1 | package gov.va.med.edp.springframework.security.userdetails.vistalink;
|
---|
2 |
|
---|
3 | import gov.va.med.edp.springframework.security.userdetails.VistaUserDetails;
|
---|
4 | import gov.va.med.edp.vistalink.AbstractVistaLinkConnectionTest;
|
---|
5 | import gov.va.med.vistalink.security.m.SecurityAccessVerifyCodePairInvalidException;
|
---|
6 | import gov.va.med.vistalink.adapter.record.VistaLinkFaultException;
|
---|
7 | import org.springframework.security.BadCredentialsException;
|
---|
8 | import org.springframework.dao.PermissionDeniedDataAccessException;
|
---|
9 | import org.easymock.MockControl;
|
---|
10 |
|
---|
11 | import javax.resource.ResourceException;
|
---|
12 | import java.io.IOException;
|
---|
13 |
|
---|
14 | public class VistaLinkUserDetailServiceTest extends AbstractVistaLinkConnectionTest {
|
---|
15 |
|
---|
16 | private static final String TEST_DUZ = "12345";
|
---|
17 | private static final String TEST_STATION_NUMBER = "982";
|
---|
18 | private static final String TEST_SIGNON_LOG_IEN = "3080311.14052001";
|
---|
19 |
|
---|
20 | private static final String TEST_ACCESS_CODE = "FOOBAR";
|
---|
21 | private static final String TEST_VERIFY_CODE = "BARFOO";
|
---|
22 | private static final String TEST_CLIENT_IP_ADDRESS = "10.0.1.201";
|
---|
23 | private static final String TEST_APPLICATION_NAME = "Test Application Name";
|
---|
24 |
|
---|
25 | private VistaLinkUserDetailService userDetailService = new VistaLinkUserDetailService();
|
---|
26 |
|
---|
27 | protected String getStationNumber() {
|
---|
28 | return TEST_STATION_NUMBER;
|
---|
29 | }
|
---|
30 |
|
---|
31 | protected void setUp() throws Exception {
|
---|
32 | super.setUp();
|
---|
33 | setExpectedTimeOut(VistaLinkUserDetailService.DEFAULT_TIMEOUT);
|
---|
34 | userDetailService.setConnectionFactoryLocator(mockConnectionFactoryLocator);
|
---|
35 | userDetailService.setApplicationName(TEST_APPLICATION_NAME);
|
---|
36 | userDetailService.afterPropertiesSet();
|
---|
37 | }
|
---|
38 |
|
---|
39 | public void testDefaultTimeOut() {
|
---|
40 | assertEquals(VistaLinkUserDetailService.DEFAULT_TIMEOUT, userDetailService.getRpcTemplate().getTimeOut());
|
---|
41 | }
|
---|
42 |
|
---|
43 | public void testRequiredApplicationName() {
|
---|
44 | try {
|
---|
45 | userDetailService = new VistaLinkUserDetailService();
|
---|
46 | userDetailService.setConnectionFactoryLocator(mockConnectionFactoryLocator);
|
---|
47 | userDetailService.afterPropertiesSet();
|
---|
48 | fail("expected illegal argument exception");
|
---|
49 | } catch (IllegalArgumentException e) {
|
---|
50 |
|
---|
51 | }
|
---|
52 | }
|
---|
53 |
|
---|
54 | public void testMissingCredentialsThrowsBadCredentials() {
|
---|
55 | try {
|
---|
56 | userDetailService.login(TEST_STATION_NUMBER, null, null, null);
|
---|
57 | fail("expected bad credentials exception");
|
---|
58 | } catch (BadCredentialsException e) {
|
---|
59 | // NOOP
|
---|
60 | }
|
---|
61 | try {
|
---|
62 | userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, TEST_VERIFY_CODE, null);
|
---|
63 | fail("expected bad credentials exception");
|
---|
64 | } catch (BadCredentialsException e) {
|
---|
65 | // NOOP
|
---|
66 | }
|
---|
67 | try {
|
---|
68 | userDetailService.login(TEST_STATION_NUMBER, null, TEST_VERIFY_CODE, TEST_CLIENT_IP_ADDRESS);
|
---|
69 | fail("expected bad credentials exception");
|
---|
70 | } catch (BadCredentialsException e) {
|
---|
71 | // NOOP
|
---|
72 | }
|
---|
73 | try {
|
---|
74 | userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, null, TEST_CLIENT_IP_ADDRESS);
|
---|
75 | fail("expected bad credentials exception");
|
---|
76 | } catch (BadCredentialsException e) {
|
---|
77 | // NOOP
|
---|
78 | }
|
---|
79 | }
|
---|
80 |
|
---|
81 | // public void testAuthenticateFailsForIncorrectPasswordCase() {
|
---|
82 | // UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "KOala");
|
---|
83 | //
|
---|
84 | // DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
|
---|
85 | // provider.setUserDetailsService(new MockAuthenticationDaoUserrod());
|
---|
86 | // provider.setUserCache(new MockUserCache());
|
---|
87 | //
|
---|
88 | // try {
|
---|
89 | // provider.authenticate(token);
|
---|
90 | // fail("Should have thrown BadCredentialsException");
|
---|
91 | // } catch (BadCredentialsException expected) {
|
---|
92 | // assertTrue(true);
|
---|
93 | // }
|
---|
94 | // }
|
---|
95 |
|
---|
96 | // test for expired credentials
|
---|
97 | // test for bad credentials after an expired credentials result
|
---|
98 |
|
---|
99 | // public void testAuthenticateFailsWithEmptyUsername() {
|
---|
100 | // UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, "koala");
|
---|
101 | //
|
---|
102 | // DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
|
---|
103 | // provider.setUserDetailsService(new MockAuthenticationDaoUserrod());
|
---|
104 | // provider.setUserCache(new MockUserCache());
|
---|
105 | //
|
---|
106 | // try {
|
---|
107 | // provider.authenticate(token);
|
---|
108 | // fail("Should have thrown BadCredentialsException");
|
---|
109 | // } catch (BadCredentialsException expected) {
|
---|
110 | // assertTrue(true);
|
---|
111 | // }
|
---|
112 | // }
|
---|
113 |
|
---|
114 | //
|
---|
115 |
|
---|
116 | public void testAuthenticateFailsWithInvalidPassword() throws IOException {
|
---|
117 | expectVistaLinkAccessVerifyConnection(TEST_ACCESS_CODE, "flibberty-floo", TEST_CLIENT_IP_ADDRESS);
|
---|
118 | expectRpcAndDefaultThrow(VistaLinkUserDetailService.RPC_CONTEXT, VistaLinkUserDetailService.GET_USER_INFO_RPC, createParams(TEST_CLIENT_IP_ADDRESS, TEST_APPLICATION_NAME), new PermissionDeniedDataAccessException("", new SecurityAccessVerifyCodePairInvalidException(new VistaLinkFaultException())));
|
---|
119 | replay();
|
---|
120 |
|
---|
121 | try {
|
---|
122 | userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, "flibberty-floo", TEST_CLIENT_IP_ADDRESS);
|
---|
123 | fail("Should have thrown BadCredentialsException");
|
---|
124 | } catch (BadCredentialsException expected) {
|
---|
125 | assertTrue(true);
|
---|
126 | }
|
---|
127 | }
|
---|
128 |
|
---|
129 | public void testLogout() {
|
---|
130 | MockControl userControl = MockControl.createControl(VistaUserDetails.class);
|
---|
131 | VistaUserDetails user = (VistaUserDetails) userControl.getMock();
|
---|
132 |
|
---|
133 | userControl.expectAndReturn(user.getDuz(), TEST_DUZ);
|
---|
134 | userControl.expectAndReturn(user.getLoginStationNumber(), TEST_STATION_NUMBER);
|
---|
135 | userControl.expectAndReturn(user.getSignonLogInternalEntryNumber(), TEST_SIGNON_LOG_IEN);
|
---|
136 |
|
---|
137 | expectVistaLinkDuzConnection(TEST_DUZ);
|
---|
138 | expectRpcAndReturn(VistaLinkUserDetailService.RPC_CONTEXT, VistaLinkUserDetailService.LOGOUT_RPC_NAME, createParams(TEST_SIGNON_LOG_IEN), "<foo/>");
|
---|
139 |
|
---|
140 | replay();
|
---|
141 | userControl.replay();
|
---|
142 |
|
---|
143 | userDetailService.logout(user);
|
---|
144 |
|
---|
145 | verify();
|
---|
146 | userControl.verify();
|
---|
147 | }
|
---|
148 |
|
---|
149 | public void testLogin() throws IOException {
|
---|
150 | expectVistaLinkAccessVerifyConnection(TEST_ACCESS_CODE, TEST_VERIFY_CODE, TEST_CLIENT_IP_ADDRESS);
|
---|
151 | expectRpcAndReturnXmlResource(VistaLinkUserDetailService.RPC_CONTEXT, VistaLinkUserDetailService.GET_USER_INFO_RPC, createParams(TEST_CLIENT_IP_ADDRESS, TEST_APPLICATION_NAME), "successfulLoginResponse.xml");
|
---|
152 | replay();
|
---|
153 |
|
---|
154 | VistaUserDetails user = userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, TEST_VERIFY_CODE, TEST_CLIENT_IP_ADDRESS);
|
---|
155 |
|
---|
156 | assertNotNull(user);
|
---|
157 | assertEquals(TEST_STATION_NUMBER, user.getLoginStationNumber());
|
---|
158 | assertEquals(TEST_DUZ, user.getDuz());
|
---|
159 | assertEquals(TEST_SIGNON_LOG_IEN, user.getSignonLogInternalEntryNumber());
|
---|
160 | assertEquals("Bar,Foo", user.getPersonName());
|
---|
161 | assertEquals("Foo Bar", user.getDisplayName());
|
---|
162 | assertEquals("BAR", user.getFamilyName());
|
---|
163 | assertEquals("FOO", user.getGivenName());
|
---|
164 | assertNull(user.getMiddleName());
|
---|
165 | assertNull(user.getPrefix());
|
---|
166 | assertNull(user.getSuffix());
|
---|
167 | assertNull(user.getDegree());
|
---|
168 |
|
---|
169 | verify();
|
---|
170 | }
|
---|
171 |
|
---|
172 | protected void expectVistaLinkAccessVerifyConnection(String accessCode, String verifyCode, String clientIpAddress) {
|
---|
173 | try {
|
---|
174 | mockConnectionFactoryControl.expectAndDefaultReturn(mockConnectionFactory.getConnection(new VistaLinkAccessVerifyConnectionSpec(getStationNumber(), accessCode, verifyCode, clientIpAddress)), mockVistaLinkConnection);
|
---|
175 | } catch (ResourceException e) {
|
---|
176 | fail("unexpected exception: " + e.getMessage());
|
---|
177 | }
|
---|
178 | }
|
---|
179 | }
|
---|
180 |
|
---|
181 | /* source for java 5 and newer easymock
|
---|
182 | import gov.va.med.edp.springframework.security.userdetails.VistaUserDetails;
|
---|
183 | import static gov.va.med.edp.springframework.security.userdetails.vistalink.VistaLinkUserDetailService.*;
|
---|
184 | import gov.va.med.edp.vistalink.AbstractVistaLinkConnectionTest;
|
---|
185 | import gov.va.med.edp.springframework.security.userdetails.vistalink.VistaLinkAccessVerifyConnectionSpec;
|
---|
186 | import gov.va.med.edp.springframework.security.userdetails.vistalink.VistaLinkUserDetailService;
|
---|
187 | import gov.va.med.vistalink.security.m.SecurityAccessVerifyCodePairInvalidException;
|
---|
188 | import gov.va.med.vistalink.adapter.record.VistaLinkFaultException;
|
---|
189 | import org.springframework.security.BadCredentialsException;
|
---|
190 | import org.easymock.EasyMock;
|
---|
191 | import static org.easymock.EasyMock.expect;
|
---|
192 | import org.springframework.dao.PermissionDeniedDataAccessException;
|
---|
193 |
|
---|
194 | import javax.resource.ResourceException;
|
---|
195 | import java.io.IOException;
|
---|
196 |
|
---|
197 | public class VistaLinkUserDetailServiceTest extends AbstractVistaLinkConnectionTest {
|
---|
198 |
|
---|
199 | private static final String TEST_DUZ = "12345";
|
---|
200 | private static final String TEST_STATION_NUMBER = "982";
|
---|
201 | private static final String TEST_SIGNON_LOG_IEN = "3080311.14052001";
|
---|
202 |
|
---|
203 | private static final String TEST_ACCESS_CODE = "FOOBAR";
|
---|
204 | private static final String TEST_VERIFY_CODE = "BARFOO";
|
---|
205 | private static final String TEST_CLIENT_IP_ADDRESS = "10.0.1.201";
|
---|
206 | private static final String TEST_APPLICATION_NAME = "Test Application Name";
|
---|
207 |
|
---|
208 | private VistaLinkUserDetailService userDetailService = new VistaLinkUserDetailService();
|
---|
209 |
|
---|
210 | protected String getStationNumber() {
|
---|
211 | return TEST_STATION_NUMBER;
|
---|
212 | }
|
---|
213 |
|
---|
214 | protected void setUp() throws Exception {
|
---|
215 | super.setUp();
|
---|
216 | setExpectedTimeOut(VistaLinkUserDetailService.DEFAULT_TIMEOUT);
|
---|
217 | userDetailService.setConnectionFactoryLocator(mockConnectionFactoryLocator);
|
---|
218 | userDetailService.setApplicationName(TEST_APPLICATION_NAME);
|
---|
219 | userDetailService.afterPropertiesSet();
|
---|
220 | }
|
---|
221 |
|
---|
222 | public void testDefaultTimeOut() {
|
---|
223 | assertEquals(VistaLinkUserDetailService.DEFAULT_TIMEOUT, userDetailService.getRpcTemplate().getTimeOut());
|
---|
224 | }
|
---|
225 |
|
---|
226 | public void testMissingCredentialsThrowsBadCredentials() {
|
---|
227 | try {
|
---|
228 | userDetailService.login(TEST_STATION_NUMBER, null, null, null);
|
---|
229 | fail("expected bad credentials exception");
|
---|
230 | } catch (BadCredentialsException e) {
|
---|
231 | // NOOP
|
---|
232 | }
|
---|
233 | try {
|
---|
234 | userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, TEST_VERIFY_CODE, null);
|
---|
235 | fail("expected bad credentials exception");
|
---|
236 | } catch (BadCredentialsException e) {
|
---|
237 | // NOOP
|
---|
238 | }
|
---|
239 | try {
|
---|
240 | userDetailService.login(TEST_STATION_NUMBER, null, TEST_VERIFY_CODE, TEST_CLIENT_IP_ADDRESS);
|
---|
241 | fail("expected bad credentials exception");
|
---|
242 | } catch (BadCredentialsException e) {
|
---|
243 | // NOOP
|
---|
244 | }
|
---|
245 | try {
|
---|
246 | userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, null, TEST_CLIENT_IP_ADDRESS);
|
---|
247 | fail("expected bad credentials exception");
|
---|
248 | } catch (BadCredentialsException e) {
|
---|
249 | // NOOP
|
---|
250 | }
|
---|
251 | }
|
---|
252 |
|
---|
253 | // public void testAuthenticateFailsForIncorrectPasswordCase() {
|
---|
254 | // UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("rod", "KOala");
|
---|
255 | //
|
---|
256 | // DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
|
---|
257 | // provider.setUserDetailsService(new MockAuthenticationDaoUserrod());
|
---|
258 | // provider.setUserCache(new MockUserCache());
|
---|
259 | //
|
---|
260 | // try {
|
---|
261 | // provider.authenticate(token);
|
---|
262 | // fail("Should have thrown BadCredentialsException");
|
---|
263 | // } catch (BadCredentialsException expected) {
|
---|
264 | // assertTrue(true);
|
---|
265 | // }
|
---|
266 | // }
|
---|
267 |
|
---|
268 | // test for expired credentials
|
---|
269 | // test for bad credentials after an expired credentials result
|
---|
270 |
|
---|
271 | // public void testAuthenticateFailsWithEmptyUsername() {
|
---|
272 | // UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, "koala");
|
---|
273 | //
|
---|
274 | // DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
|
---|
275 | // provider.setUserDetailsService(new MockAuthenticationDaoUserrod());
|
---|
276 | // provider.setUserCache(new MockUserCache());
|
---|
277 | //
|
---|
278 | // try {
|
---|
279 | // provider.authenticate(token);
|
---|
280 | // fail("Should have thrown BadCredentialsException");
|
---|
281 | // } catch (BadCredentialsException expected) {
|
---|
282 | // assertTrue(true);
|
---|
283 | // }
|
---|
284 | // }
|
---|
285 | //
|
---|
286 | public void testAuthenticateFailsWithInvalidPassword() throws IOException {
|
---|
287 | expectVistaLinkAccessVerifyConnection(TEST_ACCESS_CODE, "flibberty-floo", TEST_CLIENT_IP_ADDRESS);
|
---|
288 | expectRpcAndDefaultThrow(RPC_CONTEXT, GET_USER_INFO_RPC, createParams(TEST_CLIENT_IP_ADDRESS, TEST_APPLICATION_NAME), new PermissionDeniedDataAccessException("", new SecurityAccessVerifyCodePairInvalidException(new VistaLinkFaultException())));
|
---|
289 | replay();
|
---|
290 |
|
---|
291 | try {
|
---|
292 | userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, "flibberty-floo", TEST_CLIENT_IP_ADDRESS);
|
---|
293 | fail("Should have thrown BadCredentialsException");
|
---|
294 | } catch (BadCredentialsException expected) {
|
---|
295 | assertTrue(true);
|
---|
296 | }
|
---|
297 | }
|
---|
298 |
|
---|
299 | public void testLogout() {
|
---|
300 | VistaUserDetails user = EasyMock.createMock(VistaUserDetails.class);
|
---|
301 | expect(user.getDuz()).andReturn(TEST_DUZ);
|
---|
302 | expect(user.getLoginStationNumber()).andReturn(TEST_STATION_NUMBER);
|
---|
303 | expect(user.getSignonLogInternalEntryNumber()).andReturn(TEST_SIGNON_LOG_IEN);
|
---|
304 |
|
---|
305 | expectVistaLinkDuzConnection(TEST_DUZ);
|
---|
306 | expectRpcAndReturn(RPC_CONTEXT, LOGOUT_RPC_NAME, createParams(TEST_SIGNON_LOG_IEN), "<foo/>");
|
---|
307 |
|
---|
308 | replay();
|
---|
309 | EasyMock.replay(user);
|
---|
310 |
|
---|
311 | userDetailService.logout(user);
|
---|
312 |
|
---|
313 | verify();
|
---|
314 | EasyMock.verify(user);
|
---|
315 | }
|
---|
316 |
|
---|
317 | public void testLogin() throws IOException {
|
---|
318 | expectVistaLinkAccessVerifyConnection(TEST_ACCESS_CODE, TEST_VERIFY_CODE, TEST_CLIENT_IP_ADDRESS);
|
---|
319 | expectRpcAndReturnXmlResource(RPC_CONTEXT, GET_USER_INFO_RPC, createParams(TEST_CLIENT_IP_ADDRESS, TEST_APPLICATION_NAME), "successfulLoginResponse.xml");
|
---|
320 | replay();
|
---|
321 |
|
---|
322 | VistaUserDetails user = userDetailService.login(TEST_STATION_NUMBER, TEST_ACCESS_CODE, TEST_VERIFY_CODE, TEST_CLIENT_IP_ADDRESS);
|
---|
323 |
|
---|
324 | assertNotNull(user);
|
---|
325 | assertEquals(TEST_STATION_NUMBER, user.getLoginStationNumber());
|
---|
326 | assertEquals(TEST_DUZ, user.getDuz());
|
---|
327 | assertEquals(TEST_SIGNON_LOG_IEN, user.getSignonLogInternalEntryNumber());
|
---|
328 | assertEquals("Bar,Foo", user.getPersonName());
|
---|
329 | assertEquals("Foo Bar", user.getDisplayName());
|
---|
330 | assertEquals("BAR", user.getFamilyName());
|
---|
331 | assertEquals("FOO", user.getGivenName());
|
---|
332 | assertNull(user.getMiddleName());
|
---|
333 | assertNull(user.getPrefix());
|
---|
334 | assertNull(user.getSuffix());
|
---|
335 | assertNull(user.getDegree());
|
---|
336 |
|
---|
337 | verify();
|
---|
338 | }
|
---|
339 |
|
---|
340 | protected void expectVistaLinkAccessVerifyConnection(String accessCode, String verifyCode, String clientIpAddress) {
|
---|
341 | try {
|
---|
342 | org.easymock.EasyMock.expect(mockConnectionFactory.getConnection(new VistaLinkAccessVerifyConnectionSpec(getStationNumber(), accessCode, verifyCode, clientIpAddress))).andReturn(mockVistaLinkConnection);
|
---|
343 | } catch (ResourceException e) {
|
---|
344 | fail("unexpected exception: " + e.getMessage());
|
---|
345 | }
|
---|
346 | }
|
---|
347 | }
|
---|
348 | */
|
---|