diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/alias/AliasMockMvcTestBase.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/alias/AliasMockMvcTestBase.java index c1d1ec47d74..11f0b9682b1 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/alias/AliasMockMvcTestBase.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/alias/AliasMockMvcTestBase.java @@ -183,7 +183,6 @@ protected final String getAccessTokenForZone(final String zoneId) throws Excepti adminUser.getUserName(), adminUser.getPassword(), String.join(" ", scopesForZone), - IdentityZone.getUaaZoneId(), TokenConstants.TokenFormat.JWT // use JWT for later checking if all scopes are present ); diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 09b26ab5262..3dd3935d0be 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -1276,7 +1276,6 @@ private String getAccessTokenForZone(final String zoneId) throws Exception { adminUser.getUserName(), adminUser.getPassword(), String.join(" ", scopesForZone), - IdentityZone.getUaaZoneId(), TokenConstants.TokenFormat.JWT // use JWT for later checking if all scopes are present ); diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsMockMvcTests.java index 90b2089e576..ba55820bfae 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsMockMvcTests.java @@ -413,7 +413,7 @@ void createAndUpdateIdentityProviderInOtherZone() throws Exception { IdentityZone zone = MockMvcUtils.createZoneUsingWebRequest(mockMvc, identityToken); ScimUser user = MockMvcUtils.createAdminForZone(mockMvc, adminToken, "zones." + zone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); - String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); + String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.write"); eventListener.clearEvents(); IdentityProvider createdIDP = createIdentityProvider(zone.getId(), identityProvider, userAccessToken, status().isCreated()); @@ -433,7 +433,7 @@ void create_duplicate_saml_identity_provider_in_other_zone() throws Exception { IdentityZone zone = MockMvcUtils.createZoneUsingWebRequest(mockMvc, identityToken); ScimUser user = MockMvcUtils.createAdminForZone(mockMvc, adminToken, "zones." + zone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); - String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); + String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.write"); eventListener.clearEvents(); IdentityProvider identityProvider = MultitenancyFixture.identityProvider(origin1, zone.getId()); @@ -509,7 +509,7 @@ void readIdentityProviderInOtherZoneUsingZonesToken() throws Exception { IdentityZone zone = MockMvcUtils.createZoneUsingWebRequest(mockMvc, identityToken); ScimUser user = MockMvcUtils.createAdminForZone(mockMvc, adminToken, "zones." + zone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); - String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); + String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.write"); eventListener.clearEvents(); IdentityProvider createdIDP = createIdentityProvider(zone.getId(), identityProvider, userAccessToken, status().isCreated()); @@ -519,7 +519,7 @@ void readIdentityProviderInOtherZoneUsingZonesToken() throws Exception { addScopeToIdentityClient("zones.*.idps.read"); user = MockMvcUtils.createAdminForZone(mockMvc, adminToken, "zones." + zone.getId() + ".idps.read", IdentityZone.getUaaZoneId()); - userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.read", IdentityZone.getUaaZoneId()); + userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), "secr3T", "zones." + zone.getId() + ".idps.read"); MockHttpServletRequestBuilder requestBuilder = get("/identity-providers/" + createdIDP.getId()) .header("Authorization", "Bearer" + userAccessToken) @@ -560,7 +560,7 @@ void listIdpsInZone() throws Exception { void listIdpsInOtherZoneFromDefaultZone() throws Exception { IdentityZone identityZone = MockMvcUtils.createZoneUsingWebRequest(mockMvc, identityToken); ScimUser userInDefaultZone = MockMvcUtils.createAdminForZone(mockMvc, adminToken, "zones." + identityZone.getId() + ".idps.read" + ", zones." + identityZone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); - String zoneAdminToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", userInDefaultZone.getId(), userInDefaultZone.getUserName(), "secr3T", "zones." + identityZone.getId() + ".idps.read " + "zones." + identityZone.getId() + ".idps.write", IdentityZone.getUaaZoneId()); + String zoneAdminToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", userInDefaultZone.getId(), userInDefaultZone.getUserName(), "secr3T", "zones." + identityZone.getId() + ".idps.read " + "zones." + identityZone.getId() + ".idps.write"); IdentityProvider otherZoneIdp = MockMvcUtils.createIdpUsingWebRequest(mockMvc, identityZone.getId(), zoneAdminToken, MultitenancyFixture.identityProvider(new RandomValueStringGenerator().generate(), IdentityZone.getUaaZoneId()), status().isCreated()); diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/util/MockMvcUtils.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/util/MockMvcUtils.java index 443ad64a915..23746f2a0ad 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/util/MockMvcUtils.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/util/MockMvcUtils.java @@ -442,7 +442,7 @@ public static IdentityZoneCreationResult createOtherIdentityZoneAndReturnResult( // use that user to create an admin client in the new zone String zoneAdminAuthcodeToken = getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", - marissa.getId(), "marissa", "koala", zoneAdminScope, zoneId); + marissa.getId(), "marissa", "koala", zoneAdminScope); if (bootstrapClient != null) { if (useWebRequests) { @@ -866,8 +866,7 @@ public static String getZoneAdminToken(MockMvc mockMvc, String adminToken, Strin user.getId(), user.getUserName(), "secr3T", - group.getDisplayName(), - zoneId + group.getDisplayName() ); } @@ -945,15 +944,15 @@ public static String getClientOAuthAccessToken(MockMvc mockMvc, return getClientCredentialsOAuthAccessToken(mockMvc, clientId, clientSecret, scope, null, opaque); } - public static String getUserOAuthAccessTokenAuthCode(MockMvc mockMvc, String clientId, String clientSecret, String userId, String username, String password, String scope, String zoneId) throws Exception { - return getUserOAuthAccessTokenAuthCode(mockMvc, clientId, clientSecret, userId, username, password, scope, zoneId, OPAQUE); + public static String getUserOAuthAccessTokenAuthCode(MockMvc mockMvc, String clientId, String clientSecret, String userId, String username, String password, String scope) throws Exception { + return getUserOAuthAccessTokenAuthCode(mockMvc, clientId, clientSecret, userId, username, password, scope, OPAQUE); } - public static String getUserOAuthAccessTokenAuthCode(MockMvc mockMvc, String clientId, String clientSecret, String userId, String username, String password, String scope, String zoneId, TokenFormat tokenFormat) throws Exception { + public static String getUserOAuthAccessTokenAuthCode(MockMvc mockMvc, String clientId, String clientSecret, String userId, String username, String password, String scope, TokenFormat tokenFormat) throws Exception { String basicDigestHeaderValue = "Basic " + new String(org.apache.commons.codec.binary.Base64.encodeBase64((clientId + ":" + clientSecret) .getBytes())); - UaaPrincipal p = new UaaPrincipal(userId, username, "test@test.org", OriginKeys.UAA, "", zoneId); + UaaPrincipal p = new UaaPrincipal(userId, username, "test@test.org", OriginKeys.UAA, "", IdentityZone.getUaaZoneId()); UaaAuthentication auth = new UaaAuthentication(p, UaaAuthority.USER_AUTHORITIES, null); assertThat(auth.isAuthenticated()).isTrue(); diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneEndpointsMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneEndpointsMockMvcTests.java index 77e3d18148f..94d6682fca7 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneEndpointsMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneEndpointsMockMvcTests.java @@ -2106,7 +2106,7 @@ void userCanReadAZone_withZoneZoneIdReadToken() throws Exception { .andExpect(status().isCreated()); } - String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), user.getPassword(), "zones." + identityZone.getId() + ".read", IdentityZoneHolder.getCurrentZoneId()); + String userAccessToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), user.getPassword(), "zones." + identityZone.getId() + ".read"); MvcResult result = mockMvc.perform( get("/identity-zones/" + identityZone.getId()) @@ -2122,7 +2122,7 @@ void userCanReadAZone_withZoneZoneIdReadToken() throws Exception { assertThat(zoneResult.getConfig().getSamlConfig().getPrivateKey()).isNull(); assertThat(zoneResult.getConfig().getTokenPolicy().getKeys()).isEqualTo(emptyMap()); - String userAccessTokenReadAndAdmin = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), user.getPassword(), "zones." + identityZone.getId() + ".read " + "zones." + identityZone.getId() + ".admin ", IdentityZoneHolder.getCurrentZoneId()); + String userAccessTokenReadAndAdmin = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", user.getId(), user.getUserName(), user.getPassword(), "zones." + identityZone.getId() + ".read " + "zones." + identityZone.getId() + ".admin "); result = mockMvc.perform( get("/identity-zones/" + identityZone.getId()) .header("Authorization", "Bearer " + userAccessTokenReadAndAdmin) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneSwitchingFilterMockMvcTest.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneSwitchingFilterMockMvcTest.java index 62dfae5183c..8cc3b577ebb 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneSwitchingFilterMockMvcTest.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneSwitchingFilterMockMvcTest.java @@ -12,7 +12,6 @@ import org.cloudfoundry.identity.uaa.util.JsonUtils; import org.cloudfoundry.identity.uaa.util.SetServerNameRequestPostProcessor; import org.cloudfoundry.identity.uaa.zone.IdentityZone; -import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; @@ -144,7 +143,7 @@ void switchingZonesWithAUser() throws Exception { ScimGroup group = new ScimGroup(null, "zones." + zoneId + ".admin", zoneId); group.setMembers(Collections.singletonList(new ScimGroupMember(createdUser.getId()))); MockMvcUtils.createGroup(mockMvc, adminToken, group); - String userToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", createdUser.getId(), createdUser.getUserName(), "secret", null, IdentityZoneHolder.getCurrentZoneId()); + String userToken = MockMvcUtils.getUserOAuthAccessTokenAuthCode(mockMvc, "identity", "identitysecret", createdUser.getId(), createdUser.getUserName(), "secret", null); createClientInOtherZone(mockMvc, generator, userToken, status().isCreated(), HEADER, zoneId); }