diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509AuthenticationIntegrationTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509AuthenticationIntegrationTests.java index 04fedd564..a4cf1b9cd 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509AuthenticationIntegrationTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509AuthenticationIntegrationTests.java @@ -219,7 +219,7 @@ public void testx509AccountLinking() throws Exception { .andExpect( flash().attribute(ACCOUNT_LINKING_DASHBOARD_MESSAGE_KEY, equalTo(confirmationMsg))); - linkedAccount = iamAccountRepo.findByUsername("test") + linkedAccount = iamAccountRepo.findByCertificateSubject(TEST_0_SUBJECT) .orElseThrow(() -> new AssertionFailedError("Expected user linked to certificate not found")); assertThat(linkedAccount.getX509Certificates().size(), is(2)); @@ -266,6 +266,9 @@ public void testx509AccountLinkingWithDifferentSubjectAndIssuer() throws Excepti .andExpect( flash().attribute(ACCOUNT_LINKING_DASHBOARD_MESSAGE_KEY, equalTo(confirmationMsg))); + linkedAccount = iamAccountRepo.findByCertificateSubject(TEST_1_SUBJECT) + .orElseThrow(() -> new AssertionFailedError("Expected user linked to certificate not found")); + assertThat(linkedAccount.getX509Certificates().size(), is(2)); } diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509TestSupport.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509TestSupport.java index 75e0b46f0..c6cba6b2f 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509TestSupport.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509TestSupport.java @@ -329,7 +329,7 @@ private HttpHeaders test0SSLHeaders(boolean verified, String verificationError) private HttpHeaders test2SSLHeaders(boolean verified, String verificationError) { HttpHeaders headers = new HttpHeaders(); headers.add(DefaultX509AuthenticationCredentialExtractor.Headers.CLIENT_CERT.getHeader(), - TEST_0_CERT_STRING_NGINX); + TEST_1_CERT_STRING_NGINX); headers.add(DefaultX509AuthenticationCredentialExtractor.Headers.SUBJECT.getHeader(), TEST_1_SUBJECT); diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAccountRepository.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAccountRepository.java index 2a20c853d..225a9637e 100644 --- a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAccountRepository.java +++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/repository/IamAccountRepository.java @@ -65,7 +65,7 @@ Optional findByUsernameWithDifferentUUID(@Param("username") String u Optional findByEmailWithDifferentUUID(@Param("emailAddress") String emailAddress, @Param("uuid") String uuid); - @Query("select a from IamAccount a join a.x509Certificates c where c.subjectDn = :subject") + @Query("select distinct a from IamAccount a join a.x509Certificates c where c.subjectDn = :subject") Optional findByCertificateSubject(@Param("subject") String subject); @Query("select a from IamAccount a join a.x509Certificates c where c.certificate = :certificate")