Fix some test

indigo-iam · Oct 24, 2023 · bd69d32 · bd69d32
1 parent bd9764d
commit bd69d32
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 28 deletions.
diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/ExtendedAuthenticationToken.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/ExtendedAuthenticationToken.java
@@ -46,6 +46,7 @@
  */
 public class ExtendedAuthenticationToken extends AbstractAuthenticationToken {
 
+  private static final long serialVersionUID = 1L;
   private final Object principal;
   private Object credentials;
   private Set<IamAuthenticationMethodReference> authenticationMethodReferences = new HashSet<>();
@@ -66,23 +67,6 @@ public ExtendedAuthenticationToken(Object principal, Object credentials,
     this.credentials = credentials;
   }
 
-  // public ExtendedAuthenticationToken(Object principal, Object credentials,
-  // Set<IamAuthenticationMethodReference> authenticationMethodReferences) {
-  // super(null);
-  // this.principal = principal;
-  // this.credentials = credentials;
-  // this.authenticationMethodReferences = authenticationMethodReferences;
-  // }
-
-  // public ExtendedAuthenticationToken(Object principal, Object credentials,
-  // Collection<? extends GrantedAuthority> authorities,
-  // Set<IamAuthenticationMethodReference> authenticationMethodReferences) {
-  // super(authorities);
-  // this.principal = principal;
-  // this.credentials = credentials;
-  // this.authenticationMethodReferences = authenticationMethodReferences;
-  // }
-
   public ExtendedAuthenticationToken(ExtendedAuthenticationToken other) {
     super(other.getAuthorities());
     this.principal = other.getPrincipal();

diff --git a/...ce/src/main/java/it/infn/mw/iam/core/oauth/FormClientCredentialsAuthenticationFilter.java b/...ce/src/main/java/it/infn/mw/iam/core/oauth/FormClientCredentialsAuthenticationFilter.java
@@ -24,14 +24,13 @@
 import javax.servlet.http.HttpServletResponse;
 
 import org.springframework.security.authentication.InsufficientAuthenticationException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
-import it.infn.mw.iam.core.ExtendedAuthenticationToken;
-
 public class FormClientCredentialsAuthenticationFilter
     extends AbstractAuthenticationProcessingFilter {
 
@@ -62,8 +61,8 @@ public Authentication attemptAuthentication(HttpServletRequest request,
       throw new InsufficientAuthenticationException("No client credentials found in request");
     }
 
-    ExtendedAuthenticationToken authRequest =
-        new ExtendedAuthenticationToken(clientId.trim(), clientSecret);
+    UsernamePasswordAuthenticationToken authRequest =
+        new UsernamePasswordAuthenticationToken(clientId.trim(), clientSecret);
 
     return this.getAuthenticationManager().authenticate(authRequest);
   }

diff --git a/...c/test/java/it/infn/mw/iam/test/multi_factor_authentication/MfaVerifyControllerTests.java b/...c/test/java/it/infn/mw/iam/test/multi_factor_authentication/MfaVerifyControllerTests.java
@@ -40,8 +40,6 @@
 
 import it.infn.mw.iam.persistence.repository.IamAccountRepository;
 import it.infn.mw.iam.persistence.repository.IamTotpMfaRepository;
-import it.infn.mw.iam.test.util.WithAnonymousUser;
-import it.infn.mw.iam.test.util.WithMockPreAuthenticatedUser;
 import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest;
 
 @RunWith(SpringRunner.class)
@@ -61,26 +59,24 @@ public class MfaVerifyControllerTests extends MultiFactorTestSupport {
 
   @Before
   public void setup() {
-    when(accountRepository.findByUsername(TEST_USERNAME)).thenReturn(Optional.of(TOTP_MFA_ACCOUNT));
-    when(totpMfaRepository.findByAccount(TOTP_MFA_ACCOUNT)).thenAnswer(i -> i.getArguments()[0]);
+    when(accountRepository.findByUsername(TEST_USERNAME)).thenReturn(Optional.of(TEST_ACCOUNT));
+    when(accountRepository.findByUsername(TOTP_USERNAME)).thenReturn(Optional.of(TOTP_MFA_ACCOUNT));
 
     mvc =
         MockMvcBuilders.webAppContextSetup(context).apply(springSecurity()).alwaysDo(log()).build();
   }
 
   @Test
-  @WithMockPreAuthenticatedUser
+  @WithMockUser(username = "test-mfa-user", authorities = {"ROLE_PRE_AUTHENTICATED"})
   public void testGetVerifyMfaView() throws Exception {
     mvc.perform(get(MFA_VERIFY_URL))
       .andExpect(status().isOk())
       .andExpect(model().attributeExists("factors"));
 
-    verify(accountRepository, times(1)).findByUsername(TEST_USERNAME);
     verify(totpMfaRepository, times(1)).findByAccount(TOTP_MFA_ACCOUNT);
   }
 
   @Test
-  @WithAnonymousUser
   public void testGetMfaVerifyViewNoAuthenticationIsUnauthorized() throws Exception {
     mvc.perform(get(MFA_VERIFY_URL)).andExpect(status().isUnauthorized());
   }