diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/ExtendedAuthenticationToken.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/ExtendedAuthenticationToken.java index 4250992cf..df4d28d3d 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/core/ExtendedAuthenticationToken.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/ExtendedAuthenticationToken.java @@ -46,6 +46,7 @@ */ public class ExtendedAuthenticationToken extends AbstractAuthenticationToken { + private static final long serialVersionUID = 1L; private final Object principal; private Object credentials; private Set authenticationMethodReferences = new HashSet<>(); @@ -66,23 +67,6 @@ public ExtendedAuthenticationToken(Object principal, Object credentials, this.credentials = credentials; } - // public ExtendedAuthenticationToken(Object principal, Object credentials, - // Set authenticationMethodReferences) { - // super(null); - // this.principal = principal; - // this.credentials = credentials; - // this.authenticationMethodReferences = authenticationMethodReferences; - // } - - // public ExtendedAuthenticationToken(Object principal, Object credentials, - // Collection authorities, - // Set authenticationMethodReferences) { - // super(authorities); - // this.principal = principal; - // this.credentials = credentials; - // this.authenticationMethodReferences = authenticationMethodReferences; - // } - public ExtendedAuthenticationToken(ExtendedAuthenticationToken other) { super(other.getAuthorities()); this.principal = other.getPrincipal(); diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/FormClientCredentialsAuthenticationFilter.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/FormClientCredentialsAuthenticationFilter.java index 0f35c22ec..91f9e9c61 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/FormClientCredentialsAuthenticationFilter.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/FormClientCredentialsAuthenticationFilter.java @@ -24,14 +24,13 @@ import javax.servlet.http.HttpServletResponse; import org.springframework.security.authentication.InsufficientAuthenticationException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import it.infn.mw.iam.core.ExtendedAuthenticationToken; - public class FormClientCredentialsAuthenticationFilter extends AbstractAuthenticationProcessingFilter { @@ -62,8 +61,8 @@ public Authentication attemptAuthentication(HttpServletRequest request, throw new InsufficientAuthenticationException("No client credentials found in request"); } - ExtendedAuthenticationToken authRequest = - new ExtendedAuthenticationToken(clientId.trim(), clientSecret); + UsernamePasswordAuthenticationToken authRequest = + new UsernamePasswordAuthenticationToken(clientId.trim(), clientSecret); return this.getAuthenticationManager().authenticate(authRequest); } diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/multi_factor_authentication/MfaVerifyControllerTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/multi_factor_authentication/MfaVerifyControllerTests.java index 4995dbe01..4566a5efa 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/multi_factor_authentication/MfaVerifyControllerTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/multi_factor_authentication/MfaVerifyControllerTests.java @@ -40,8 +40,6 @@ import it.infn.mw.iam.persistence.repository.IamAccountRepository; import it.infn.mw.iam.persistence.repository.IamTotpMfaRepository; -import it.infn.mw.iam.test.util.WithAnonymousUser; -import it.infn.mw.iam.test.util.WithMockPreAuthenticatedUser; import it.infn.mw.iam.test.util.annotation.IamMockMvcIntegrationTest; @RunWith(SpringRunner.class) @@ -61,26 +59,24 @@ public class MfaVerifyControllerTests extends MultiFactorTestSupport { @Before public void setup() { - when(accountRepository.findByUsername(TEST_USERNAME)).thenReturn(Optional.of(TOTP_MFA_ACCOUNT)); - when(totpMfaRepository.findByAccount(TOTP_MFA_ACCOUNT)).thenAnswer(i -> i.getArguments()[0]); + when(accountRepository.findByUsername(TEST_USERNAME)).thenReturn(Optional.of(TEST_ACCOUNT)); + when(accountRepository.findByUsername(TOTP_USERNAME)).thenReturn(Optional.of(TOTP_MFA_ACCOUNT)); mvc = MockMvcBuilders.webAppContextSetup(context).apply(springSecurity()).alwaysDo(log()).build(); } @Test - @WithMockPreAuthenticatedUser + @WithMockUser(username = "test-mfa-user", authorities = {"ROLE_PRE_AUTHENTICATED"}) public void testGetVerifyMfaView() throws Exception { mvc.perform(get(MFA_VERIFY_URL)) .andExpect(status().isOk()) .andExpect(model().attributeExists("factors")); - verify(accountRepository, times(1)).findByUsername(TEST_USERNAME); verify(totpMfaRepository, times(1)).findByAccount(TOTP_MFA_ACCOUNT); } @Test - @WithAnonymousUser public void testGetMfaVerifyViewNoAuthenticationIsUnauthorized() throws Exception { mvc.perform(get(MFA_VERIFY_URL)).andExpect(status().isUnauthorized()); }