode 100644 index 0000000000..2be6d3bc33 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json @@ -0,0 +1,60 @@ +{ + "name": "SAML IdP", + "alias": "", + "description": "Authenticate users with Enterprise SAML connections.", + "image": "assets/images/logos/enterprise.svg", + "isPrimary": false, + "roles": { + "mappings": [], + "outboundProvisioningRoles": [] + }, + "certificate": { + "certificates": [ + "" + ] + }, + "claims": { + "userIdClaim": { + "uri": "" + }, + "provisioningClaims": [], + "roleClaim": { + "uri": "" + } + }, + "federatedAuthenticators": { + "defaultAuthenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I", + "authenticators": [ + { + "isEnabled": true, + "authenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I", + "properties": [ + { + "key": "SPEntityId", + "value": "https://test.idp.com" + }, + { + "key": "meta_data_saml", + "value": "" + }, + { + "key": "SelectMode", + "value": "Metadata File Configuration" + }, + { + "key": "IsUserIdInClaims", + "value": "false" + }, + { + "key": "IsSLORequestAccepted", + "value": "false" + } + ] + } + ] + }, + "homeRealmIdentifier": "", + "isFederationHub": false, + "idpIssuerName": "", + "templateId": "enterprise-saml-idp" +} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json new file mode 100644 index 0000000000..61f1b5d3f4 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json @@ -0,0 +1,60 @@ +{ + "name": "SAML IdP", + "alias": "", + "description": "Authenticate users with Enterprise SAML connections.", + "image": "assets/images/logos/enterprise.svg", + "isPrimary": false, + "roles": { + "mappings": [], + "outboundProvisioningRoles": [] + }, + "certificate": { + "certificates": [ + "" + ] + }, + "claims": { + "userIdClaim": { + "uri": "" + }, + "provisioningClaims": [], + "roleClaim": { + "uri": "" + } + }, + "federatedAuthenticators": { + "defaultAuthenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I", + "authenticators": [ + { + "isEnabled": true, + "authenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I", + "properties": [ + { + "key": "SPEntityId", + "value": "https://test.idp.com" + }, + { + "key": "meta_data_saml", + "value": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPEVudGl0eURlc2NyaXB0b3IgZW50aXR5SUQ9Imh0dHBzOi8vdGVzdC5pZHAuY29tIiB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm1ldGFkYXRhIj4KICAgIDxJRFBTU09EZXNjcmlwdG9yIHByb3RvY29sU3VwcG9ydEVudW1lcmF0aW9uPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPgoKICAgICAgICA8IS0tIFNpbmdsZSBTaWduLU9uIFNlcnZpY2UgLS0+CiAgICAgICAgPFNpbmdsZVNpZ25PblNlcnZpY2UKICAgICAgICAgICAgICAgIEJpbmRpbmc9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpiaW5kaW5nczpIVFRQLVJlZGlyZWN0IgogICAgICAgICAgICAgICAgTG9jYXRpb249Imh0dHBzOi8vdGVzdC5pZHAuY29tL3NzbyIvPgoKICAgICAgICA8U2luZ2xlU2lnbk9uU2VydmljZQogICAgICAgICAgICAgICAgQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIKICAgICAgICAgICAgICAgIExvY2F0aW9uPSJodHRwczovL3Rlc3QuaWRwLmNvbS9zc28iLz4KCiAgICA8L0lEUFNTT0Rlc2NyaXB0b3I+CgogICAgPCEtLSBPcmdhbml6YXRpb24gSW5mb3JtYXRpb24gLS0+CiAgICA8T3JnYW5pemF0aW9uPgogICAgICAgIDxPcmdhbml6YXRpb25OYW1lIHhtbDpsYW5nPSJlbiI+VGVzdCBJZGVudGl0eSBQcm92aWRlcjwvT3JnYW5pemF0aW9uTmFtZT4KICAgICAgICA8T3JnYW5pemF0aW9uRGlzcGxheU5hbWUgeG1sOmxhbmc9ImVuIj5UZXN0IElkUDwvT3JnYW5pemF0aW9uRGlzcGxheU5hbWU+CiAgICAgICAgPE9yZ2FuaXphdGlvblVSTCB4bWw6bGFuZz0iZW4iPmh0dHBzOi8vdGVzdC5pZHAuY29tPC9Pcmdhbml6YXRpb25VUkw+CiAgICA8L09yZ2FuaXphdGlvbj4KCiAgICA8IS0tIENvbnRhY3QgSW5mb3JtYXRpb24gLS0+CiAgICA8Q29udGFjdFBlcnNvbiBjb250YWN0VHlwZT0idGVjaG5pY2FsIj4KICAgICAgICA8R2l2ZW5OYW1lPlN1cHBvcnQgVGVhbTwvR2l2ZW5OYW1lPgogICAgICAgIDxFbWFpbEFkZHJlc3M+c3VwcG9ydEB0ZXN0LmNvbTwvRW1haWxBZGRyZXNzPgogICAgPC9Db250YWN0UGVyc29uPgo8L0VudGl0eURlc2NyaXB0b3I+Cg==" + }, + { + "key": "SelectMode", + "value": "Metadata File Configuration" + }, + { + "key": "IsUserIdInClaims", + "value": "false" + }, + { + "key": "IsSLORequestAccepted", + "value": "false" + } + ] + } + ] + }, + "homeRealmIdentifier": "", + "isFederationHub": false, + "idpIssuerName": "", + "templateId": "enterprise-saml-idp" +} From 9852a13a4ae4c7e72c956b106bfbdc6632e1262f Mon Sep 17 00:00:00 2001 From: Shenali Date: Thu, 5 Dec 2024 17:22:41 +0530 Subject: [PATCH 03/10] Add a test for IdP export --- .../api/server/idp/v1/IdPSuccessTest.java | 22 ++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java index d107fc91d0..9ebe4a87e7 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java @@ -51,6 +51,8 @@ public class IdPSuccessTest extends IdPTestBase { private String idPId; private String idPTemplateId; private static final String IDP_NAME = "Google"; + private static final String AUTHENTICATOR_NAME = "GoogleOIDCAuthenticator"; + private static final String DEFINED_BY_SYSTEM = "SYSTEM"; @Factory(dataProvider = "restAPIUserConfigProvider") public IdPSuccessTest(TestUserMode userMode) throws Exception { @@ -461,7 +463,7 @@ public void testUpdateIdPFederatedAuthenticator() throws IOException { .log().ifValidationFails() .assertThat() .statusCode(HttpStatus.SC_OK) - .body("definedBy", equalTo("SYSTEM")); + .body("definedBy", equalTo(DEFINED_BY_SYSTEM)); } @Test(dependsOnMethods = {"testUpdateIdPFederatedAuthenticator"}) @@ -478,7 +480,7 @@ public void testGetIdPFederatedAuthenticator() throws IOException { .body("isEnabled", equalTo(true)) .body("isDefault", equalTo(true)) .body("properties", notNullValue()) - .body("definedBy", equalTo("SYSTEM")) + .body("definedBy", equalTo(DEFINED_BY_SYSTEM)) .body("properties.find{ it.key == 'ClientId' }.value", equalTo ("165474950684-7mvqd8m6hieb8mdnffcarnku2aua0tpl.apps.googleusercontent.com")) .body("properties.find{ it.key == 'ClientSecret' }.value", equalTo("testclientsecret")) @@ -710,7 +712,21 @@ public void testPatchIdP() throws IOException { .body("certificate.certificates", nullValue()); } - @Test(dependsOnMethods = {"testPatchIdP"}) + @Test(dependsOnMethods = "testPatchIdP") + public void testExportIDPToFile() { + + Response response = getResponseOfGet(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId + PATH_SEPARATOR + + "export"); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK) + .body("identityProviderName", equalTo(IDP_NAME)) + .body("federatedAuthenticatorConfigs.find { it.name == '" + AUTHENTICATOR_NAME + "' }.definedByType", + equalTo(DEFINED_BY_SYSTEM)); + } + + @Test(dependsOnMethods = {"testExportIDPToFile"}) public void testDeleteIdP() { getResponseOfDelete(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId) From be797d1079d847b27cc76440a6cb21ecb3476a5d Mon Sep 17 00:00:00 2001 From: Shenali Date: Fri, 6 Dec 2024 10:32:17 +0530 Subject: [PATCH 04/10] Address comments --- .../api/server/idp/v1/IdPFailureTest.java | 13 ---------- .../api/server/idp/v1/IdPSuccessTest.java | 24 +++++++++++++++++-- 2 files changed, 22 insertions(+), 15 deletions(-) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java index b91604cb1c..5d198fda0c 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java @@ -122,19 +122,6 @@ public void testGetIdPWithInvalidId() { validateErrorResponse(response, HttpStatus.SC_NOT_FOUND, "IDP-60002", "random-id"); } - @Test - public void testInvalidSearchAllIdPs() throws XPathExpressionException { - - Response response = getResponseOfGetWithQueryParams(IDP_API_BASE_PATH, Collections.singletonMap("filter", - "name sw InvalidIdP")); - response.then() - .log().ifValidationFails() - .assertThat() - .statusCode(HttpStatus.SC_OK) - .body("totalResults", equalTo(0)) - .body("count", equalTo(0)); - } - @Test(dependsOnMethods = {"testGetIdPWithInvalidId"}) public void addIdPConflict() throws IOException { diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java index 194d4e7441..0af2658d79 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java @@ -448,7 +448,11 @@ public void addIdPWithoutAuthenticator() throws IOException { deleteCreatedIdP(idpIdWithoutAuth); } - // TODO: add a comment + + /* This test method has been added in order to test the current behaviour. + * There seem to be some concerns related to internal validations used in functionality associated with this. + * This is being tracked with the issue: https://github.com/wso2/product-is/issues/21928 + */ @Test public void addIdPWithDuplicatedOIDCScopes() throws IOException { @@ -468,7 +472,10 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException { deleteCreatedIdP(oidcIdpId); } - // TODO: add a comment + /* This test method has been added in order to test the current behaviour. + * There seem to be some concerns related to internal validations used in functionality associated with this. + * This is being tracked with the issue: https://github.com/wso2/product-is/issues/21928 + */ @Test public void addOIDCIdPWithoutOpenidScope() throws IOException { @@ -568,6 +575,19 @@ public void testSearchAllIdPs() throws XPathExpressionException { context.getContextTenant().getDomain()))); } + @Test + public void testInvalidSearchAllIdPs() { + + Response response = getResponseOfGetWithQueryParams(IDP_API_BASE_PATH, Collections.singletonMap("filter", + "name sw InvalidIdP")); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK) + .body("totalResults", equalTo(0)) + .body("count", equalTo(0)); + } + @Test(dependsOnMethods = {"testGetIdPs"}) public void testGetIdPsWithRequiredAttribute() throws Exception { From 0af989440365ad1dc7105405492c477bd669f9c3 Mon Sep 17 00:00:00 2001 From: Shenali Date: Mon, 9 Dec 2024 12:12:10 +0530 Subject: [PATCH 05/10] Template OIDC IdP payloads --- .../test/rest/api/common/RESTTestBase.java | 21 ++++ .../api/server/idp/v1/IdPFailureTest.java | 66 ++++++++--- .../api/server/idp/v1/IdPSuccessTest.java | 58 ++++++++- .../add-oidc-idp-with-duplicated-scopes.json | 112 ------------------ .../v1/add-oidc-idp-without-openid-scope.json | 108 ----------------- ...-standard-based.json => add-oidc-idp.json} | 13 +- .../idp/v1/add-saml-idp-without-metadata.json | 60 ---------- .../rest/api/server/idp/v1/add-saml-idp.json | 2 +- .../api/server/idp/v1/test-metadata-saml.xml | 28 +++++ ...oidc-standard-based-duplicated-scopes.json | 15 --- ...openid-scope.json => update-oidc-idp.json} | 6 +- 11 files changed, 161 insertions(+), 328 deletions(-) delete mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json delete mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json rename modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/{add-idp-oidc-standard-based.json => add-oidc-idp.json} (71%) delete mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/test-metadata-saml.xml delete mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-standard-based-duplicated-scopes.json rename modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/{update-idp-oidc-without-openid-scope.json => update-oidc-idp.json} (65%) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/common/RESTTestBase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/common/RESTTestBase.java index e6ffcb5ff8..9c35ada9f7 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/common/RESTTestBase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/common/RESTTestBase.java @@ -674,6 +674,27 @@ protected Response getResponseOfPut(String endpointUri, String body) { .put(endpointUri); } + /** + * Invoke given endpointUri for PUT with given body and Basic authentication, authentication credential being the + * authenticatingUserName and authenticatingCredential + * This implementation does not incorporate any additional filters. + * + * @param endpointUri endpoint to be invoked + * @param body payload + * @return response + */ + protected Response getResponseOfPutWithNoFilter(String endpointUri, String body) { + + return given().auth().preemptive().basic(authenticatingUserName, authenticatingCredential) + .contentType(ContentType.JSON) + .header(HttpHeaders.ACCEPT, ContentType.JSON) + .body(body) + .log().ifValidationFails() + .when() + .log().ifValidationFails() + .put(endpointUri); + } + /** * Invoke given endpointUri for PUT with given body and Basic authentication, authentication credential being the * authenticatingUserName and authenticatingCredential diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java index 5d198fda0c..e52d919568 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java @@ -17,6 +17,7 @@ package org.wso2.identity.integration.test.rest.api.server.idp.v1; import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; import io.restassured.RestAssured; import io.restassured.response.Response; import org.apache.commons.lang.StringUtils; @@ -37,16 +38,10 @@ import java.io.IOException; import java.util.Base64; -import java.util.Collections; import java.util.HashMap; import java.util.Map; -import javax.xml.xpath.XPathExpressionException; - import static org.hamcrest.CoreMatchers.equalTo; -import static org.hamcrest.Matchers.hasKey; -import static org.hamcrest.Matchers.not; -import static org.hamcrest.Matchers.nullValue; import static org.hamcrest.core.IsNull.notNullValue; import static org.testng.Assert.assertNotNull; @@ -62,6 +57,8 @@ public class IdPFailureTest extends IdPTestBase { private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_1 = "\"\""; private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_2 = "\"\""; private static final String IDP_NAME_PLACEHOLDER = ""; + private static final String METADATA_SAML_PLACEHOLDER = ""; + private static final String OIDC_SCOPES_PLACEHOLDER = "\"\""; private static final String CUSTOM_IDP_NAME = "CustomAuthIDP"; private static final String USER_DEFINED_AUTHENTICATOR_ID_1 = "Y3VzdG9tQXV0aGVudGljYXRvcjE="; private static final String USER_DEFINED_AUTHENTICATOR_ID_2 = "Y3VzdG9tQXV0aGVudGljYXRvcg=="; @@ -566,8 +563,12 @@ private Response createUserDefAuthenticator(String idpName, UserDefinedAuthentic @Test public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { - String body = readResource("add-idp-oidc-standard-based.json"); - Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + String oidcIdpPayload = readResource("add-oidc-idp.json"); + String oidcScopesProperties = convertToJasonPayload( + createAuthenticatorProperties("Scopes","openid country profile"), null); + String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + + Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() .assertThat() @@ -580,8 +581,13 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { assertNotNull(oidcIdPId); // update the OIDC IDP with duplicated scopes - String updateBody = readResource("update-idp-oidc-standard-based-duplicated-scopes.json"); - Response updateResponse = getResponseOfPut(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId + + String updateOidcIdpPayload = readResource("update-oidc-idp.json"); + String updateOidcScopesProperties = convertToJasonPayload( + createAuthenticatorProperties("Scopes","openid country profile"), + createAuthenticatorProperties("commonAuthQueryParams","scope=openid country profile")); + String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties); + + Response updateResponse = getResponseOfPutWithNoFilter(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId + PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody); updateResponse.then() .log().ifValidationFails() @@ -597,8 +603,12 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { @Test public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { - String body = readResource("add-idp-oidc-standard-based.json"); - Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + String oidcIdpPayload = readResource("add-oidc-idp.json"); + String oidcScopesProperties = convertToJasonPayload( + createAuthenticatorProperties("Scopes","openid country profile"), null); + String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + + Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() .assertThat() @@ -611,8 +621,12 @@ public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { assertNotNull(oidcIdPId); // update the OIDC IdP without openid scope - String updateBody = readResource("update-idp-oidc-without-openid-scope.json"); - Response updateResponse = getResponseOfPut(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId + + String updateOidcIdpPayload = readResource("update-oidc-idp.json"); + String updateOidcScopesProperties = convertToJasonPayload( + createAuthenticatorProperties("Scopes","country profile"), null); + String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties); + + Response updateResponse = getResponseOfPutWithNoFilter(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId + PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody); updateResponse.then() .log().ifValidationFails() @@ -627,9 +641,10 @@ public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { @Test public void addSamlIdPWithoutMetadata() throws IOException { - String body = readResource("add-saml-idp-without-metadata.json"); - Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + String samlIdpPayload = readResource("add-saml-idp.json"); + String body = samlIdpPayload.replace(METADATA_SAML_PLACEHOLDER, ""); + Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() .assertThat() @@ -660,4 +675,23 @@ private void deleteCreatedIdP(String idPId) { .body("description", equalTo("Unable to find a resource matching the provided identity " + "provider identifier " + idPId + ".")); } + + private Map createAuthenticatorProperties(String key, String value) { + + Map authenticatorProps = new HashMap<>(); + authenticatorProps.put("key", key); + authenticatorProps.put("value", value); + return authenticatorProps; + } + + public String convertToJasonPayload(Map scopes, Map commonAuthQueryParams) + throws JsonProcessingException { + + ObjectMapper objectMapper = new ObjectMapper(); + if (commonAuthQueryParams != null) { + return objectMapper.writeValueAsString(scopes) + "," + + objectMapper.writeValueAsString(commonAuthQueryParams); + } + return objectMapper.writeValueAsString(scopes); + } } diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java index 0af2658d79..548ac1ad81 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java @@ -17,6 +17,7 @@ package org.wso2.identity.integration.test.rest.api.server.idp.v1; import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; import io.restassured.RestAssured; import io.restassured.response.Response; import org.apache.commons.lang.StringUtils; @@ -57,6 +58,8 @@ public class IdPSuccessTest extends IdPTestBase { private static final String FEDERATED_AUTHENTICATOR_ID_PLACEHOLDER = ""; private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER = "\"\""; private static final String IDP_NAME_PLACEHOLDER = ""; + private static final String METADATA_SAML_PLACEHOLDER = ""; + private static final String OIDC_SCOPES_PLACEHOLDER = "\"\""; private static final String FEDERATED_AUTHENTICATOR_ID = "Y3VzdG9tQXV0aGVudGljYXRvcg"; private static final String CUSTOM_IDP_NAME = "Custom Auth IDP"; private static final String ENDPOINT_URI = "https://abc.com/authenticate"; @@ -456,8 +459,15 @@ public void addIdPWithoutAuthenticator() throws IOException { @Test public void addIdPWithDuplicatedOIDCScopes() throws IOException { - String body = readResource("add-oidc-idp-with-duplicated-scopes.json"); - Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + String oidcIdpPayload = readResource("add-oidc-idp.json"); + String oidcScopesProperties = convertToJasonPayload( + createAuthenticatorProperties("Scopes","openid country profile"), + createAuthenticatorProperties("commonAuthQueryParams","scope=openid country profile")); +// String oidcScopesProperties = convertToJasonPayload( +// createAuthenticatorProperties("openid country profile","scope=openid country profile")); + String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + + Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() .assertThat() @@ -479,8 +489,12 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException { @Test public void addOIDCIdPWithoutOpenidScope() throws IOException { - String body = readResource("add-oidc-idp-without-openid-scope.json"); - Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + String oidcIdpPayload = readResource("add-oidc-idp.json"); + String oidcScopesProperties = convertToJasonPayload( + createAuthenticatorProperties("Scopes","country profile"), null); + String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + + Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() .assertThat() @@ -498,8 +512,11 @@ public void addOIDCIdPWithoutOpenidScope() throws IOException { @Test public void addSAMLStandardBasedIdP() throws IOException { - String body = readResource("add-saml-idp.json"); - Response response = getResponseOfPost(IDP_API_BASE_PATH, body); + String samlIdpPayload = readResource("add-saml-idp.json"); + String body = samlIdpPayload.replace(METADATA_SAML_PLACEHOLDER, retrieveMetadataSamlFile( + "test-metadata-saml.xml")); + + Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() .assertThat() @@ -1055,4 +1072,33 @@ private void deleteCreatedIdP(String idPId) { .body("description", equalTo("Unable to find a resource matching the provided identity " + "provider identifier " + idPId + ".")); } + + /** + * Retrieves saml metadata content from the provided file. + * @return content of file as String + * @throws IOException if an error occurred while reading the file. + */ + private String retrieveMetadataSamlFile(String xmlFileName) throws IOException { + + String metadata = readResource(xmlFileName); + return new String(Base64.getEncoder().encode(metadata.getBytes())); + } + + private Map createAuthenticatorProperties(String key, String value) { + + Map authenticatorProps = new HashMap<>(); + authenticatorProps.put("key", key); + authenticatorProps.put("value", value); + return authenticatorProps; + } + + private String convertToJasonPayload(Map scopes, Map commonAuthQueryParams) + throws JsonProcessingException { + + ObjectMapper objectMapper = new ObjectMapper(); + if (commonAuthQueryParams != null) { + return objectMapper.writeValueAsString(scopes) + "," + objectMapper.writeValueAsString(commonAuthQueryParams); + } + return objectMapper.writeValueAsString(scopes); + } } diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json deleted file mode 100644 index 48bc382c0a..0000000000 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-with-duplicated-scopes.json +++ /dev/null @@ -1,112 +0,0 @@ -{ - "name": "Google-3", - "description": "IDP for Google Federation", - "image": "google-logo-url", - "isPrimary": false, - "isFederationHub": false, - "homeRealmIdentifier": "localhost", - "certificate": { - "certificates": [ - "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURzRENDQXBpZ0F3SUJBZ0lKQUs0eml2ckVsYzBJTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdETVJFd0R3WUQKVlFRRERBaENkV1JrYUdsdFlURUxNQWtHQTFVRUJoTUNVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBTwpCZ05WQkFjTUIwTnZiRzl0WW04eERUQUxCZ05WQkFvTUJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKCktvWklodmNOQVFrQkZoSmlkV1JrYUdsdFlYVkFkM052TWk1amIyMHdJQmNOTVRrd056RTJNRFF5TXpFd1doZ1AKTXpBeE9ERXhNVFl3TkRJek1UQmFNSUdETVJFd0R3WURWUVFEREFoQ2RXUmthR2x0WVRFTE1Ba0dBMVVFQmhNQwpVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBT0JnTlZCQWNNQjBOdmJHOXRZbTh4RFRBTEJnTlZCQW9NCkJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKS29aSWh2Y05BUWtCRmhKaWRXUmthR2x0WVhWQWQzTnYKTWk1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDcFo3V09VMTZpeGpiQwpiWGR3R3JhTW5xbmxnb2kzMDN5aVFxbHAySzlWTmZHT21nTlFhdFdlbjB0MVVWcjYxd0Y4eVlHaDJyc1lnbithCjhwYXVmUVVQQ1laeFRFR1FpT2RPZ0RNcE5tWW82ZHU2K2MvenJqcHNncGh5SHIxNEZPVHAxaVRDSXBmanVwVjEKd1BUeXJveURySGRvMkpuOHI3V3F1cklJVTRBYllBN2NrdVVqL0tqYUovTTZrZitwRFd5SVJvaDBKTFJlWWM4UQp5bmhYcjdrQWp5RnFqNitnWndBYkh4ckhrckVzYTJoVjQ0UFJXWjFQUERxTCswVU8veE1hQW5udndsdGd4QlVpCkhLUTFXWDVwdVVPaC9kQTQ5b0RsbEpraHpxd2d5eDQxc1FYbFNhVmdKaklUZVdSQmdvNnh6ajNmd3VvenBGS1gKbzRaeXBITDNBZ01CQUFHakl6QWhNQjhHQTFVZEVRUVlNQmFDQkhkemJ6S0NDSGR6YnpJdVkyOXRnZ1IzYzI4eQpNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJTSzBKa1pyYlpvYmRDNHhZSG1IcnlVbkZVbkZZWUFvZmc0TFVGCkJRbWxDY0NKR0ZwR1BtN2ZDWHM0Y0h4Z0hPVTN5SkhtQ2pYaU9FRTc2dzhIU0NRcVhkNmROSEwxRkxtN0pqQTUKTEZmbHhiWXNOcmVVNVpJTmREVGZvWmxSSXR0Mkd4MlpIa3pjQVRJZm1yUFNwODV2WDhGem1mbTNBVTVpM3FXZQo4a2YyZk5nQjlMbE5XRFk1V09paVlHUWMrRk13WWdLcDJkNGM3dzMrWnRTUXJWRy9YdGpqYTJYV09Xdm1sV3dLCnB4b3pyNjIvTTdUUmVkc3hJNU90bzJvWExGZXp1MUdCWHdpNEFaempMSFVsNWpSR2hMbkNZa05qdWZGZi9EQ0cKeUFWdnpMVXQwZ2F0b0dJdTV2eG9la05JVWV5YTZpRzJBaG9jSmM0SEJMT3l4TXE3Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" - ] - }, - "alias": "https://localhost:9444/oauth2/token", - "claims": { - "userIdClaim": { - "uri": "http://wso2.org/claims/username" - }, - "roleClaim": { - "uri": "http://wso2.org/claims/role" - }, - "provisioningClaims": [ - { - "claim": { - "uri": "http://wso2.org/claims/username" - }, - "defaultValue": "sathya" - } - ] - }, - "roles": { - "mappings": [ - { - "idpRole": "google-manager", - "localRole": "admin" - } - ], - "outboundProvisioningRoles": [ - "admin" - ] - }, - "federatedAuthenticators": { - "defaultAuthenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", - "authenticators": [ - { - "authenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", - "isEnabled": true, - "properties": [ - { - "key": "AdditionalQueryParameters", - "value": "scope=openid email profile" - }, - { - "key": "ClientId", - "value": "165474950684-7mvqd8m6hieb8mdnffcarnku2aua0tpl.apps.googleusercontent.com" - }, - { - "key": "ClientSecret", - "value": "testclientsecret" - }, - { - "key": "callbackUrl", - "value": "https://mydomain2.com:9443/commonauth" - } - ] - } - ] - }, - "provisioning": { - "jit": { - "isEnabled": true, - "scheme": "PROVISION_SILENTLY", - "userstore": "PRIMARY" - }, - "outboundConnectors": { - "defaultConnectorId": "c2NpbQ", - "connectors": [ - { - "connectorId": "c2NpbQ", - "isEnabled": true, - "blockingEnabled": false, - "rulesEnabled": false, - "properties": [ - { - "key": "scim-user-ep", - "value": "https://localhost:9445/userinfo" - }, - { - "key": "scim-username", - "value": "admin" - }, - { - "key": "scim-enable-pwd-provisioning", - "value": "true" - }, - { - "key": "scim-password", - "value": "admin" - }, - { - "key": "commonAuthQueryParams", - "value": "scope=openid country profile" - }, - { - "key": "Scopes", - "value": "openid country profile" - } - ] - } - ] - } - } -} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json deleted file mode 100644 index 21186d9768..0000000000 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp-without-openid-scope.json +++ /dev/null @@ -1,108 +0,0 @@ -{ - "name": "Google-3", - "description": "IDP for Google Federation", - "image": "google-logo-url", - "isPrimary": false, - "isFederationHub": false, - "homeRealmIdentifier": "localhost", - "certificate": { - "certificates": [ - "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURzRENDQXBpZ0F3SUJBZ0lKQUs0eml2ckVsYzBJTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdETVJFd0R3WUQKVlFRRERBaENkV1JrYUdsdFlURUxNQWtHQTFVRUJoTUNVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBTwpCZ05WQkFjTUIwTnZiRzl0WW04eERUQUxCZ05WQkFvTUJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKCktvWklodmNOQVFrQkZoSmlkV1JrYUdsdFlYVkFkM052TWk1amIyMHdJQmNOTVRrd056RTJNRFF5TXpFd1doZ1AKTXpBeE9ERXhNVFl3TkRJek1UQmFNSUdETVJFd0R3WURWUVFEREFoQ2RXUmthR2x0WVRFTE1Ba0dBMVVFQmhNQwpVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBT0JnTlZCQWNNQjBOdmJHOXRZbTh4RFRBTEJnTlZCQW9NCkJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKS29aSWh2Y05BUWtCRmhKaWRXUmthR2x0WVhWQWQzTnYKTWk1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDcFo3V09VMTZpeGpiQwpiWGR3R3JhTW5xbmxnb2kzMDN5aVFxbHAySzlWTmZHT21nTlFhdFdlbjB0MVVWcjYxd0Y4eVlHaDJyc1lnbithCjhwYXVmUVVQQ1laeFRFR1FpT2RPZ0RNcE5tWW82ZHU2K2MvenJqcHNncGh5SHIxNEZPVHAxaVRDSXBmanVwVjEKd1BUeXJveURySGRvMkpuOHI3V3F1cklJVTRBYllBN2NrdVVqL0tqYUovTTZrZitwRFd5SVJvaDBKTFJlWWM4UQp5bmhYcjdrQWp5RnFqNitnWndBYkh4ckhrckVzYTJoVjQ0UFJXWjFQUERxTCswVU8veE1hQW5udndsdGd4QlVpCkhLUTFXWDVwdVVPaC9kQTQ5b0RsbEpraHpxd2d5eDQxc1FYbFNhVmdKaklUZVdSQmdvNnh6ajNmd3VvenBGS1gKbzRaeXBITDNBZ01CQUFHakl6QWhNQjhHQTFVZEVRUVlNQmFDQkhkemJ6S0NDSGR6YnpJdVkyOXRnZ1IzYzI4eQpNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJTSzBKa1pyYlpvYmRDNHhZSG1IcnlVbkZVbkZZWUFvZmc0TFVGCkJRbWxDY0NKR0ZwR1BtN2ZDWHM0Y0h4Z0hPVTN5SkhtQ2pYaU9FRTc2dzhIU0NRcVhkNmROSEwxRkxtN0pqQTUKTEZmbHhiWXNOcmVVNVpJTmREVGZvWmxSSXR0Mkd4MlpIa3pjQVRJZm1yUFNwODV2WDhGem1mbTNBVTVpM3FXZQo4a2YyZk5nQjlMbE5XRFk1V09paVlHUWMrRk13WWdLcDJkNGM3dzMrWnRTUXJWRy9YdGpqYTJYV09Xdm1sV3dLCnB4b3pyNjIvTTdUUmVkc3hJNU90bzJvWExGZXp1MUdCWHdpNEFaempMSFVsNWpSR2hMbkNZa05qdWZGZi9EQ0cKeUFWdnpMVXQwZ2F0b0dJdTV2eG9la05JVWV5YTZpRzJBaG9jSmM0SEJMT3l4TXE3Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" - ] - }, - "alias": "https://localhost:9444/oauth2/token", - "claims": { - "userIdClaim": { - "uri": "http://wso2.org/claims/username" - }, - "roleClaim": { - "uri": "http://wso2.org/claims/role" - }, - "provisioningClaims": [ - { - "claim": { - "uri": "http://wso2.org/claims/username" - }, - "defaultValue": "sathya" - } - ] - }, - "roles": { - "mappings": [ - { - "idpRole": "google-manager", - "localRole": "admin" - } - ], - "outboundProvisioningRoles": [ - "admin" - ] - }, - "federatedAuthenticators": { - "defaultAuthenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", - "authenticators": [ - { - "authenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", - "isEnabled": true, - "properties": [ - { - "key": "AdditionalQueryParameters", - "value": "scope=openid email profile" - }, - { - "key": "ClientId", - "value": "165474950684-7mvqd8m6hieb8mdnffcarnku2aua0tpl.apps.googleusercontent.com" - }, - { - "key": "ClientSecret", - "value": "testclientsecret" - }, - { - "key": "callbackUrl", - "value": "https://mydomain2.com:9443/commonauth" - } - ] - } - ] - }, - "provisioning": { - "jit": { - "isEnabled": true, - "scheme": "PROVISION_SILENTLY", - "userstore": "PRIMARY" - }, - "outboundConnectors": { - "defaultConnectorId": "c2NpbQ", - "connectors": [ - { - "connectorId": "c2NpbQ", - "isEnabled": true, - "blockingEnabled": false, - "rulesEnabled": false, - "properties": [ - { - "key": "scim-user-ep", - "value": "https://localhost:9445/userinfo" - }, - { - "key": "scim-username", - "value": "admin" - }, - { - "key": "scim-enable-pwd-provisioning", - "value": "true" - }, - { - "key": "scim-password", - "value": "admin" - }, - { - "key": "Scopes", - "value": "country profile" - } - ] - } - ] - } - } -} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-oidc-standard-based.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json similarity index 71% rename from modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-oidc-standard-based.json rename to modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json index 1d5831d257..701f7daff8 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-oidc-standard-based.json +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json @@ -9,7 +9,7 @@ "outboundProvisioningRoles": [] }, "certificate": { - "jwksUri": "https://test.com/jwks", + "jwksUri": "https://localhost:9443/t/carbon.super/console/connections/templates", "certificates": [ "" ] @@ -30,25 +30,26 @@ "isEnabled": true, "authenticatorId": "T3BlbklEQ29ubmVjdEF1dGhlbnRpY2F0b3I", "properties": [ + "", { "key": "ClientId", - "value": "abcd1234wxyz5678ijklmnopqrst9012" + "value": "abcd1234-5678-90ef-ghij-klmnopqrstuv" }, { "key": "ClientSecret", - "value": "mnop3456qrst1234uvwx5678abcd9012" + "value": "A1b2C3d4E5F6g7H8i9J0kL1mN2oP3qR4" }, { "key": "OAuth2AuthzEPUrl", - "value": "https://test.com/authz" + "value": "https://localhost:9443/t/carbon.super/console/connections/templates" }, { "key": "OAuth2TokenEPUrl", - "value": "https://test.com/token" + "value": "https://localhost:9443/t/carbon.super/console/connections/templates" }, { "key": "callbackUrl", - "value": "https://test.com/commonauth" + "value": "https://localhost:9443/commonauth" } ] } diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json deleted file mode 100644 index 2be6d3bc33..0000000000 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp-without-metadata.json +++ /dev/null @@ -1,60 +0,0 @@ -{ - "name": "SAML IdP", - "alias": "", - "description": "Authenticate users with Enterprise SAML connections.", - "image": "assets/images/logos/enterprise.svg", - "isPrimary": false, - "roles": { - "mappings": [], - "outboundProvisioningRoles": [] - }, - "certificate": { - "certificates": [ - "" - ] - }, - "claims": { - "userIdClaim": { - "uri": "" - }, - "provisioningClaims": [], - "roleClaim": { - "uri": "" - } - }, - "federatedAuthenticators": { - "defaultAuthenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I", - "authenticators": [ - { - "isEnabled": true, - "authenticatorId": "U0FNTFNTT0F1dGhlbnRpY2F0b3I", - "properties": [ - { - "key": "SPEntityId", - "value": "https://test.idp.com" - }, - { - "key": "meta_data_saml", - "value": "" - }, - { - "key": "SelectMode", - "value": "Metadata File Configuration" - }, - { - "key": "IsUserIdInClaims", - "value": "false" - }, - { - "key": "IsSLORequestAccepted", - "value": "false" - } - ] - } - ] - }, - "homeRealmIdentifier": "", - "isFederationHub": false, - "idpIssuerName": "", - "templateId": "enterprise-saml-idp" -} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json index 61f1b5d3f4..a473267063 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-saml-idp.json @@ -35,7 +35,7 @@ }, { "key": "meta_data_saml", - "value": "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPEVudGl0eURlc2NyaXB0b3IgZW50aXR5SUQ9Imh0dHBzOi8vdGVzdC5pZHAuY29tIiB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm1ldGFkYXRhIj4KICAgIDxJRFBTU09EZXNjcmlwdG9yIHByb3RvY29sU3VwcG9ydEVudW1lcmF0aW9uPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPgoKICAgICAgICA8IS0tIFNpbmdsZSBTaWduLU9uIFNlcnZpY2UgLS0+CiAgICAgICAgPFNpbmdsZVNpZ25PblNlcnZpY2UKICAgICAgICAgICAgICAgIEJpbmRpbmc9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpiaW5kaW5nczpIVFRQLVJlZGlyZWN0IgogICAgICAgICAgICAgICAgTG9jYXRpb249Imh0dHBzOi8vdGVzdC5pZHAuY29tL3NzbyIvPgoKICAgICAgICA8U2luZ2xlU2lnbk9uU2VydmljZQogICAgICAgICAgICAgICAgQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIKICAgICAgICAgICAgICAgIExvY2F0aW9uPSJodHRwczovL3Rlc3QuaWRwLmNvbS9zc28iLz4KCiAgICA8L0lEUFNTT0Rlc2NyaXB0b3I+CgogICAgPCEtLSBPcmdhbml6YXRpb24gSW5mb3JtYXRpb24gLS0+CiAgICA8T3JnYW5pemF0aW9uPgogICAgICAgIDxPcmdhbml6YXRpb25OYW1lIHhtbDpsYW5nPSJlbiI+VGVzdCBJZGVudGl0eSBQcm92aWRlcjwvT3JnYW5pemF0aW9uTmFtZT4KICAgICAgICA8T3JnYW5pemF0aW9uRGlzcGxheU5hbWUgeG1sOmxhbmc9ImVuIj5UZXN0IElkUDwvT3JnYW5pemF0aW9uRGlzcGxheU5hbWU+CiAgICAgICAgPE9yZ2FuaXphdGlvblVSTCB4bWw6bGFuZz0iZW4iPmh0dHBzOi8vdGVzdC5pZHAuY29tPC9Pcmdhbml6YXRpb25VUkw+CiAgICA8L09yZ2FuaXphdGlvbj4KCiAgICA8IS0tIENvbnRhY3QgSW5mb3JtYXRpb24gLS0+CiAgICA8Q29udGFjdFBlcnNvbiBjb250YWN0VHlwZT0idGVjaG5pY2FsIj4KICAgICAgICA8R2l2ZW5OYW1lPlN1cHBvcnQgVGVhbTwvR2l2ZW5OYW1lPgogICAgICAgIDxFbWFpbEFkZHJlc3M+c3VwcG9ydEB0ZXN0LmNvbTwvRW1haWxBZGRyZXNzPgogICAgPC9Db250YWN0UGVyc29uPgo8L0VudGl0eURlc2NyaXB0b3I+Cg==" + "value": "" }, { "key": "SelectMode", diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/test-metadata-saml.xml b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/test-metadata-saml.xml new file mode 100644 index 0000000000..3c83898a18 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/test-metadata-saml.xml @@ -0,0 +1,28 @@ + + + + + + + + + + + + + + Test Identity Provider + Test IdP + https://test.idp.com + + + + + Support Team + support@test.com + + diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-standard-based-duplicated-scopes.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-standard-based-duplicated-scopes.json deleted file mode 100644 index 701256b253..0000000000 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-standard-based-duplicated-scopes.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "authenticatorId": "T3BlbklEQ29ubmVjdEF1dGhlbnRpY2F0b3I", - "isEnabled": true, - "isDefault": true, - "properties": [ - { - "key": "commonAuthQueryParams", - "value": "scope=openid country profile" - }, - { - "key": "Scopes", - "value": "openid country profile" - } - ] -} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-without-openid-scope.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-oidc-idp.json similarity index 65% rename from modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-without-openid-scope.json rename to modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-oidc-idp.json index 77b1162493..383a992414 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-idp-oidc-without-openid-scope.json +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/update-oidc-idp.json @@ -2,10 +2,8 @@ "authenticatorId": "T3BlbklEQ29ubmVjdEF1dGhlbnRpY2F0b3I", "isEnabled": true, "isDefault": true, + "definedBy": "SYSTEM", "properties": [ - { - "key": "Scopes", - "value": "country profile" - } + "" ] } From c4e099dbfdc2d88cae35e0316ffd751a45f3d610 Mon Sep 17 00:00:00 2001 From: Shenali Date: Mon, 9 Dec 2024 12:23:25 +0530 Subject: [PATCH 06/10] Update OIDC IdP create payload --- .../test/rest/api/server/idp/v1/add-oidc-idp.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json index 701f7daff8..5a45b2c100 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json @@ -9,7 +9,7 @@ "outboundProvisioningRoles": [] }, "certificate": { - "jwksUri": "https://localhost:9443/t/carbon.super/console/connections/templates", + "jwksUri": "https://test.com/jwks", "certificates": [ "" ] @@ -33,23 +33,23 @@ "", { "key": "ClientId", - "value": "abcd1234-5678-90ef-ghij-klmnopqrstuv" + "value": "abcd1234wxyz5678ijklmnopqrst9012" }, { "key": "ClientSecret", - "value": "A1b2C3d4E5F6g7H8i9J0kL1mN2oP3qR4" + "value": "mnop3456qrst1234uvwx5678abcd9012" }, { "key": "OAuth2AuthzEPUrl", - "value": "https://localhost:9443/t/carbon.super/console/connections/templates" + "value": "https://test.com/authz" }, { "key": "OAuth2TokenEPUrl", - "value": "https://localhost:9443/t/carbon.super/console/connections/templates" + "value": "https://test.com/token" }, { "key": "callbackUrl", - "value": "https://localhost:9443/commonauth" + "value": "https://test.com/commonauth" } ] } From 2f657bedfa3cad42fd8c65f54e3b0befbc4119e0 Mon Sep 17 00:00:00 2001 From: Shenali Date: Mon, 9 Dec 2024 21:57:45 +0530 Subject: [PATCH 07/10] Addressed comments --- .../api/server/idp/v1/IdPFailureTest.java | 42 +++++-- .../api/server/idp/v1/IdPSuccessTest.java | 47 +++++-- ...add-idp-with-duplicated-property-keys.json | 116 ------------------ .../test/rest/api/server/idp/v1/add-idp.json | 3 +- 4 files changed, 68 insertions(+), 140 deletions(-) delete mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java index e52d919568..2a4e2a9ddc 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java @@ -59,6 +59,7 @@ public class IdPFailureTest extends IdPTestBase { private static final String IDP_NAME_PLACEHOLDER = ""; private static final String METADATA_SAML_PLACEHOLDER = ""; private static final String OIDC_SCOPES_PLACEHOLDER = "\"\""; + private static final String AUTHENTICATOR_PROPERTIES_PLACEHOLDER = "\"\""; private static final String CUSTOM_IDP_NAME = "CustomAuthIDP"; private static final String USER_DEFINED_AUTHENTICATOR_ID_1 = "Y3VzdG9tQXV0aGVudGljYXRvcjE="; private static final String USER_DEFINED_AUTHENTICATOR_ID_2 = "Y3VzdG9tQXV0aGVudGljYXRvcg=="; @@ -146,7 +147,12 @@ public void addIdPWithDuplicateProperties() throws IOException { @Test public void testAddIdPWithDuplicatedPropertyKeys() throws IOException { - String body = readResource("add-idp-with-duplicated-property-keys.json"); + String addIdpPayload = readResource("add-idp.json"); + String duplicatedProperties = convertDuplicatedPropertiesToJson( + createAuthenticatorProperties("username","admin"), + createAuthenticatorProperties("username", "adminTest")); + String body = addIdpPayload.replace(AUTHENTICATOR_PROPERTIES_PLACEHOLDER, duplicatedProperties); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() @@ -564,7 +570,7 @@ private Response createUserDefAuthenticator(String idpName, UserDefinedAuthentic public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { String oidcIdpPayload = readResource("add-oidc-idp.json"); - String oidcScopesProperties = convertToJasonPayload( + String oidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","openid country profile"), null); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); @@ -582,7 +588,7 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { // update the OIDC IDP with duplicated scopes String updateOidcIdpPayload = readResource("update-oidc-idp.json"); - String updateOidcScopesProperties = convertToJasonPayload( + String updateOidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","openid country profile"), createAuthenticatorProperties("commonAuthQueryParams","scope=openid country profile")); String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties); @@ -604,7 +610,7 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { String oidcIdpPayload = readResource("add-oidc-idp.json"); - String oidcScopesProperties = convertToJasonPayload( + String oidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","openid country profile"), null); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); @@ -622,7 +628,7 @@ public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { // update the OIDC IdP without openid scope String updateOidcIdpPayload = readResource("update-oidc-idp.json"); - String updateOidcScopesProperties = convertToJasonPayload( + String updateOidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","country profile"), null); String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties); @@ -676,6 +682,13 @@ private void deleteCreatedIdP(String idPId) { "provider identifier " + idPId + ".")); } + /** + * Creates a map of authenticator properties with a provided key and value. + * + * @param key Authenticator key. + * @param value Authenticator value. + * @return a map containing the authenticator properties. + */ private Map createAuthenticatorProperties(String key, String value) { Map authenticatorProps = new HashMap<>(); @@ -684,14 +697,23 @@ private Map createAuthenticatorProperties(String key, String val return authenticatorProps; } - public String convertToJasonPayload(Map scopes, Map commonAuthQueryParams) + /** + * Converts a map of properties and an optional map of duplicated properties into a JSON string. + * If duplicated properties are provided, they are appended to the JSON string of the original properties. + * + * @param properties Main map of properties. + * @param duplicatedProperties Map of duplicated properties. + * @return a JSON string representation of the properties and duplicated properties. + * @throws JsonProcessingException if there is an error during JSON conversion. + */ + private String convertDuplicatedPropertiesToJson(Map properties, + Map duplicatedProperties) throws JsonProcessingException { ObjectMapper objectMapper = new ObjectMapper(); - if (commonAuthQueryParams != null) { - return objectMapper.writeValueAsString(scopes) + "," + - objectMapper.writeValueAsString(commonAuthQueryParams); + if (duplicatedProperties != null) { + return objectMapper.writeValueAsString(properties) + "," + objectMapper.writeValueAsString(duplicatedProperties); } - return objectMapper.writeValueAsString(scopes); + return objectMapper.writeValueAsString(properties); } } diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java index 548ac1ad81..3ea856512a 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java @@ -60,6 +60,7 @@ public class IdPSuccessTest extends IdPTestBase { private static final String IDP_NAME_PLACEHOLDER = ""; private static final String METADATA_SAML_PLACEHOLDER = ""; private static final String OIDC_SCOPES_PLACEHOLDER = "\"\""; + private static final String AUTHENTICATOR_PROPERTIES_PLACEHOLDER = "\"\""; private static final String FEDERATED_AUTHENTICATOR_ID = "Y3VzdG9tQXV0aGVudGljYXRvcg"; private static final String CUSTOM_IDP_NAME = "Custom Auth IDP"; private static final String ENDPOINT_URI = "https://abc.com/authenticate"; @@ -417,7 +418,11 @@ public void testDeleteIdPWithUserDefinedAuthenticator() { @Test(dependsOnMethods = {"testGetMetaOutboundConnector"}) public void testAddIdP() throws IOException { - String body = readResource("add-idp.json"); + String addIdpPayload = readResource("add-idp.json"); + String properties = convertDuplicatedPropertiesToJson( + createAuthenticatorProperties("username","admin"), null); + String body = addIdpPayload.replace(AUTHENTICATOR_PROPERTIES_PLACEHOLDER, properties); + Response response = getResponseOfPost(IDP_API_BASE_PATH, body); response.then() .log().ifValidationFails() @@ -460,11 +465,9 @@ public void addIdPWithoutAuthenticator() throws IOException { public void addIdPWithDuplicatedOIDCScopes() throws IOException { String oidcIdpPayload = readResource("add-oidc-idp.json"); - String oidcScopesProperties = convertToJasonPayload( + String oidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","openid country profile"), createAuthenticatorProperties("commonAuthQueryParams","scope=openid country profile")); -// String oidcScopesProperties = convertToJasonPayload( -// createAuthenticatorProperties("openid country profile","scope=openid country profile")); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); @@ -490,7 +493,7 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException { public void addOIDCIdPWithoutOpenidScope() throws IOException { String oidcIdpPayload = readResource("add-oidc-idp.json"); - String oidcScopesProperties = convertToJasonPayload( + String oidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","country profile"), null); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); @@ -513,7 +516,7 @@ public void addOIDCIdPWithoutOpenidScope() throws IOException { public void addSAMLStandardBasedIdP() throws IOException { String samlIdpPayload = readResource("add-saml-idp.json"); - String body = samlIdpPayload.replace(METADATA_SAML_PLACEHOLDER, retrieveMetadataSamlFile( + String body = samlIdpPayload.replace(METADATA_SAML_PLACEHOLDER, loadMetadataSamlFile( "test-metadata-saml.xml")); Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); @@ -593,7 +596,7 @@ public void testSearchAllIdPs() throws XPathExpressionException { } @Test - public void testInvalidSearchAllIdPs() { + public void testSearchIdPByNonExistentIdPName() { Response response = getResponseOfGetWithQueryParams(IDP_API_BASE_PATH, Collections.singletonMap("filter", "name sw InvalidIdP")); @@ -1074,16 +1077,24 @@ private void deleteCreatedIdP(String idPId) { } /** - * Retrieves saml metadata content from the provided file. + * Load saml metadata content from the provided file. + * * @return content of file as String * @throws IOException if an error occurred while reading the file. */ - private String retrieveMetadataSamlFile(String xmlFileName) throws IOException { + private String loadMetadataSamlFile(String xmlFileName) throws IOException { String metadata = readResource(xmlFileName); return new String(Base64.getEncoder().encode(metadata.getBytes())); } + /** + * Creates a map of authenticator properties with a provided key and value. + * + * @param key Authenticator key. + * @param value Authenticator value. + * @return a map containing the authenticator properties. + */ private Map createAuthenticatorProperties(String key, String value) { Map authenticatorProps = new HashMap<>(); @@ -1092,13 +1103,23 @@ private Map createAuthenticatorProperties(String key, String val return authenticatorProps; } - private String convertToJasonPayload(Map scopes, Map commonAuthQueryParams) + /** + * Converts a map of properties and an optional map of duplicated properties into a JSON string. + * If duplicated properties are provided, they are appended to the JSON string of the original properties. + * + * @param properties Main map of properties. + * @param duplicatedProperties Map of duplicated properties. + * @return a JSON string representation of the properties and duplicated properties. + * @throws JsonProcessingException if there is an error during JSON conversion. + */ + private String convertDuplicatedPropertiesToJson(Map properties, + Map duplicatedProperties) throws JsonProcessingException { ObjectMapper objectMapper = new ObjectMapper(); - if (commonAuthQueryParams != null) { - return objectMapper.writeValueAsString(scopes) + "," + objectMapper.writeValueAsString(commonAuthQueryParams); + if (duplicatedProperties != null) { + return objectMapper.writeValueAsString(properties) + "," + objectMapper.writeValueAsString(duplicatedProperties); } - return objectMapper.writeValueAsString(scopes); + return objectMapper.writeValueAsString(properties); } } diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json deleted file mode 100644 index 19f40cd9e8..0000000000 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp-with-duplicated-property-keys.json +++ /dev/null @@ -1,116 +0,0 @@ -{ - "name": "Google-3", - "description": "IDP for Google Federation", - "image": "google-logo-url", - "isPrimary": false, - "isFederationHub": false, - "homeRealmIdentifier": "localhost", - "certificate": { - "certificates": [ - "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURzRENDQXBpZ0F3SUJBZ0lKQUs0eml2ckVsYzBJTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdETVJFd0R3WUQKVlFRRERBaENkV1JrYUdsdFlURUxNQWtHQTFVRUJoTUNVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBTwpCZ05WQkFjTUIwTnZiRzl0WW04eERUQUxCZ05WQkFvTUJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKCktvWklodmNOQVFrQkZoSmlkV1JrYUdsdFlYVkFkM052TWk1amIyMHdJQmNOTVRrd056RTJNRFF5TXpFd1doZ1AKTXpBeE9ERXhNVFl3TkRJek1UQmFNSUdETVJFd0R3WURWUVFEREFoQ2RXUmthR2x0WVRFTE1Ba0dBMVVFQmhNQwpVMHd4RURBT0JnTlZCQWdNQjFkbGMzUmxjbTR4RURBT0JnTlZCQWNNQjBOdmJHOXRZbTh4RFRBTEJnTlZCQW9NCkJGZFRUekl4Q3pBSkJnTlZCQXNNQWxGQk1TRXdId1lKS29aSWh2Y05BUWtCRmhKaWRXUmthR2x0WVhWQWQzTnYKTWk1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDcFo3V09VMTZpeGpiQwpiWGR3R3JhTW5xbmxnb2kzMDN5aVFxbHAySzlWTmZHT21nTlFhdFdlbjB0MVVWcjYxd0Y4eVlHaDJyc1lnbithCjhwYXVmUVVQQ1laeFRFR1FpT2RPZ0RNcE5tWW82ZHU2K2MvenJqcHNncGh5SHIxNEZPVHAxaVRDSXBmanVwVjEKd1BUeXJveURySGRvMkpuOHI3V3F1cklJVTRBYllBN2NrdVVqL0tqYUovTTZrZitwRFd5SVJvaDBKTFJlWWM4UQp5bmhYcjdrQWp5RnFqNitnWndBYkh4ckhrckVzYTJoVjQ0UFJXWjFQUERxTCswVU8veE1hQW5udndsdGd4QlVpCkhLUTFXWDVwdVVPaC9kQTQ5b0RsbEpraHpxd2d5eDQxc1FYbFNhVmdKaklUZVdSQmdvNnh6ajNmd3VvenBGS1gKbzRaeXBITDNBZ01CQUFHakl6QWhNQjhHQTFVZEVRUVlNQmFDQkhkemJ6S0NDSGR6YnpJdVkyOXRnZ1IzYzI4eQpNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJTSzBKa1pyYlpvYmRDNHhZSG1IcnlVbkZVbkZZWUFvZmc0TFVGCkJRbWxDY0NKR0ZwR1BtN2ZDWHM0Y0h4Z0hPVTN5SkhtQ2pYaU9FRTc2dzhIU0NRcVhkNmROSEwxRkxtN0pqQTUKTEZmbHhiWXNOcmVVNVpJTmREVGZvWmxSSXR0Mkd4MlpIa3pjQVRJZm1yUFNwODV2WDhGem1mbTNBVTVpM3FXZQo4a2YyZk5nQjlMbE5XRFk1V09paVlHUWMrRk13WWdLcDJkNGM3dzMrWnRTUXJWRy9YdGpqYTJYV09Xdm1sV3dLCnB4b3pyNjIvTTdUUmVkc3hJNU90bzJvWExGZXp1MUdCWHdpNEFaempMSFVsNWpSR2hMbkNZa05qdWZGZi9EQ0cKeUFWdnpMVXQwZ2F0b0dJdTV2eG9la05JVWV5YTZpRzJBaG9jSmM0SEJMT3l4TXE3Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" - ] - }, - "alias": "https://localhost:9444/oauth2/token", - "claims": { - "userIdClaim": { - "uri": "http://wso2.org/claims/username" - }, - "roleClaim": { - "uri": "http://wso2.org/claims/role" - }, - "provisioningClaims": [ - { - "claim": { - "uri": "http://wso2.org/claims/username" - }, - "defaultValue": "sathya" - } - ] - }, - "roles": { - "mappings": [ - { - "idpRole": "google-manager", - "localRole": "admin" - } - ], - "outboundProvisioningRoles": [ - "admin" - ] - }, - "federatedAuthenticators": { - "defaultAuthenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", - "authenticators": [ - { - "authenticatorId": "R29vZ2xlT0lEQ0F1dGhlbnRpY2F0b3I", - "isEnabled": true, - "properties": [ - { - "key": "AdditionalQueryParameters", - "value": "scope=openid email profile" - }, - { - "key": "ClientId", - "value": "165474950684-7mvqd8m6hieb8mdnffcarnku2aua0tpl.apps.googleusercontent.com" - }, - { - "key": "ClientSecret", - "value": "testclientsecret" - }, - { - "key": "callbackUrl", - "value": "https://mydomain2.com:9443/commonauth" - } - ] - } - ] - }, - "provisioning": { - "jit": { - "isEnabled": true, - "scheme": "PROVISION_SILENTLY", - "userstore": "PRIMARY" - }, - "outboundConnectors": { - "defaultConnectorId": "c2NpbQ", - "connectors": [ - { - "connectorId": "c2NpbQ", - "isEnabled": true, - "blockingEnabled": false, - "rulesEnabled": false, - "properties": [ - { - "key": "scim-user-ep", - "value": "https://localhost:9445/userinfo" - }, - { - "key": "scim-username", - "value": "admin" - }, - { - "key": "scim-username", - "value": "admin2" - }, - { - "key": "scim-enable-pwd-provisioning", - "value": "true" - }, - { - "key": "scim-password", - "value": "admin" - }, - { - "key": "commonAuthQueryParams", - "value": "scope=openid country profile" - }, - { - "key": "Scopes", - "value": "openid country profile" - } - ] - } - ] - } - } -} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp.json index abe0d6c9f2..2c1291df23 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp.json +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-idp.json @@ -60,7 +60,8 @@ { "key": "callbackUrl", "value": "https://mydomain2.com:9443/commonauth" - } + }, + "" ] } ] From e084e26462686f6a36f1dd42c5ecdfa645c4419d Mon Sep 17 00:00:00 2001 From: Shenali Date: Tue, 10 Dec 2024 10:39:23 +0530 Subject: [PATCH 08/10] Bump api-server version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7b3b9a9676..f56aaf9533 100755 --- a/pom.xml +++ b/pom.xml @@ -2468,7 +2468,7 @@ 2.0.17 - 1.3.6 + 1.3.7 1.3.46 5.5.9 From 3c49e9e848865a395f53cf4801fe873f59479130 Mon Sep 17 00:00:00 2001 From: Shenali Date: Tue, 10 Dec 2024 15:21:41 +0530 Subject: [PATCH 09/10] Template OIDC IdP Name --- .../test/rest/api/server/idp/v1/IdPFailureTest.java | 5 ++++- .../test/rest/api/server/idp/v1/IdPSuccessTest.java | 5 ++++- .../test/rest/api/server/idp/v1/add-oidc-idp.json | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java index 2a4e2a9ddc..56398a9e26 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPFailureTest.java @@ -57,6 +57,7 @@ public class IdPFailureTest extends IdPTestBase { private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_1 = "\"\""; private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_2 = "\"\""; private static final String IDP_NAME_PLACEHOLDER = ""; + private static final String OIDC_IDP_NAME_PLACEHOLDER = ""; private static final String METADATA_SAML_PLACEHOLDER = ""; private static final String OIDC_SCOPES_PLACEHOLDER = "\"\""; private static final String AUTHENTICATOR_PROPERTIES_PLACEHOLDER = "\"\""; @@ -573,6 +574,7 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { String oidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","openid country profile"), null); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + body = body.replace(OIDC_IDP_NAME_PLACEHOLDER, "OIDC-IdP-3"); Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() @@ -606,13 +608,14 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException { deleteCreatedIdP(oidcIdPId); } - @Test + @Test(dependsOnMethods = "testUpdateIdPWithDuplicateOIDCScopes") public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException { String oidcIdpPayload = readResource("add-oidc-idp.json"); String oidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","openid country profile"), null); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + body = body.replace(OIDC_IDP_NAME_PLACEHOLDER, "OIDC-IdP-4"); Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java index df4de455da..c4b59dd883 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/idp/v1/IdPSuccessTest.java @@ -58,6 +58,7 @@ public class IdPSuccessTest extends IdPTestBase { private static final String FEDERATED_AUTHENTICATOR_ID_PLACEHOLDER = ""; private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER = "\"\""; private static final String IDP_NAME_PLACEHOLDER = ""; + private static final String OIDC_IDP_NAME_PLACEHOLDER = ""; private static final String METADATA_SAML_PLACEHOLDER = ""; private static final String OIDC_SCOPES_PLACEHOLDER = "\"\""; private static final String AUTHENTICATOR_PROPERTIES_PLACEHOLDER = "\"\""; @@ -471,6 +472,7 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException { createAuthenticatorProperties("Scopes","openid country profile"), createAuthenticatorProperties("commonAuthQueryParams","scope=openid country profile")); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + body = body.replace(OIDC_IDP_NAME_PLACEHOLDER, "OIDC-IdP-1"); Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() @@ -491,13 +493,14 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException { * There seem to be some concerns related to internal validations used in functionality associated with this. * This is being tracked with the issue: https://github.com/wso2/product-is/issues/21928 */ - @Test + @Test(dependsOnMethods = "addIdPWithDuplicatedOIDCScopes") public void addOIDCIdPWithoutOpenidScope() throws IOException { String oidcIdpPayload = readResource("add-oidc-idp.json"); String oidcScopesProperties = convertDuplicatedPropertiesToJson( createAuthenticatorProperties("Scopes","country profile"), null); String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties); + body = body.replace(OIDC_IDP_NAME_PLACEHOLDER, "OIDC-IdP-2"); Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body); response.then() diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json index 5a45b2c100..bb4d02b7fc 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/idp/v1/add-oidc-idp.json @@ -1,5 +1,5 @@ { - "name": "OIDC IdP", + "name": "", "alias": "", "description": "Authenticate users with Enterprise OIDC connections.", "image": "assets/images/logos/enterprise.svg", From f8c2f30326d782555901761906090f395dc396bc Mon Sep 17 00:00:00 2001 From: Shenali Date: Tue, 10 Dec 2024 15:22:21 +0530 Subject: [PATCH 10/10] Bump api-server version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index f56aaf9533..4b3317eba2 100755 --- a/pom.xml +++ b/pom.xml @@ -2468,7 +2468,7 @@ 2.0.17 - 1.3.7 + 1.3.9 1.3.46 5.5.9