diff --git a/components/org.wso2.carbon.identity.application.authenticator.iproov.common/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/common/constants/IproovAuthenticatorConstants.java b/components/org.wso2.carbon.identity.application.authenticator.iproov.common/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/common/constants/IproovAuthenticatorConstants.java index a6220d1..f5b7800 100644 --- a/components/org.wso2.carbon.identity.application.authenticator.iproov.common/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/common/constants/IproovAuthenticatorConstants.java +++ b/components/org.wso2.carbon.identity.application.authenticator.iproov.common/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/common/constants/IproovAuthenticatorConstants.java @@ -57,10 +57,10 @@ public enum ErrorMessages { ERROR_CODE_INVALID_FEDERATED_AUTHENTICATOR("65021", "No IDP found with the name IDP: " + "%s in tenant: %s"), ERROR_CODE_INVALID_FEDERATED_USER_AUTHENTICATION("65023", "Can not handle federated user " + - "authentication with TOTP as JIT Provision is not enabled for the IDP: in the tenant: %s"), - ERROR_CODE_NO_AUTHENTICATED_USER("65004", "Can not find the authenticated user"), - ERROR_CODE_NO_FEDERATED_USER("65002", "No federated user found"), - ERROR_CODE_NO_USER_TENANT("65005", "Can not find the authenticated user's tenant domain"); + "authentication with TOTP as JIT Provision is not enabled for the IDP: in the tenant: %s."), + ERROR_CODE_NO_AUTHENTICATED_USER("65024", "Can not find the authenticated user."), + ERROR_CODE_NO_FEDERATED_USER("65025", "No federated user found."), + ERROR_CODE_NO_USER_TENANT("65026", "Can not find the authenticated user's tenant domain."); private final String code; private final String message; diff --git a/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticator.java b/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticator.java index 84cc29e..64f38ca 100644 --- a/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticator.java +++ b/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticator.java @@ -451,7 +451,7 @@ private IdentityProvider getIdentityProvider(String idpName, String tenantDomain * * @param authenticatedUser AuthenticatedUser. * @param context AuthenticationContext. - * @return Provisioned username + * @return Provisioned username. * @throws AuthenticationFailedException If an error occurred while getting the provisioned username. */ private String getMappedLocalUsername(AuthenticatedUser authenticatedUser, AuthenticationContext context) @@ -492,8 +492,7 @@ private AuthenticatedUser getAuthenticatedUserFromContext(AuthenticationContext USER_NOT_FOUND.getCode(), IproovAuthenticatorConstants.ErrorMessages.USER_NOT_FOUND.getMessage()); } - AuthenticatedUser authenticatedUser = new AuthenticatedUser(user); - if (StringUtils.isBlank(authenticatedUser.toFullQualifiedUsername())) { + if (StringUtils.isBlank(user.toFullQualifiedUsername())) { if (LOG.isDebugEnabled()) { LOG.debug("Username can not be empty."); } @@ -501,7 +500,7 @@ private AuthenticatedUser getAuthenticatedUserFromContext(AuthenticationContext USER_NOT_FOUND.getCode(), IproovAuthenticatorConstants.ErrorMessages.USER_NOT_FOUND.getMessage()); } - return authenticatedUser; + return user; } } } diff --git a/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/internal/IproovAuthenticatorDataHolder.java b/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/internal/IproovAuthenticatorDataHolder.java index f00e3e2..76f2e51 100644 --- a/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/internal/IproovAuthenticatorDataHolder.java +++ b/components/org.wso2.carbon.identity.application.authenticator.iproov/src/main/java/org/wso2/carbon/identity/application/authenticator/iproov/internal/IproovAuthenticatorDataHolder.java @@ -124,12 +124,21 @@ public static void setAccountLockService(AccountLockService accountLockService) IproovAuthenticatorDataHolder.accountLockService = accountLockService; } - + /** + * Get IdpManager. + * + * @return IdpManager. + */ public static IdpManager getIdpManager() { return idpManager; } + /** + * Set IdpManager. + * + * @param idpManager IdpManager. + */ public static void setIdpManager(IdpManager idpManager) { IproovAuthenticatorDataHolder.idpManager = idpManager; diff --git a/components/org.wso2.carbon.identity.application.authenticator.iproov/src/test/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticatorTest.java b/components/org.wso2.carbon.identity.application.authenticator.iproov/src/test/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticatorTest.java index 5b29f2f..b57d904 100644 --- a/components/org.wso2.carbon.identity.application.authenticator.iproov/src/test/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticatorTest.java +++ b/components/org.wso2.carbon.identity.application.authenticator.iproov/src/test/java/org/wso2/carbon/identity/application/authenticator/iproov/IproovAuthenticatorTest.java @@ -26,13 +26,17 @@ import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus; +import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig; +import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig; import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext; import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException; import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser; import org.wso2.carbon.identity.application.authenticator.iproov.common.constants.IproovAuthenticatorConstants; import org.wso2.carbon.identity.application.common.model.Property; +import java.util.HashMap; import java.util.List; +import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -61,6 +65,9 @@ public class IproovAuthenticatorTest { @Mock private HttpServletResponse httpServletResponse; + @Mock + private AuthenticatedUser mockedAuthenticatedUser; + @Spy private AuthenticationContext context; @@ -136,22 +143,38 @@ public void testGetContextIdentifier() { public void testProcessWithStatusCompletedWithAuthentication() throws AuthenticationFailedException { doReturn(true).when(mockedIproovAuthenticator).canHandle(httpServletRequest); - AuthenticatedUser authenticatedUser = new AuthenticatedUser(); - authenticatedUser.setUserId("testUser"); - when(context.getLastAuthenticatedUser()).thenReturn(authenticatedUser); + + setAuthenticatedUser(); mockHttpServletRequest("authentication"); doNothing().when(spy).processAuthenticationResponse(httpServletRequest, httpServletResponse, context); AuthenticatorFlowStatus status = spy.process(httpServletRequest, httpServletResponse, context); Assert.assertEquals(status, AuthenticatorFlowStatus.SUCCESS_COMPLETED); } + private void setAuthenticatedUser() { + + when(mockedAuthenticatedUser.toFullQualifiedUsername()).thenReturn("testUser@testDomain"); + when(mockedAuthenticatedUser.getUserName()).thenReturn("testUser"); + when(mockedAuthenticatedUser.getTenantDomain()).thenReturn("testDomain"); + when(mockedAuthenticatedUser.getUserStoreDomain()).thenReturn("testUserStoreDomain"); + + when(context.getProperty(IproovAuthenticatorConstants.AUTHENTICATED_USER)).thenReturn(mockedAuthenticatedUser); + when(context.getLastAuthenticatedUser()).thenReturn(mockedAuthenticatedUser); + StepConfig stepConfig = new StepConfig(); + stepConfig.setAuthenticatedUser(mockedAuthenticatedUser); + stepConfig.setSubjectAttributeStep(true); + Map stepConfigMap = new HashMap<>(); + stepConfigMap.put(1, stepConfig); + SequenceConfig sequenceConfig = new SequenceConfig(); + sequenceConfig.setStepMap(stepConfigMap); + when(context.getSequenceConfig()).thenReturn(sequenceConfig); + } @Test(description = "Test for initiateAuthenticationRequest method") public void testProcessWithStatusCompletedWithVerification() throws AuthenticationFailedException { doReturn(true).when(mockedIproovAuthenticator).canHandle(httpServletRequest); - AuthenticatedUser authenticatedUser = new AuthenticatedUser(); - authenticatedUser.setUserId("testUser"); - when(context.getLastAuthenticatedUser()).thenReturn(authenticatedUser); + + setAuthenticatedUser(); mockHttpServletRequest("enrollment"); doNothing().when(spy).processAuthenticationResponse(httpServletRequest, httpServletResponse, context); AuthenticatorFlowStatus status = spy.process(httpServletRequest, httpServletResponse, context); @@ -162,9 +185,8 @@ public void testProcessWithStatusCompletedWithVerification() throws Authenticati public void testProcessWithStatusIncompleteWithRetry() throws Exception { doReturn(true).when(mockedIproovAuthenticator).canHandle(httpServletRequest); - AuthenticatedUser authenticatedUser = new AuthenticatedUser(); - authenticatedUser.setUserId("testUser"); - when(context.getLastAuthenticatedUser()).thenReturn(authenticatedUser); + + setAuthenticatedUser(); mockHttpServletRequest("retry"); doNothing().when(spy).initiateIproovAuthenticationRequest(httpServletRequest, httpServletResponse, context); AuthenticatorFlowStatus status = spy.process(httpServletRequest, httpServletResponse, context);