View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.syncope.fit.core;
20  
21  import static org.junit.jupiter.api.Assertions.assertEquals;
22  import static org.junit.jupiter.api.Assertions.assertFalse;
23  import static org.junit.jupiter.api.Assertions.assertNotNull;
24  import static org.junit.jupiter.api.Assertions.assertTrue;
25  import static org.junit.jupiter.api.Assertions.fail;
26  
27  import java.io.IOException;
28  import java.util.EnumSet;
29  import java.util.List;
30  import java.util.Map;
31  import java.util.UUID;
32  import javax.ws.rs.core.Response;
33  import org.apache.commons.lang3.ClassUtils;
34  import org.apache.commons.lang3.StringUtils;
35  import org.apache.syncope.common.lib.SyncopeClientException;
36  import org.apache.syncope.common.lib.SyncopeConstants;
37  import org.apache.syncope.common.lib.auth.AuthModuleConf;
38  import org.apache.syncope.common.lib.auth.DuoMfaAuthModuleConf;
39  import org.apache.syncope.common.lib.auth.GoogleMfaAuthModuleConf;
40  import org.apache.syncope.common.lib.auth.JDBCAuthModuleConf;
41  import org.apache.syncope.common.lib.auth.JaasAuthModuleConf;
42  import org.apache.syncope.common.lib.auth.LDAPAuthModuleConf;
43  import org.apache.syncope.common.lib.auth.OAuth20AuthModuleConf;
44  import org.apache.syncope.common.lib.auth.OIDCAuthModuleConf;
45  import org.apache.syncope.common.lib.auth.SAML2IdPAuthModuleConf;
46  import org.apache.syncope.common.lib.auth.StaticAuthModuleConf;
47  import org.apache.syncope.common.lib.auth.SyncopeAuthModuleConf;
48  import org.apache.syncope.common.lib.auth.U2FAuthModuleConf;
49  import org.apache.syncope.common.lib.to.AuthModuleTO;
50  import org.apache.syncope.common.lib.to.Item;
51  import org.apache.syncope.common.rest.api.service.AuthModuleService;
52  import org.apache.syncope.fit.AbstractITCase;
53  import org.junit.jupiter.api.Test;
54  
55  public class AuthModuleITCase extends AbstractITCase {
56  
57      private enum AuthModuleSupportedType {
58          GOOGLE_MFA,
59          DUO,
60          SAML2_IDP,
61          STATIC,
62          SYNCOPE,
63          LDAP,
64          JAAS,
65          JDBC,
66          U2F,
67          OIDC,
68          OAUTH20;
69  
70      };
71  
72      private static AuthModuleTO createAuthModule(final AuthModuleTO authModule) {
73          Response response = AUTH_MODULE_SERVICE.create(authModule);
74          if (response.getStatusInfo().getStatusCode() != Response.Status.CREATED.getStatusCode()) {
75              Exception ex = CLIENT_FACTORY.getExceptionMapper().fromResponse(response);
76              if (ex != null) {
77                  throw (RuntimeException) ex;
78              }
79          }
80          return getObject(response.getLocation(), AuthModuleService.class, authModule.getClass());
81      }
82  
83      private static AuthModuleTO buildAuthModuleTO(final AuthModuleSupportedType type) {
84          AuthModuleTO authModuleTO = new AuthModuleTO();
85          authModuleTO.setKey("Test" + type + "AuthenticationModule" + getUUIDString());
86          authModuleTO.setDescription("A test " + type + " Authentication Module");
87  
88          AuthModuleConf conf;
89          switch (type) {
90              case LDAP:
91                  conf = new LDAPAuthModuleConf();
92                  LDAPAuthModuleConf.class.cast(conf).setBaseDn("dc=example,dc=org");
93                  LDAPAuthModuleConf.class.cast(conf).setSearchFilter("cn={user}");
94                  LDAPAuthModuleConf.class.cast(conf).setSubtreeSearch(true);
95                  LDAPAuthModuleConf.class.cast(conf).setLdapUrl("ldap://localhost:1389");
96                  LDAPAuthModuleConf.class.cast(conf).setPrincipalAttributeId("uid");
97                  LDAPAuthModuleConf.class.cast(conf).setBaseDn("cn=Directory Manager,dc=example,dc=org");
98                  LDAPAuthModuleConf.class.cast(conf).setBindCredential("Password");
99                  break;
100 
101             case GOOGLE_MFA:
102                 conf = new GoogleMfaAuthModuleConf();
103                 GoogleMfaAuthModuleConf.class.cast(conf).setCodeDigits(6);
104                 GoogleMfaAuthModuleConf.class.cast(conf).setIssuer("SyncopeTest");
105                 GoogleMfaAuthModuleConf.class.cast(conf).setLabel("Syncope");
106                 GoogleMfaAuthModuleConf.class.cast(conf).setTimeStepSize(30);
107                 GoogleMfaAuthModuleConf.class.cast(conf).setWindowSize(3);
108                 break;
109 
110             case DUO:
111                 conf = new DuoMfaAuthModuleConf();
112                 DuoMfaAuthModuleConf.class.cast(conf).setSecretKey("Q2IU2i6BFNd6VYflZT8Evl6lF7oPlj4PM15BmRU7");
113                 DuoMfaAuthModuleConf.class.cast(conf).setIntegrationKey("DIOXVRZD1UMZ8XXMNFQ6");
114                 DuoMfaAuthModuleConf.class.cast(conf).setApiHost("theapi.duosecurity.com");
115                 DuoMfaAuthModuleConf.class.cast(conf).setApplicationKey("u4IHCaREMB7Cb0S6QMISAgHycpj6lPBkDGfWt99I");
116                 break;
117 
118             case JAAS:
119                 conf = new JaasAuthModuleConf();
120                 JaasAuthModuleConf.class.cast(conf).setKerberosKdcSystemProperty("sample-value");
121                 JaasAuthModuleConf.class.cast(conf).setKerberosRealmSystemProperty("sample-value");
122                 JaasAuthModuleConf.class.cast(conf).setLoginConfigType("JavaLoginConfig");
123                 JaasAuthModuleConf.class.cast(conf).setRealm("SYNCOPE");
124                 JaasAuthModuleConf.class.cast(conf).setLoginConfigurationFile("/opt/jaas/login.conf");
125                 break;
126 
127             case JDBC:
128                 conf = new JDBCAuthModuleConf();
129                 JDBCAuthModuleConf.class.cast(conf).setSql("SELECT * FROM table WHERE name=?");
130                 JDBCAuthModuleConf.class.cast(conf).setFieldPassword("password");
131                 break;
132 
133             case OIDC:
134                 conf = new OIDCAuthModuleConf();
135                 OIDCAuthModuleConf.class.cast(conf).setClientId("OIDCTestId");
136                 OIDCAuthModuleConf.class.cast(conf).setDiscoveryUri("www.testurl.com");
137                 OIDCAuthModuleConf.class.cast(conf).setUserIdAttribute("username");
138                 OIDCAuthModuleConf.class.cast(conf).setResponseType("code");
139                 OIDCAuthModuleConf.class.cast(conf).setScope("openid email profile");
140                 break;
141 
142             case OAUTH20:
143                 conf = new OAuth20AuthModuleConf();
144                 OAuth20AuthModuleConf.class.cast(conf).setClientId("OAUTH20TestId");
145                 OAuth20AuthModuleConf.class.cast(conf).setClientSecret("secret");
146                 OAuth20AuthModuleConf.class.cast(conf).setClientName("oauth20");
147                 OAuth20AuthModuleConf.class.cast(conf).setEnabled(true);
148                 OAuth20AuthModuleConf.class.cast(conf).setCustomParams(Map.of("param1", "param1"));
149                 OAuth20AuthModuleConf.class.cast(conf).setAuthUrl("https://localhost/oauth2/auth");
150                 OAuth20AuthModuleConf.class.cast(conf).setProfileUrl("https://localhost/oauth2/profile");
151                 OAuth20AuthModuleConf.class.cast(conf).setProfilePath("/info");
152                 OAuth20AuthModuleConf.class.cast(conf).setTokenUrl("https://localhost/oauth2/token");
153                 OAuth20AuthModuleConf.class.cast(conf).setResponseType("code");
154                 OAuth20AuthModuleConf.class.cast(conf).setScope("oauth test");
155                 OAuth20AuthModuleConf.class.cast(conf).setUserIdAttribute("username");
156                 OAuth20AuthModuleConf.class.cast(conf).setWithState(true);
157                 break;
158 
159             case SAML2_IDP:
160                 conf = new SAML2IdPAuthModuleConf();
161                 SAML2IdPAuthModuleConf.class.cast(conf).setServiceProviderEntityId("testEntityId");
162                 SAML2IdPAuthModuleConf.class.cast(conf).setProviderName("testProviderName");
163                 break;
164 
165             case SYNCOPE:
166                 conf = new SyncopeAuthModuleConf();
167                 SyncopeAuthModuleConf.class.cast(conf).setDomain(SyncopeConstants.MASTER_DOMAIN);
168                 break;
169 
170             case U2F:
171                 conf = new U2FAuthModuleConf();
172                 U2FAuthModuleConf.class.cast(conf).setExpireDevices(50);
173                 break;
174 
175             case STATIC:
176             default:
177                 conf = new StaticAuthModuleConf();
178                 StaticAuthModuleConf.class.cast(conf).getUsers().put("user1", UUID.randomUUID().toString());
179                 StaticAuthModuleConf.class.cast(conf).getUsers().put("user2", "user2Password123");
180                 break;
181         }
182         authModuleTO.setConf(conf);
183 
184         Item keyMapping = new Item();
185         keyMapping.setIntAttrName("uid");
186         keyMapping.setExtAttrName("username");
187         authModuleTO.getItems().add(keyMapping);
188 
189         Item fullnameMapping = new Item();
190         fullnameMapping.setIntAttrName("cn");
191         fullnameMapping.setExtAttrName("fullname");
192         authModuleTO.getItems().add(fullnameMapping);
193 
194         return authModuleTO;
195     }
196 
197     private static boolean isSpecificConf(final AuthModuleConf conf, final Class<? extends AuthModuleConf> clazz) {
198         return ClassUtils.isAssignable(clazz, conf.getClass());
199     }
200 
201     @Test
202     public void list() {
203         List<AuthModuleTO> authModuleTOs = AUTH_MODULE_SERVICE.list();
204         assertNotNull(authModuleTOs);
205         assertFalse(authModuleTOs.isEmpty());
206 
207         assertTrue(authModuleTOs.stream().anyMatch(
208                 authModule -> isSpecificConf(authModule.getConf(), LDAPAuthModuleConf.class)
209                 && authModule.getKey().equals("DefaultLDAPAuthModule")));
210         assertTrue(authModuleTOs.stream().anyMatch(
211                 authModule -> isSpecificConf(authModule.getConf(), JDBCAuthModuleConf.class)
212                 && authModule.getKey().equals("DefaultJDBCAuthModule")));
213         assertTrue(authModuleTOs.stream().anyMatch(
214                 authModule -> isSpecificConf(authModule.getConf(), GoogleMfaAuthModuleConf.class)
215                 && authModule.getKey().equals("DefaultGoogleMfaAuthModule")));
216         assertTrue(authModuleTOs.stream().anyMatch(
217                 authModule -> isSpecificConf(authModule.getConf(), DuoMfaAuthModuleConf.class)
218                 && authModule.getKey().equals("DefaultDuoMfaAuthModule")));
219         assertTrue(authModuleTOs.stream().anyMatch(
220                 authModule -> isSpecificConf(authModule.getConf(), OIDCAuthModuleConf.class)
221                 && authModule.getKey().equals("DefaultOIDCAuthModule")));
222         assertTrue(authModuleTOs.stream().anyMatch(
223                 authModule -> isSpecificConf(authModule.getConf(), SAML2IdPAuthModuleConf.class)
224                 && authModule.getKey().equals("DefaultSAML2IdPAuthModule")));
225         assertTrue(authModuleTOs.stream().anyMatch(
226                 authModule -> isSpecificConf(authModule.getConf(), JaasAuthModuleConf.class)
227                 && authModule.getKey().equals("DefaultJaasAuthModule")));
228         assertTrue(authModuleTOs.stream().anyMatch(
229                 authModule -> isSpecificConf(authModule.getConf(), StaticAuthModuleConf.class)
230                 && authModule.getKey().equals("DefaultStaticAuthModule")));
231         assertTrue(authModuleTOs.stream().anyMatch(
232                 authModule -> isSpecificConf(authModule.getConf(), SyncopeAuthModuleConf.class)
233                 && authModule.getKey().equals("DefaultSyncopeAuthModule")));
234         assertTrue(authModuleTOs.stream().anyMatch(
235                 authModule -> isSpecificConf(authModule.getConf(), U2FAuthModuleConf.class)
236                 && authModule.getKey().equals("DefaultU2FAuthModule")));
237         assertTrue(authModuleTOs.stream().anyMatch(
238                 authModule -> isSpecificConf(authModule.getConf(), OAuth20AuthModuleConf.class)
239                         && authModule.getKey().equals("DefaultOAuth20AuthModule")));
240     }
241 
242     @Test
243     public void getLDAPAuthModule() {
244         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultLDAPAuthModule");
245 
246         assertNotNull(authModuleTO);
247         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
248         assertTrue(isSpecificConf(authModuleTO.getConf(), LDAPAuthModuleConf.class));
249         assertFalse(isSpecificConf(authModuleTO.getConf(), JDBCAuthModuleConf.class));
250     }
251 
252     @Test
253     public void getJDBCAuthModule() {
254         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultJDBCAuthModule");
255 
256         assertNotNull(authModuleTO);
257         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
258         assertTrue(isSpecificConf(authModuleTO.getConf(), JDBCAuthModuleConf.class));
259         assertFalse(isSpecificConf(authModuleTO.getConf(), GoogleMfaAuthModuleConf.class));
260     }
261 
262     @Test
263     public void getGoogleMfaAuthModule() {
264         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultGoogleMfaAuthModule");
265 
266         assertNotNull(authModuleTO);
267         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
268         assertTrue(isSpecificConf(authModuleTO.getConf(), GoogleMfaAuthModuleConf.class));
269         assertFalse(isSpecificConf(authModuleTO.getConf(), OIDCAuthModuleConf.class));
270     }
271 
272     @Test
273     public void getDuoMfaAuthModule() {
274         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultDuoMfaAuthModule");
275 
276         assertNotNull(authModuleTO);
277         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
278         assertTrue(isSpecificConf(authModuleTO.getConf(), DuoMfaAuthModuleConf.class));
279     }
280 
281     @Test
282     public void getOIDCAuthModule() {
283         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultOIDCAuthModule");
284 
285         assertNotNull(authModuleTO);
286         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
287         assertTrue(isSpecificConf(authModuleTO.getConf(), OIDCAuthModuleConf.class));
288         assertFalse(isSpecificConf(authModuleTO.getConf(), SAML2IdPAuthModuleConf.class));
289     }
290 
291     @Test
292     public void getOAuth20AuthModule() {
293         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultOAuth20AuthModule");
294 
295         assertNotNull(authModuleTO);
296         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
297         assertTrue(isSpecificConf(authModuleTO.getConf(), OAuth20AuthModuleConf.class));
298         assertFalse(isSpecificConf(authModuleTO.getConf(), SAML2IdPAuthModuleConf.class));
299     }
300 
301     @Test
302     public void getSAML2IdPAuthModule() {
303         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultSAML2IdPAuthModule");
304 
305         assertNotNull(authModuleTO);
306         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
307         assertTrue(isSpecificConf(authModuleTO.getConf(), SAML2IdPAuthModuleConf.class));
308         assertFalse(isSpecificConf(authModuleTO.getConf(), JaasAuthModuleConf.class));
309     }
310 
311     @Test
312     public void getJaasAuthModule() {
313         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultJaasAuthModule");
314 
315         assertNotNull(authModuleTO);
316         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
317         assertTrue(isSpecificConf(authModuleTO.getConf(), JaasAuthModuleConf.class));
318         assertFalse(isSpecificConf(authModuleTO.getConf(), StaticAuthModuleConf.class));
319     }
320 
321     @Test
322     public void getStaticAuthModule() {
323         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultStaticAuthModule");
324 
325         assertNotNull(authModuleTO);
326         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
327         assertTrue(isSpecificConf(authModuleTO.getConf(), StaticAuthModuleConf.class));
328         assertFalse(isSpecificConf(authModuleTO.getConf(), SyncopeAuthModuleConf.class));
329     }
330 
331     @Test
332     public void getSyncopeAuthModule() {
333         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultSyncopeAuthModule");
334 
335         assertNotNull(authModuleTO);
336         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
337         assertTrue(isSpecificConf(authModuleTO.getConf(), SyncopeAuthModuleConf.class));
338         assertFalse(isSpecificConf(authModuleTO.getConf(), U2FAuthModuleConf.class));
339     }
340 
341     @Test
342     public void getU2FAuthModule() {
343         AuthModuleTO authModuleTO = AUTH_MODULE_SERVICE.read("DefaultU2FAuthModule");
344 
345         assertNotNull(authModuleTO);
346         assertTrue(StringUtils.isNotBlank(authModuleTO.getDescription()));
347         assertTrue(isSpecificConf(authModuleTO.getConf(), U2FAuthModuleConf.class));
348         assertFalse(isSpecificConf(authModuleTO.getConf(), LDAPAuthModuleConf.class));
349     }
350 
351     @Test
352     public void create() {
353         EnumSet.allOf(AuthModuleSupportedType.class).forEach(type -> {
354             AuthModuleTO authModuleTO = createAuthModule(buildAuthModuleTO(type));
355             assertNotNull(authModuleTO);
356             assertTrue(authModuleTO.getDescription().contains("A test " + type + " Authentication Module"));
357             assertEquals(2, authModuleTO.getItems().size());
358         });
359     }
360 
361     @Test
362     public void updateGoogleMfaAuthModule() {
363         AuthModuleTO googleMfaAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultGoogleMfaAuthModule");
364         assertNotNull(googleMfaAuthModuleTO);
365 
366         AuthModuleTO newGoogleMfaAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.GOOGLE_MFA);
367         newGoogleMfaAuthModuleTO = createAuthModule(newGoogleMfaAuthModuleTO);
368         assertNotNull(newGoogleMfaAuthModuleTO);
369 
370         AuthModuleConf conf = googleMfaAuthModuleTO.getConf();
371         assertNotNull(conf);
372         GoogleMfaAuthModuleConf.class.cast(conf).setLabel("newLabel");
373         newGoogleMfaAuthModuleTO.setConf(conf);
374 
375         // update new auth module
376         AUTH_MODULE_SERVICE.update(newGoogleMfaAuthModuleTO);
377         newGoogleMfaAuthModuleTO = AUTH_MODULE_SERVICE.read(newGoogleMfaAuthModuleTO.getKey());
378         assertNotNull(newGoogleMfaAuthModuleTO);
379 
380         conf = newGoogleMfaAuthModuleTO.getConf();
381         assertEquals("newLabel", GoogleMfaAuthModuleConf.class.cast(conf).getLabel());
382     }
383 
384     @Test
385     public void updateDuoMfaAuthModule() {
386         AuthModuleTO duoMfaAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultDuoMfaAuthModule");
387         assertNotNull(duoMfaAuthModuleTO);
388 
389         AuthModuleTO newDuoMfaAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.DUO);
390         newDuoMfaAuthModuleTO = createAuthModule(newDuoMfaAuthModuleTO);
391         assertNotNull(newDuoMfaAuthModuleTO);
392 
393         AuthModuleConf conf = duoMfaAuthModuleTO.getConf();
394         assertNotNull(conf);
395         String secretKey = UUID.randomUUID().toString();
396         DuoMfaAuthModuleConf.class.cast(conf).setSecretKey(secretKey);
397         newDuoMfaAuthModuleTO.setConf(conf);
398 
399         // update new auth module
400         AUTH_MODULE_SERVICE.update(newDuoMfaAuthModuleTO);
401         newDuoMfaAuthModuleTO = AUTH_MODULE_SERVICE.read(newDuoMfaAuthModuleTO.getKey());
402         assertNotNull(newDuoMfaAuthModuleTO);
403 
404         conf = newDuoMfaAuthModuleTO.getConf();
405         assertEquals(secretKey, DuoMfaAuthModuleConf.class.cast(conf).getSecretKey());
406     }
407 
408     @Test
409     public void updateLDAPAuthModule() {
410         AuthModuleTO ldapAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultLDAPAuthModule");
411         assertNotNull(ldapAuthModuleTO);
412 
413         AuthModuleTO newLdapAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.LDAP);
414         newLdapAuthModuleTO = createAuthModule(newLdapAuthModuleTO);
415         assertNotNull(newLdapAuthModuleTO);
416 
417         AuthModuleConf conf = ldapAuthModuleTO.getConf();
418         assertNotNull(conf);
419         LDAPAuthModuleConf.class.cast(conf).setSubtreeSearch(false);
420         newLdapAuthModuleTO.setConf(conf);
421 
422         // update new auth module
423         AUTH_MODULE_SERVICE.update(newLdapAuthModuleTO);
424         newLdapAuthModuleTO = AUTH_MODULE_SERVICE.read(newLdapAuthModuleTO.getKey());
425         assertNotNull(newLdapAuthModuleTO);
426 
427         conf = newLdapAuthModuleTO.getConf();
428         assertFalse(LDAPAuthModuleConf.class.cast(conf).isSubtreeSearch());
429     }
430 
431     @Test
432     public void updateSAML2IdPAuthModule() {
433         AuthModuleTO saml2IdpAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultSAML2IdPAuthModule");
434         assertNotNull(saml2IdpAuthModuleTO);
435 
436         AuthModuleTO newsaml2IdpAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.SAML2_IDP);
437         newsaml2IdpAuthModuleTO = createAuthModule(newsaml2IdpAuthModuleTO);
438         assertNotNull(newsaml2IdpAuthModuleTO);
439 
440         AuthModuleConf conf = saml2IdpAuthModuleTO.getConf();
441         assertNotNull(conf);
442         SAML2IdPAuthModuleConf.class.cast(conf).setServiceProviderEntityId("newEntityId");
443         newsaml2IdpAuthModuleTO.setConf(conf);
444 
445         // update new auth module
446         AUTH_MODULE_SERVICE.update(newsaml2IdpAuthModuleTO);
447         newsaml2IdpAuthModuleTO = AUTH_MODULE_SERVICE.read(newsaml2IdpAuthModuleTO.getKey());
448         assertNotNull(newsaml2IdpAuthModuleTO);
449 
450         conf = newsaml2IdpAuthModuleTO.getConf();
451         assertEquals("newEntityId", SAML2IdPAuthModuleConf.class.cast(conf).getServiceProviderEntityId());
452     }
453 
454     @Test
455     public void updateOIDCAuthModule() {
456         AuthModuleTO oidcAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultOIDCAuthModule");
457         assertNotNull(oidcAuthModuleTO);
458 
459         AuthModuleTO newOIDCAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.OIDC);
460         newOIDCAuthModuleTO = createAuthModule(newOIDCAuthModuleTO);
461         assertNotNull(newOIDCAuthModuleTO);
462 
463         AuthModuleConf conf = oidcAuthModuleTO.getConf();
464         assertNotNull(conf);
465         OIDCAuthModuleConf.class.cast(conf).setResponseType("newCode");
466         newOIDCAuthModuleTO.setConf(conf);
467 
468         // update new auth module
469         AUTH_MODULE_SERVICE.update(newOIDCAuthModuleTO);
470         newOIDCAuthModuleTO = AUTH_MODULE_SERVICE.read(newOIDCAuthModuleTO.getKey());
471         assertNotNull(newOIDCAuthModuleTO);
472 
473         conf = newOIDCAuthModuleTO.getConf();
474         assertEquals("newCode", OIDCAuthModuleConf.class.cast(conf).getResponseType());
475     }
476 
477     @Test
478     public void updateOAuth20AuthModule() {
479         AuthModuleTO oauth20AuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultOAuth20AuthModule");
480         assertNotNull(oauth20AuthModuleTO);
481 
482         AuthModuleTO newoauth20AuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.OAUTH20);
483         newoauth20AuthModuleTO = createAuthModule(newoauth20AuthModuleTO);
484         assertNotNull(newoauth20AuthModuleTO);
485 
486         AuthModuleConf conf = oauth20AuthModuleTO.getConf();
487         assertNotNull(conf);
488         OAuth20AuthModuleConf.class.cast(conf).setClientName("OAUTH APP");
489         newoauth20AuthModuleTO.setConf(conf);
490 
491         // update new auth module
492         AUTH_MODULE_SERVICE.update(newoauth20AuthModuleTO);
493         newoauth20AuthModuleTO = AUTH_MODULE_SERVICE.read(newoauth20AuthModuleTO.getKey());
494         assertNotNull(newoauth20AuthModuleTO);
495 
496         conf = newoauth20AuthModuleTO.getConf();
497         assertEquals("OAUTH APP", OAuth20AuthModuleConf.class.cast(conf).getClientName());
498     }
499 
500     @Test
501     public void updateJDBCAuthModule() {
502         AuthModuleTO jdbcAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultJDBCAuthModule");
503         assertNotNull(jdbcAuthModuleTO);
504 
505         AuthModuleTO newJDBCAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.JDBC);
506         newJDBCAuthModuleTO = createAuthModule(newJDBCAuthModuleTO);
507         assertNotNull(newJDBCAuthModuleTO);
508 
509         AuthModuleConf conf = jdbcAuthModuleTO.getConf();
510         assertNotNull(conf);
511         JDBCAuthModuleConf.class.cast(conf).setFieldPassword("uPassword");
512         newJDBCAuthModuleTO.setConf(conf);
513 
514         // update new auth module
515         AUTH_MODULE_SERVICE.update(newJDBCAuthModuleTO);
516         newJDBCAuthModuleTO = AUTH_MODULE_SERVICE.read(newJDBCAuthModuleTO.getKey());
517         assertNotNull(newJDBCAuthModuleTO);
518 
519         conf = newJDBCAuthModuleTO.getConf();
520         assertEquals("uPassword", JDBCAuthModuleConf.class.cast(conf).getFieldPassword());
521     }
522 
523     @Test
524     public void updateJaasAuthModule() {
525         AuthModuleTO jaasAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultJaasAuthModule");
526         assertNotNull(jaasAuthModuleTO);
527 
528         AuthModuleTO newJaasAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.JAAS);
529         newJaasAuthModuleTO = createAuthModule(newJaasAuthModuleTO);
530         assertNotNull(newJaasAuthModuleTO);
531 
532         AuthModuleConf conf = jaasAuthModuleTO.getConf();
533         assertNotNull(conf);
534         JaasAuthModuleConf.class.cast(conf).setRealm("SYNCOPE_NEW");
535         newJaasAuthModuleTO.setConf(conf);
536 
537         // update new auth module
538         AUTH_MODULE_SERVICE.update(newJaasAuthModuleTO);
539         newJaasAuthModuleTO = AUTH_MODULE_SERVICE.read(newJaasAuthModuleTO.getKey());
540         assertNotNull(newJaasAuthModuleTO);
541 
542         conf = newJaasAuthModuleTO.getConf();
543         assertEquals("SYNCOPE_NEW", JaasAuthModuleConf.class.cast(conf).getRealm());
544     }
545 
546     @Test
547     public void updateStaticAuthModule() {
548         AuthModuleTO staticAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultStaticAuthModule");
549         assertNotNull(staticAuthModuleTO);
550 
551         AuthModuleTO newStaticAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.STATIC);
552         newStaticAuthModuleTO = createAuthModule(newStaticAuthModuleTO);
553         assertNotNull(newStaticAuthModuleTO);
554 
555         AuthModuleConf conf = staticAuthModuleTO.getConf();
556         assertNotNull(conf);
557         assertEquals(1, StaticAuthModuleConf.class.cast(conf).getUsers().size());
558         StaticAuthModuleConf.class.cast(conf).getUsers().put("user3", "user3Password123");
559         newStaticAuthModuleTO.setConf(conf);
560 
561         // update new auth module
562         AUTH_MODULE_SERVICE.update(newStaticAuthModuleTO);
563         newStaticAuthModuleTO = AUTH_MODULE_SERVICE.read(newStaticAuthModuleTO.getKey());
564         assertNotNull(newStaticAuthModuleTO);
565 
566         conf = newStaticAuthModuleTO.getConf();
567         assertEquals(2, StaticAuthModuleConf.class.cast(conf).getUsers().size());
568     }
569 
570     @Test
571     public void updateU2fAuthModule() {
572         AuthModuleTO u2fAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultU2FAuthModule");
573         assertNotNull(u2fAuthModuleTO);
574 
575         AuthModuleTO newU2fAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.U2F);
576         newU2fAuthModuleTO = createAuthModule(newU2fAuthModuleTO);
577         assertNotNull(newU2fAuthModuleTO);
578 
579         AuthModuleConf conf = u2fAuthModuleTO.getConf();
580         assertNotNull(conf);
581         U2FAuthModuleConf.class.cast(conf).setExpireDevices(24);
582         newU2fAuthModuleTO.setConf(conf);
583 
584         // update new auth module
585         AUTH_MODULE_SERVICE.update(newU2fAuthModuleTO);
586         newU2fAuthModuleTO = AUTH_MODULE_SERVICE.read(newU2fAuthModuleTO.getKey());
587         assertNotNull(newU2fAuthModuleTO);
588 
589         conf = newU2fAuthModuleTO.getConf();
590         assertEquals(24, U2FAuthModuleConf.class.cast(conf).getExpireDevices());
591     }
592 
593     @Test
594     public void updateSyncopeAuthModule() {
595         AuthModuleTO syncopeAuthModuleTO = AUTH_MODULE_SERVICE.read("DefaultSyncopeAuthModule");
596         assertNotNull(syncopeAuthModuleTO);
597 
598         AuthModuleTO newSyncopeAuthModuleTO = buildAuthModuleTO(AuthModuleSupportedType.SYNCOPE);
599         newSyncopeAuthModuleTO = createAuthModule(newSyncopeAuthModuleTO);
600         assertNotNull(newSyncopeAuthModuleTO);
601 
602         AuthModuleConf conf = syncopeAuthModuleTO.getConf();
603         assertNotNull(conf);
604         SyncopeAuthModuleConf.class.cast(conf).setDomain("Two");
605         newSyncopeAuthModuleTO.setConf(conf);
606 
607         // update new auth module
608         AUTH_MODULE_SERVICE.update(newSyncopeAuthModuleTO);
609         newSyncopeAuthModuleTO = AUTH_MODULE_SERVICE.read(newSyncopeAuthModuleTO.getKey());
610         assertNotNull(newSyncopeAuthModuleTO);
611 
612         conf = newSyncopeAuthModuleTO.getConf();
613         assertEquals("Two", SyncopeAuthModuleConf.class.cast(conf).getDomain());
614     }
615 
616     @Test
617     public void delete() throws IOException {
618         EnumSet.allOf(AuthModuleSupportedType.class).forEach(type -> {
619             AuthModuleTO read = createAuthModule(buildAuthModuleTO(type));
620             assertNotNull(read);
621 
622             AUTH_MODULE_SERVICE.delete(read.getKey());
623 
624             try {
625                 AUTH_MODULE_SERVICE.read(read.getKey());
626                 fail("This should not happen");
627             } catch (SyncopeClientException e) {
628                 assertNotNull(e);
629             }
630         });
631     }
632 }