From d0b201651cd1e6b093e86508c2f61466e20e3011 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 13:30:59 +0100 Subject: [PATCH 01/33] Add tests for read operation --- ...ityProviderEndpointsAliasMockMvcTests.java | 46 +++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 76ab29006a7..55df9a6c938 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -43,6 +43,7 @@ import org.cloudfoundry.identity.uaa.util.UaaTokenUtils; import org.cloudfoundry.identity.uaa.zone.IdentityZone; import org.cloudfoundry.identity.uaa.zone.IdentityZoneSwitchingFilter; +import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Test; @@ -98,6 +99,51 @@ void setUp() throws Exception { identityProviderEndpoints = Objects.requireNonNull(webApplicationContext.getBean(IdentityProviderEndpoints.class)); } + @Nested + class Read { + @Nested + class AliasFeatureDisabled { + @BeforeEach + void setUp() { + arrangeAliasFeatureEnabled(false); + } + + @AfterEach + void tearDown() { + arrangeAliasFeatureEnabled(true); + } + + @Test + void shouldStillReturnAliasPropertiesOfIdpsWithAliasCreatedBeforehand_UaaToCustomZone() throws Throwable { + shouldStillReturnAliasPropertiesOfIdpsWithAliasCreatedBeforehand(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldStillReturnAliasPropertiesOfIdpsWithAliasCreatedBeforehand_CustomToUaaZone() throws Throwable { + shouldStillReturnAliasPropertiesOfIdpsWithAliasCreatedBeforehand(customZone, IdentityZone.getUaa()); + } + + private void shouldStillReturnAliasPropertiesOfIdpsWithAliasCreatedBeforehand( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + true, + () -> createIdpWithAlias(zone1, zone2) + ); + + final List> allIdps = readAllIdpsInZone(zone1); + assertThat(allIdps).isNotNull(); + final Optional> createdIdp = allIdps.stream() + .filter(it -> it.getOriginKey().equals(existingIdp.getOriginKey())) + .findFirst(); + assertThat(createdIdp).isPresent(); + assertThat(createdIdp.get()).isEqualTo(existingIdp); + assertThat(createdIdp.get().getAliasZid()).isEqualTo(zone2.getId()); + } + } + } + @Nested class Create { abstract class CreateBase { From d7040f390203a50b6885dfc704184ad8e1302c58 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 13:48:09 +0100 Subject: [PATCH 02/33] Add handling for tests assessing dangling references to shouldRejectUpdate method --- .../providers/IdentityProviderEndpointsAliasMockMvcTests.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 55df9a6c938..bf050c64ca7 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -835,8 +835,8 @@ private void shouldRejectUpdate(final IdentityZone zone, final IdentityProvider< idpBeforeUpdate.getAliasZid(), idpBeforeUpdate.getAliasId() ); - assertThat(aliasIdpBeforeUpdateOpt).isPresent(); - aliasIdpBeforeUpdate = aliasIdpBeforeUpdateOpt.get(); + aliasIdpBeforeUpdate = aliasIdpBeforeUpdateOpt + .orElse(null); // for test cases involving dangling references, the alias might not exist even though one is referenced } else { aliasIdpBeforeUpdate = null; } From 57096e9cee22fb25662343b6bebbead2d35f224d Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 13:59:28 +0100 Subject: [PATCH 03/33] Add updateIdpViaDb method --- .../IdentityProviderEndpointsAliasMockMvcTests.java | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index bf050c64ca7..3caa75e7a0a 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -1166,6 +1166,12 @@ private Optional> readIdpViaDb(final String id, final String return Optional.of(idp); } + private IdentityProvider updateIdpViaDb(final String zoneId, final IdentityProvider idp) { + final JdbcIdentityProviderProvisioning identityProviderProvisioning = webApplicationContext + .getBean(JdbcIdentityProviderProvisioning.class); + return identityProviderProvisioning.update(idp, zoneId); + } + private static void assertRelyingPartySecretIsRedacted(final IdentityProvider identityProvider) { assertThat(identityProvider.getType()).isEqualTo(OIDC10); final Optional> config = Optional.ofNullable(identityProvider.getConfig()) From 26766e4b9f3b68b5a3421b07e58ea852b1e44c53 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:02:27 +0100 Subject: [PATCH 04/33] Add tests: update should be rejected if the entity has no existing alias and the aliasId is set in the update payload (valid for enabled and disabled alias feature) --- ...ityProviderEndpointsAliasMockMvcTests.java | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 3caa75e7a0a..f41035bc9c9 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -373,6 +373,26 @@ protected UpdateBase(final boolean aliasFeatureEnabled) { void setUp() { arrangeAliasFeatureEnabled(aliasFeatureEnabled); } + + @Test + void shouldReject_NoExistingAlias_AliasIdSet_UaaZone() throws Exception { + shouldReject_NoExistingAlias_AliasIdSet(IdentityZone.getUaa()); + } + + @Test + void shouldReject_NoExistingAlias_AliasIdSet_CustomZone() throws Exception { + shouldReject_NoExistingAlias_AliasIdSet(customZone); + } + + private void shouldReject_NoExistingAlias_AliasIdSet(final IdentityZone zone) throws Exception { + final IdentityProvider existingIdp = createIdp( + zone, + buildOidcIdpWithAliasProperties(zone.getId(), null, null) + ); + assertThat(existingIdp.getAliasZid()).isBlank(); + existingIdp.setAliasId(UUID.randomUUID().toString()); + shouldRejectUpdate(zone, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Nested From f242128989aa753afd83a23d70bf07bbf8d04417 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:08:19 +0100 Subject: [PATCH 05/33] Add tests: update should ignore alias if the original IdP has an empty aliasId --- ...ityProviderEndpointsAliasMockMvcTests.java | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index f41035bc9c9..e6981c74062 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -758,6 +758,51 @@ private void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties( assertThat(aliasIdpAfterUpdate.get().getName()).isEqualTo(initialName); } + @Test + void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing_UaaToCustomZone() throws Throwable { + shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing_CustomToUaaZone() throws Throwable { + shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing(customZone, IdentityZone.getUaa()); + } + + private void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); + + final String initialAliasId = existingIdp.getAliasId(); + assertThat(initialAliasId).isNotBlank(); + final String initialName = existingIdp.getName(); + assertThat(initialName).isNotBlank(); + + // modify existing directly in DB: remove aliasId + existingIdp.setAliasId(null); + updateIdpViaDb(zone1.getId(), existingIdp); + + // update original IdP + existingIdp.setAliasId(null); + existingIdp.setAliasZid(null); + existingIdp.setName("some-new-name"); + final IdentityProvider updatedIdp = updateIdp(zone1, existingIdp); + assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); + assertThat(updatedIdp.getAliasId()).isBlank(); + assertThat(updatedIdp.getAliasZid()).isBlank(); + + // alias IdP should still exist and not be modified + final Optional> aliasIdp = readIdpViaDb(initialAliasId, zone2.getId()); + assertThat(aliasIdp).isPresent(); + assertThat(aliasIdp.get().getAliasId()).isNotBlank().isEqualTo(existingIdp.getId()); + assertThat(aliasIdp.get().getAliasZid()).isNotBlank().isEqualTo(existingIdp.getIdentityZoneId()); + assertThat(aliasIdp.get().getName()).isNotBlank().isEqualTo(initialName); + } + @Test void shouldReject_OnlyAliasIdSetToNull_UaaToCustomZone() throws Throwable { shouldReject_OnlyAliasIdSetToNull(IdentityZone.getUaa(), customZone); From 77ff7b85b22d81a06cdeef3695225a0df2e98c38 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:10:57 +0100 Subject: [PATCH 06/33] Add tests: update should ignore dangling reference and break reference to alias in existing IdP if alias feature is disabled --- ...ityProviderEndpointsAliasMockMvcTests.java | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index e6981c74062..eec5942fc53 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -803,6 +803,38 @@ private void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing( assertThat(aliasIdp.get().getName()).isNotBlank().isEqualTo(initialName); } + @Test + void shouldAccept_ShouldIgnoreDanglingReference_UaaToCustomZone() throws Throwable { + shouldAccept_ShouldIgnoreDanglingReference(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldAccept_ShouldIgnoreDanglingReference_CustomToUaaZone() throws Throwable { + shouldAccept_ShouldIgnoreDanglingReference(customZone, IdentityZone.getUaa()); + } + + private void shouldAccept_ShouldIgnoreDanglingReference( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); + + // create dangling reference by removing alias IdP directly in DB + deleteIdpViaDb(existingIdp.getOriginKey(), zone2.getId()); + + // update original IdP + existingIdp.setAliasId(null); + existingIdp.setAliasZid(null); + existingIdp.setName("some-new-name"); + final IdentityProvider updatedIdp = updateIdp(zone1, existingIdp); + assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); + assertThat(updatedIdp.getAliasId()).isBlank(); + assertThat(updatedIdp.getAliasZid()).isBlank(); + } + @Test void shouldReject_OnlyAliasIdSetToNull_UaaToCustomZone() throws Throwable { shouldReject_OnlyAliasIdSetToNull(IdentityZone.getUaa(), customZone); From f464fa6125d098c812b8ec18ecaf8ad1e9a4664a Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:13:04 +0100 Subject: [PATCH 07/33] Add tests: update should reject if alias feature disabled, no alias exists and the update payload contains a non-empty aliasZid --- ...ityProviderEndpointsAliasMockMvcTests.java | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index eec5942fc53..2402cb9c900 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -656,6 +656,33 @@ protected AliasFeatureDisabled() { super(false); } + @Nested + class NoExistingAlias { + @Test + void shouldReject_AliasZidSet_UaaToCustomZone() throws Throwable { + shouldReject_AliasZidSet(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldReject_AliasZidSet_CustomToUaaZone() throws Throwable { + shouldReject_AliasZidSet(customZone, IdentityZone.getUaa()); + } + + private void shouldReject_AliasZidSet( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Exception { + final IdentityProvider existingIdp = createIdp( + zone1, + buildOidcIdpWithAliasProperties(zone1.getId(), null, null) + ); + + // setting the alias zid should fail + existingIdp.setAliasZid(zone2.getId()); + shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } + } + @Test void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged_UaaToCustomZone() throws Throwable { shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged(IdentityZone.getUaa(), customZone); From ce4a41eb31d6aa4a086cbcca72faf08266c9c861 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:18:09 +0100 Subject: [PATCH 08/33] Move test Update -> AliasFeatureDisabled -> shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 44 +++++++++++-------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 2402cb9c900..28741ff0ea5 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -683,28 +683,34 @@ private void shouldReject_AliasZidSet( } } - @Test - void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged_UaaToCustomZone() throws Throwable { - shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged(IdentityZone.getUaa(), customZone); - } + /** + * Test handling of IdPs with an existing alias when the alias feature is now switched off. + */ + @Nested + class ExistingAlias { + @Test + void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged_UaaToCustomZone() throws Throwable { + shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged(IdentityZone.getUaa(), customZone); + } - @Test - void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged_CustomToUaaZone() throws Throwable { - shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged(customZone, IdentityZone.getUaa()); - } + @Test + void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged_CustomToUaaZone() throws Throwable { + shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged(customZone, IdentityZone.getUaa()); + } - private void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + private void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - // change non-alias property without setting alias properties to null - originalIdp.setName("some-new-name"); - shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); + // change non-alias property without setting alias properties to null + originalIdp.setName("some-new-name"); + shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Test From 70611bca37084bb8bdd630f30cf493eba292a802 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:19:39 +0100 Subject: [PATCH 09/33] Move test Update -> AliasFeatureDisabled -> shouldAccept_SetOnlyAliasPropertiesToNull to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 60 +++++++++---------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 28741ff0ea5..7cd2de73c61 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -711,41 +711,41 @@ private void shouldReject_OtherPropertiesChangedWhileAliasPropertiesUnchanged( originalIdp.setName("some-new-name"); shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); } - } - @Test - void shouldAccept_SetOnlyAliasPropertiesToNull_UaaToCustomZone() throws Throwable { - shouldAccept_SetOnlyAliasPropertiesToNull(IdentityZone.getUaa(), customZone); - } - - @Test - void shouldAccept_SetOnlyAliasPropertiesToNull_CustomToUaaZone() throws Throwable { - shouldAccept_SetOnlyAliasPropertiesToNull(customZone, IdentityZone.getUaa()); - } + @Test + void shouldAccept_SetOnlyAliasPropertiesToNull_UaaToCustomZone() throws Throwable { + shouldAccept_SetOnlyAliasPropertiesToNull(IdentityZone.getUaa(), customZone); + } - private void shouldAccept_SetOnlyAliasPropertiesToNull( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + @Test + void shouldAccept_SetOnlyAliasPropertiesToNull_CustomToUaaZone() throws Throwable { + shouldAccept_SetOnlyAliasPropertiesToNull(customZone, IdentityZone.getUaa()); + } - final String initialAliasId = originalIdp.getAliasId(); - assertThat(initialAliasId).isNotBlank(); - final String initialAliasZid = originalIdp.getAliasZid(); - assertThat(initialAliasZid).isNotBlank(); + private void shouldAccept_SetOnlyAliasPropertiesToNull( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - // change non-alias property without setting alias properties to null - originalIdp.setAliasId(null); - originalIdp.setAliasZid(null); - final IdentityProvider updatedIdp = updateIdp(zone1, originalIdp); - assertThat(updatedIdp.getAliasId()).isBlank(); - assertThat(updatedIdp.getAliasZid()).isBlank(); + final String initialAliasId = originalIdp.getAliasId(); + assertThat(initialAliasId).isNotBlank(); + final String initialAliasZid = originalIdp.getAliasZid(); + assertThat(initialAliasZid).isNotBlank(); - // the alias IdP should have its reference removed - assertReferenceWasRemovedFromAlias(initialAliasId, initialAliasZid); + // change non-alias property without setting alias properties to null + originalIdp.setAliasId(null); + originalIdp.setAliasZid(null); + final IdentityProvider updatedIdp = updateIdp(zone1, originalIdp); + assertThat(updatedIdp.getAliasId()).isBlank(); + assertThat(updatedIdp.getAliasZid()).isBlank(); + + // the alias IdP should have its reference removed + assertReferenceWasRemovedFromAlias(initialAliasId, initialAliasZid); + } } @Test From 85bee2edcdf94b0e923bca9d24572d8fbfac1d5d Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:20:26 +0100 Subject: [PATCH 10/33] Move test Update -> AliasFeatureDisabled -> shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 76 +++++++++---------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 7cd2de73c61..88f8aab4b80 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -746,49 +746,49 @@ private void shouldAccept_SetOnlyAliasPropertiesToNull( // the alias IdP should have its reference removed assertReferenceWasRemovedFromAlias(initialAliasId, initialAliasZid); } - } - - @Test - void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties_UaaToCustomZone() throws Throwable { - shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties(IdentityZone.getUaa(), customZone); - } - @Test - void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties_CustomToUaaZone() throws Throwable { - shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties(customZone, IdentityZone.getUaa()); - } + @Test + void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties_UaaToCustomZone() throws Throwable { + shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties(IdentityZone.getUaa(), customZone); + } - private void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + @Test + void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties_CustomToUaaZone() throws Throwable { + shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties(customZone, IdentityZone.getUaa()); + } - final String initialAliasId = originalIdp.getAliasId(); - assertThat(initialAliasId).isNotBlank(); - final String initialAliasZid = originalIdp.getAliasZid(); - assertThat(initialAliasZid).isNotBlank(); - final String initialName = originalIdp.getName(); - assertThat(initialName).isNotBlank(); + private void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - // change non-alias property without setting alias properties to null - originalIdp.setAliasId(null); - originalIdp.setAliasZid(null); - originalIdp.setName("some-new-name"); - final IdentityProvider updatedIdp = updateIdp(zone1, originalIdp); - assertThat(updatedIdp.getAliasId()).isBlank(); - assertThat(updatedIdp.getAliasZid()).isBlank(); - assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); + final String initialAliasId = originalIdp.getAliasId(); + assertThat(initialAliasId).isNotBlank(); + final String initialAliasZid = originalIdp.getAliasZid(); + assertThat(initialAliasZid).isNotBlank(); + final String initialName = originalIdp.getName(); + assertThat(initialName).isNotBlank(); - // apart from the alias reference being removed, the alias IdP should be left unchanged - final Optional> aliasIdpAfterUpdate = readIdpFromZoneIfExists(zone2.getId(), initialAliasId); - assertThat(aliasIdpAfterUpdate).isPresent(); - assertThat(aliasIdpAfterUpdate.get().getAliasId()).isBlank(); - assertThat(aliasIdpAfterUpdate.get().getAliasZid()).isBlank(); - assertThat(aliasIdpAfterUpdate.get().getName()).isEqualTo(initialName); + // change non-alias property without setting alias properties to null + originalIdp.setAliasId(null); + originalIdp.setAliasZid(null); + originalIdp.setName("some-new-name"); + final IdentityProvider updatedIdp = updateIdp(zone1, originalIdp); + assertThat(updatedIdp.getAliasId()).isBlank(); + assertThat(updatedIdp.getAliasZid()).isBlank(); + assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); + + // apart from the alias reference being removed, the alias IdP should be left unchanged + final Optional> aliasIdpAfterUpdate = readIdpFromZoneIfExists(zone2.getId(), initialAliasId); + assertThat(aliasIdpAfterUpdate).isPresent(); + assertThat(aliasIdpAfterUpdate.get().getAliasId()).isBlank(); + assertThat(aliasIdpAfterUpdate.get().getAliasZid()).isBlank(); + assertThat(aliasIdpAfterUpdate.get().getName()).isEqualTo(initialName); + } } @Test From 688261e3672c40f57d808c41b54a142e5c0dc23c Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:21:19 +0100 Subject: [PATCH 11/33] Move test Update -> AliasFeatureDisabled -> shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 76 +++++++++---------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 88f8aab4b80..bba9b93e2b1 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -789,51 +789,51 @@ private void shouldAccept_SetAliasPropertiesToNullAndChangeOtherProperties( assertThat(aliasIdpAfterUpdate.get().getAliasZid()).isBlank(); assertThat(aliasIdpAfterUpdate.get().getName()).isEqualTo(initialName); } - } - @Test - void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing_UaaToCustomZone() throws Throwable { - shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing(IdentityZone.getUaa(), customZone); - } + @Test + void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing_UaaToCustomZone() throws Throwable { + shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing(IdentityZone.getUaa(), customZone); + } - @Test - void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing_CustomToUaaZone() throws Throwable { - shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing(customZone, IdentityZone.getUaa()); - } + @Test + void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing_CustomToUaaZone() throws Throwable { + shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing(customZone, IdentityZone.getUaa()); + } - private void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + private void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - final String initialAliasId = existingIdp.getAliasId(); - assertThat(initialAliasId).isNotBlank(); - final String initialName = existingIdp.getName(); - assertThat(initialName).isNotBlank(); + final String initialAliasId = existingIdp.getAliasId(); + assertThat(initialAliasId).isNotBlank(); + final String initialName = existingIdp.getName(); + assertThat(initialName).isNotBlank(); - // modify existing directly in DB: remove aliasId - existingIdp.setAliasId(null); - updateIdpViaDb(zone1.getId(), existingIdp); + // modify existing directly in DB: remove aliasId + existingIdp.setAliasId(null); + updateIdpViaDb(zone1.getId(), existingIdp); - // update original IdP - existingIdp.setAliasId(null); - existingIdp.setAliasZid(null); - existingIdp.setName("some-new-name"); - final IdentityProvider updatedIdp = updateIdp(zone1, existingIdp); - assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); - assertThat(updatedIdp.getAliasId()).isBlank(); - assertThat(updatedIdp.getAliasZid()).isBlank(); + // update original IdP + existingIdp.setAliasId(null); + existingIdp.setAliasZid(null); + existingIdp.setName("some-new-name"); + final IdentityProvider updatedIdp = updateIdp(zone1, existingIdp); + assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); + assertThat(updatedIdp.getAliasId()).isBlank(); + assertThat(updatedIdp.getAliasZid()).isBlank(); - // alias IdP should still exist and not be modified - final Optional> aliasIdp = readIdpViaDb(initialAliasId, zone2.getId()); - assertThat(aliasIdp).isPresent(); - assertThat(aliasIdp.get().getAliasId()).isNotBlank().isEqualTo(existingIdp.getId()); - assertThat(aliasIdp.get().getAliasZid()).isNotBlank().isEqualTo(existingIdp.getIdentityZoneId()); - assertThat(aliasIdp.get().getName()).isNotBlank().isEqualTo(initialName); + // alias IdP should still exist and not be modified + final Optional> aliasIdp = readIdpViaDb(initialAliasId, zone2.getId()); + assertThat(aliasIdp).isPresent(); + assertThat(aliasIdp.get().getAliasId()).isNotBlank().isEqualTo(existingIdp.getId()); + assertThat(aliasIdp.get().getAliasZid()).isNotBlank().isEqualTo(existingIdp.getIdentityZoneId()); + assertThat(aliasIdp.get().getName()).isNotBlank().isEqualTo(initialName); + } } @Test From 2f8ae6fe11d93d60cb7953f6dd6e72e1d458a15c Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:22:03 +0100 Subject: [PATCH 12/33] Move test Update -> AliasFeatureDisabled -> shouldAccept_ShouldIgnoreDanglingReference to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 56 +++++++++---------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index bba9b93e2b1..73682b5037d 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -834,38 +834,38 @@ private void shouldAccept_ShouldIgnoreAliasIdOfExistingIdpMissing( assertThat(aliasIdp.get().getAliasZid()).isNotBlank().isEqualTo(existingIdp.getIdentityZoneId()); assertThat(aliasIdp.get().getName()).isNotBlank().isEqualTo(initialName); } - } - @Test - void shouldAccept_ShouldIgnoreDanglingReference_UaaToCustomZone() throws Throwable { - shouldAccept_ShouldIgnoreDanglingReference(IdentityZone.getUaa(), customZone); - } + @Test + void shouldAccept_ShouldIgnoreDanglingReference_UaaToCustomZone() throws Throwable { + shouldAccept_ShouldIgnoreDanglingReference(IdentityZone.getUaa(), customZone); + } - @Test - void shouldAccept_ShouldIgnoreDanglingReference_CustomToUaaZone() throws Throwable { - shouldAccept_ShouldIgnoreDanglingReference(customZone, IdentityZone.getUaa()); - } + @Test + void shouldAccept_ShouldIgnoreDanglingReference_CustomToUaaZone() throws Throwable { + shouldAccept_ShouldIgnoreDanglingReference(customZone, IdentityZone.getUaa()); + } - private void shouldAccept_ShouldIgnoreDanglingReference( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + private void shouldAccept_ShouldIgnoreDanglingReference( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - // create dangling reference by removing alias IdP directly in DB - deleteIdpViaDb(existingIdp.getOriginKey(), zone2.getId()); - - // update original IdP - existingIdp.setAliasId(null); - existingIdp.setAliasZid(null); - existingIdp.setName("some-new-name"); - final IdentityProvider updatedIdp = updateIdp(zone1, existingIdp); - assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); - assertThat(updatedIdp.getAliasId()).isBlank(); - assertThat(updatedIdp.getAliasZid()).isBlank(); + // create dangling reference by removing alias IdP directly in DB + deleteIdpViaDb(existingIdp.getOriginKey(), zone2.getId()); + + // update original IdP + existingIdp.setAliasId(null); + existingIdp.setAliasZid(null); + existingIdp.setName("some-new-name"); + final IdentityProvider updatedIdp = updateIdp(zone1, existingIdp); + assertThat(updatedIdp.getName()).isEqualTo("some-new-name"); + assertThat(updatedIdp.getAliasId()).isBlank(); + assertThat(updatedIdp.getAliasZid()).isBlank(); + } } @Test From 98d9ab1246d4a2c980cd2ddf4ea4a61cb254138e Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:22:47 +0100 Subject: [PATCH 13/33] Move test Update -> AliasFeatureDisabled -> shouldReject_OnlyAliasIdSetToNull to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 42 +++++++++---------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 73682b5037d..2e0fe08b6ac 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -866,32 +866,32 @@ private void shouldAccept_ShouldIgnoreDanglingReference( assertThat(updatedIdp.getAliasId()).isBlank(); assertThat(updatedIdp.getAliasZid()).isBlank(); } - } - @Test - void shouldReject_OnlyAliasIdSetToNull_UaaToCustomZone() throws Throwable { - shouldReject_OnlyAliasIdSetToNull(IdentityZone.getUaa(), customZone); - } + @Test + void shouldReject_OnlyAliasIdSetToNull_UaaToCustomZone() throws Throwable { + shouldReject_OnlyAliasIdSetToNull(IdentityZone.getUaa(), customZone); + } - @Test - void shouldReject_OnlyAliasIdSetToNull_CustomToUaaZone() throws Throwable { - shouldReject_OnlyAliasIdSetToNull(customZone, IdentityZone.getUaa()); - } + @Test + void shouldReject_OnlyAliasIdSetToNull_CustomToUaaZone() throws Throwable { + shouldReject_OnlyAliasIdSetToNull(customZone, IdentityZone.getUaa()); + } - private void shouldReject_OnlyAliasIdSetToNull( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + private void shouldReject_OnlyAliasIdSetToNull( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - assertThat(originalIdp.getAliasId()).isNotBlank(); - assertThat(originalIdp.getAliasZid()).isNotBlank(); + assertThat(originalIdp.getAliasId()).isNotBlank(); + assertThat(originalIdp.getAliasZid()).isNotBlank(); - originalIdp.setAliasId(null); - shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); + originalIdp.setAliasId(null); + shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Test From cd884e0899382a12d05b4fa0a5ae1afbd173a1bd Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 14:23:27 +0100 Subject: [PATCH 14/33] Move test Update -> AliasFeatureDisabled -> shouldReject_OnlyAliasZidSetToNull to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 43 +++++++++---------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 2e0fe08b6ac..fe87a304961 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -892,32 +892,31 @@ private void shouldReject_OnlyAliasIdSetToNull( originalIdp.setAliasId(null); shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); } - } - - @Test - void shouldReject_OnlyAliasZidSetToNull_UaaToCustomZone() throws Throwable { - shouldReject_OnlyAliasZidSetToNull(IdentityZone.getUaa(), customZone); - } + @Test + void shouldReject_OnlyAliasZidSetToNull_UaaToCustomZone() throws Throwable { + shouldReject_OnlyAliasZidSetToNull(IdentityZone.getUaa(), customZone); + } - @Test - void shouldReject_OnlyAliasZidSetToNull_CustomToUaaZone() throws Throwable { - shouldReject_OnlyAliasZidSetToNull(customZone, IdentityZone.getUaa()); - } + @Test + void shouldReject_OnlyAliasZidSetToNull_CustomToUaaZone() throws Throwable { + shouldReject_OnlyAliasZidSetToNull(customZone, IdentityZone.getUaa()); + } - private void shouldReject_OnlyAliasZidSetToNull( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + private void shouldReject_OnlyAliasZidSetToNull( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - assertThat(originalIdp.getAliasId()).isNotBlank(); - assertThat(originalIdp.getAliasZid()).isNotBlank(); + assertThat(originalIdp.getAliasId()).isNotBlank(); + assertThat(originalIdp.getAliasZid()).isNotBlank(); - originalIdp.setAliasZid(null); - shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); + originalIdp.setAliasZid(null); + shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } } } From 2de82ed76aef67d81b6047b885df1323d5b4cbad Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 15:14:49 +0100 Subject: [PATCH 15/33] Rename test: Update -> AliasFeatureEnabled -> shouldAccept_ShouldCreateAliasIdp to shouldAccept_ShouldCreateNewAlias --- .../IdentityProviderEndpointsAliasMockMvcTests.java | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index fe87a304961..907ef9f0889 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -402,16 +402,19 @@ protected AliasFeatureEnabled() { } @Test - void shouldAccept_ShouldCreateAliasIdp_UaaToCustomZone() throws Exception { - shouldAccept_ShouldCreateAliasIdp(IdentityZone.getUaa(), customZone); + void shouldAccept_ShouldCreateNewAlias_UaaToCustomZone() throws Exception { + shouldAccept_ShouldCreateNewAlias(IdentityZone.getUaa(), customZone); } @Test - void shouldAccept_ShouldCreateAliasIdp_CustomToUaaZone() throws Exception { - shouldAccept_ShouldCreateAliasIdp(customZone, IdentityZone.getUaa()); + void shouldAccept_ShouldCreateNewAlias_CustomToUaaZone() throws Exception { + shouldAccept_ShouldCreateNewAlias(customZone, IdentityZone.getUaa()); } - private void shouldAccept_ShouldCreateAliasIdp(final IdentityZone zone1, final IdentityZone zone2) throws Exception { + private void shouldAccept_ShouldCreateNewAlias( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Exception { // create regular idp without alias properties in zone 1 final IdentityProvider existingIdpWithoutAlias = createIdp( zone1, From f20163bc543cb21ea523457f074d7309013cbd4f Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 15:42:54 +0100 Subject: [PATCH 16/33] Add test: Update -> AliasFeatureEnabled -> should reject if zone referenced in 'aliasZid' of update payload does not exist --- ...IdentityProviderEndpointsAliasMockMvcTests.java | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 907ef9f0889..3a34178bd10 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -439,6 +439,19 @@ private void shouldAccept_ShouldCreateNewAlias( assertOtherPropertiesAreEqual(idpAfterUpdate, aliasIdp); } + @Test + void shouldReject_ReferencedZoneDoesNotExist() throws Exception { + final IdentityZone zone = IdentityZone.getUaa(); + final IdentityProvider existingIdp = createIdp( + zone, + buildUaaIdpWithAliasProperties(zone.getId(), null, null) + ); + + existingIdp.setAliasZid(UUID.randomUUID().toString()); // non-existing zone + + shouldRejectUpdate(zone, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } + @Test void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged_UaaToCustomZone() throws Exception { shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(IdentityZone.getUaa(), customZone); @@ -895,6 +908,7 @@ private void shouldReject_OnlyAliasIdSetToNull( originalIdp.setAliasId(null); shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); } + @Test void shouldReject_OnlyAliasZidSetToNull_UaaToCustomZone() throws Throwable { shouldReject_OnlyAliasZidSetToNull(IdentityZone.getUaa(), customZone); From c769dcb092feecf194a9bc85d4ef236d637404c0 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 15:53:04 +0100 Subject: [PATCH 17/33] Remove duplicate test: Update -> AliasFeatureEnabled -> shouldReject_OnlyAliasIdSet (already covered by Update -> UpdateBase -> shouldReject_NoExistingAlias_AliasIdSet) --- ...tityProviderEndpointsAliasMockMvcTests.java | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 3a34178bd10..356019d585f 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -526,24 +526,6 @@ private void shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp(final assertRelyingPartySecretIsRedacted(updatedIdp); } - @Test - void shouldReject_OnlyAliasIdSet_UaaZone() throws Exception { - shouldReject_OnlyAliasIdSet(IdentityZone.getUaa()); - } - - @Test - void shouldReject_OnlyAliasIdSet_CustomZone() throws Exception { - shouldReject_OnlyAliasIdSet(customZone); - } - - private void shouldReject_OnlyAliasIdSet(final IdentityZone zone) throws Exception { - final IdentityProvider idp = buildOidcIdpWithAliasProperties(zone.getId(), null, null); - final IdentityProvider createdProvider = createIdp(zone, idp); - assertThat(createdProvider.getAliasZid()).isBlank(); - createdProvider.setAliasId(UUID.randomUUID().toString()); - shouldRejectUpdate(zone, createdProvider, HttpStatus.UNPROCESSABLE_ENTITY); - } - @ParameterizedTest @MethodSource("shouldReject_ChangingAliasPropertiesOfIdpWithAlias") void shouldReject_ChangingAliasPropertiesOfIdpWithAlias_UaaToCustomZone( From 687f8ddc08845b3b6a700c4dbd9febd8276f4980 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 15:55:41 +0100 Subject: [PATCH 18/33] Add tests: Update -> AliasFeatureEnabled -> should reject if an alias exists and the update payload contains an empty aliasId --- ...ityProviderEndpointsAliasMockMvcTests.java | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 356019d585f..1487be37ae3 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -490,6 +490,27 @@ private void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(final Identity assertRelyingPartySecretIsRedacted(updatedOriginalIdp); } + @Test + void shouldReject_ExistingAlias_AliasIdNotSetInPayload_UaaToCustomZone() throws Exception { + shouldReject_ExistingAlias_AliasIdNotSetInPayload(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldReject_ExistingAlias_AliasIdNotSetInPayload_CustomToUaaZone() throws Exception { + shouldReject_ExistingAlias_AliasIdNotSetInPayload(customZone, IdentityZone.getUaa()); + } + + private void shouldReject_ExistingAlias_AliasIdNotSetInPayload( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Exception { + final IdentityProvider existingIdp = createIdpWithAlias(zone1, zone2); + + existingIdp.setAliasId(null); + existingIdp.setName("some-new-name"); + shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } + @Test void shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp_UaaToCustomZone() throws Exception { shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp(IdentityZone.getUaa(), customZone); From de9a2929dedddfb51abcc29995efb5440c8d566c Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:05:37 +0100 Subject: [PATCH 19/33] Rename tests: Update -> AliasFeatureEnabled -> shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp to shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias --- .../IdentityProviderEndpointsAliasMockMvcTests.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 1487be37ae3..6a57a05e1cf 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -512,16 +512,16 @@ private void shouldReject_ExistingAlias_AliasIdNotSetInPayload( } @Test - void shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp_UaaToCustomZone() throws Exception { - shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp(IdentityZone.getUaa(), customZone); + void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_UaaToCustomZone() throws Exception { + shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(IdentityZone.getUaa(), customZone); } @Test - void shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp_CustomToUaaZone() throws Exception { - shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp(customZone, IdentityZone.getUaa()); + void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_CustomToUaaZone() throws Exception { + shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(customZone, IdentityZone.getUaa()); } - private void shouldAccept_ReferencedIdpNotExisting_ShouldCreateNewAliasIdp(final IdentityZone zone1, final IdentityZone zone2) throws Exception { + private void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(final IdentityZone zone1, final IdentityZone zone2) throws Exception { final IdentityProvider idp = createIdpWithAlias(zone1, zone2); // delete the alias IdP directly in the DB -> after that, there is a dangling reference From 3e467bc683846d5c81838b7540cac486a6c7e0d8 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:08:38 +0100 Subject: [PATCH 20/33] Add test: Update -> AliasFeatureEnabled -> should reject if a dangling reference is present in the existing IdP, which cannot be fixed as the alias zone is not present --- ...ityProviderEndpointsAliasMockMvcTests.java | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 6a57a05e1cf..e993f0d7cb1 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -587,6 +587,29 @@ private static Stream shouldReject_ChangingAliasPropertiesOfIdpWithAl )); } + @Test + void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_UaaToCustomZone() throws Throwable { + final IdentityZone zone1 = IdentityZone.getUaa(); + final IdentityZone zone2 = customZone; + + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); + + // delete alias IdP + deleteIdpViaDb(existingIdp.getOriginKey(), zone2.getId()); + + /* change alias zid to a non-existing zone directly in DB, so that fixing the dangling reference + * will fail because the alias zone does not exist */ + final String nonExistingZoneId = UUID.randomUUID().toString(); + existingIdp.setAliasZid(nonExistingZoneId); + updateIdpViaDb(zone1.getId(), existingIdp); + + existingIdp.setName("some-new-name"); + shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } + @Test void shouldReject_AliasNotSupportedForIdpType_UaaToCustomZone() throws Exception { shouldReject_AliasNotSupportedForIdpType(IdentityZone.getUaa(), customZone); From 54de8705d1ea26be5cc833cd4dee89f0aff2e342 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:10:22 +0100 Subject: [PATCH 21/33] Add test: Update -> AliasFeatureEnabled -> should reject if a dangling reference is present in the existing IdP, which cannot be fixed as the origin is already occupied in the alias zone --- ...ityProviderEndpointsAliasMockMvcTests.java | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index e993f0d7cb1..4617c87cb1f 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -587,6 +587,7 @@ private static Stream shouldReject_ChangingAliasPropertiesOfIdpWithAl )); } + // TODO existing alias @Test void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_UaaToCustomZone() throws Throwable { final IdentityZone zone1 = IdentityZone.getUaa(); @@ -610,6 +611,7 @@ void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_Uaa shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); } + // TODO no existing alias @Test void shouldReject_AliasNotSupportedForIdpType_UaaToCustomZone() throws Exception { shouldReject_AliasNotSupportedForIdpType(IdentityZone.getUaa(), customZone); @@ -630,6 +632,41 @@ private void shouldReject_AliasNotSupportedForIdpType(final IdentityZone zone1, shouldRejectUpdate(zone1, createdProvider, HttpStatus.UNPROCESSABLE_ENTITY); } + @Test + void shouldReject_ReferencedAliasNotExistingAndOriginAlreadyExistsInOtherZone_UaaToCustomZone() throws Throwable { + shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldReject_ReferencedAliasNotExistingAndOriginAlreadyExistsInOtherZone_CustomToUaaZone() throws Throwable { + shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(customZone, IdentityZone.getUaa()); + } + + private void shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); + + // delete alias IdP and create a new one in zone 2 without alias but with the same origin + deleteIdpViaDb(existingIdp.getOriginKey(), zone2.getId()); + final IdentityProvider newIdpWithSameOrigin = buildOidcIdpWithAliasProperties( + zone2.getId(), + null, + null + ); + newIdpWithSameOrigin.setOriginKey(existingIdp.getOriginKey()); + createIdp(zone2, newIdpWithSameOrigin); + + existingIdp.setAliasId(null); + existingIdp.setAliasZid(null); + existingIdp.setName("some-new-name"); + shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } + @Test void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone_UaaToCustomZone() throws Exception { shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(IdentityZone.getUaa(), customZone); From 2d802653989ddc6b9977e9981c8ce0572a7b3db9 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:13:43 +0100 Subject: [PATCH 22/33] Move tests: Update -> AliasFeatureEnabled -> shouldAccept_ShouldCreateNewAlias to nested class NoExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 73 ++++++++++--------- 1 file changed, 39 insertions(+), 34 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 4617c87cb1f..06ace15cd8b 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -401,42 +401,45 @@ protected AliasFeatureEnabled() { super(true); } - @Test - void shouldAccept_ShouldCreateNewAlias_UaaToCustomZone() throws Exception { - shouldAccept_ShouldCreateNewAlias(IdentityZone.getUaa(), customZone); - } - - @Test - void shouldAccept_ShouldCreateNewAlias_CustomToUaaZone() throws Exception { - shouldAccept_ShouldCreateNewAlias(customZone, IdentityZone.getUaa()); - } - - private void shouldAccept_ShouldCreateNewAlias( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Exception { - // create regular idp without alias properties in zone 1 - final IdentityProvider existingIdpWithoutAlias = createIdp( - zone1, - buildOidcIdpWithAliasProperties(zone1.getId(), null, null) - ); - assertThat(existingIdpWithoutAlias).isNotNull(); - assertThat(existingIdpWithoutAlias.getId()).isNotBlank(); + @Nested + class NoExistingAlias { + @Test + void shouldAccept_ShouldCreateNewAlias_UaaToCustomZone() throws Exception { + shouldAccept_ShouldCreateNewAlias(IdentityZone.getUaa(), customZone); + } - // perform update: set Alias ZID - existingIdpWithoutAlias.setAliasZid(zone2.getId()); - final IdentityProvider idpAfterUpdate = updateIdp(zone1, existingIdpWithoutAlias); - assertThat(idpAfterUpdate.getAliasId()).isNotBlank(); - assertThat(idpAfterUpdate.getAliasZid()).isNotBlank(); - assertThat(zone2.getId()).isEqualTo(idpAfterUpdate.getAliasZid()); + @Test + void shouldAccept_ShouldCreateNewAlias_CustomToUaaZone() throws Exception { + shouldAccept_ShouldCreateNewAlias(customZone, IdentityZone.getUaa()); + } - // read alias IdP through alias id in original IdP - final String id = idpAfterUpdate.getAliasId(); - final Optional> idp = readIdpFromZoneIfExists(zone2.getId(), id); - assertThat(idp).isPresent(); - final IdentityProvider aliasIdp = idp.get(); - assertIdpReferencesOtherIdp(aliasIdp, idpAfterUpdate); - assertOtherPropertiesAreEqual(idpAfterUpdate, aliasIdp); + private void shouldAccept_ShouldCreateNewAlias( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Exception { + // create regular idp without alias properties in zone 1 + final IdentityProvider existingIdpWithoutAlias = createIdp( + zone1, + buildOidcIdpWithAliasProperties(zone1.getId(), null, null) + ); + assertThat(existingIdpWithoutAlias).isNotNull(); + assertThat(existingIdpWithoutAlias.getId()).isNotBlank(); + + // perform update: set Alias ZID + existingIdpWithoutAlias.setAliasZid(zone2.getId()); + final IdentityProvider idpAfterUpdate = updateIdp(zone1, existingIdpWithoutAlias); + assertThat(idpAfterUpdate.getAliasId()).isNotBlank(); + assertThat(idpAfterUpdate.getAliasZid()).isNotBlank(); + assertThat(zone2.getId()).isEqualTo(idpAfterUpdate.getAliasZid()); + + // read alias IdP through alias id in original IdP + final String id = idpAfterUpdate.getAliasId(); + final Optional> idp = readIdpFromZoneIfExists(zone2.getId(), id); + assertThat(idp).isPresent(); + final IdentityProvider aliasIdp = idp.get(); + assertIdpReferencesOtherIdp(aliasIdp, idpAfterUpdate); + assertOtherPropertiesAreEqual(idpAfterUpdate, aliasIdp); + } } @Test @@ -632,6 +635,7 @@ private void shouldReject_AliasNotSupportedForIdpType(final IdentityZone zone1, shouldRejectUpdate(zone1, createdProvider, HttpStatus.UNPROCESSABLE_ENTITY); } + // TODO existing alias @Test void shouldReject_ReferencedAliasNotExistingAndOriginAlreadyExistsInOtherZone_UaaToCustomZone() throws Throwable { shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(IdentityZone.getUaa(), customZone); @@ -667,6 +671,7 @@ private void shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyE shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); } + // TODO no existing alias @Test void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone_UaaToCustomZone() throws Exception { shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(IdentityZone.getUaa(), customZone); From 61e1f9c403399f502c9cf51e576ca1e30e4e4cdf Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:14:44 +0100 Subject: [PATCH 23/33] Move tests: Update -> AliasFeatureEnabled -> shouldReject_ReferencedZoneDoesNotExist to nested class NoExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 06ace15cd8b..55a4bec9450 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -440,19 +440,19 @@ private void shouldAccept_ShouldCreateNewAlias( assertIdpReferencesOtherIdp(aliasIdp, idpAfterUpdate); assertOtherPropertiesAreEqual(idpAfterUpdate, aliasIdp); } - } - @Test - void shouldReject_ReferencedZoneDoesNotExist() throws Exception { - final IdentityZone zone = IdentityZone.getUaa(); - final IdentityProvider existingIdp = createIdp( - zone, - buildUaaIdpWithAliasProperties(zone.getId(), null, null) - ); + @Test + void shouldReject_ReferencedZoneDoesNotExist() throws Exception { + final IdentityZone zone = IdentityZone.getUaa(); + final IdentityProvider existingIdp = createIdp( + zone, + buildUaaIdpWithAliasProperties(zone.getId(), null, null) + ); - existingIdp.setAliasZid(UUID.randomUUID().toString()); // non-existing zone + existingIdp.setAliasZid(UUID.randomUUID().toString()); // non-existing zone - shouldRejectUpdate(zone, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + shouldRejectUpdate(zone, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Test From b81970cac502ee2f95a341acbb50f99ba60a035c Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:19:49 +0100 Subject: [PATCH 24/33] Remove TODOs --- .../providers/IdentityProviderEndpointsAliasMockMvcTests.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 55a4bec9450..df1c3a04b44 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -635,7 +635,6 @@ private void shouldReject_AliasNotSupportedForIdpType(final IdentityZone zone1, shouldRejectUpdate(zone1, createdProvider, HttpStatus.UNPROCESSABLE_ENTITY); } - // TODO existing alias @Test void shouldReject_ReferencedAliasNotExistingAndOriginAlreadyExistsInOtherZone_UaaToCustomZone() throws Throwable { shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(IdentityZone.getUaa(), customZone); @@ -671,7 +670,6 @@ private void shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyE shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); } - // TODO no existing alias @Test void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone_UaaToCustomZone() throws Exception { shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(IdentityZone.getUaa(), customZone); From f281a1e8327961d7129f5011fb96a976f8178229 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:22:11 +0100 Subject: [PATCH 25/33] Move tests: Update -> AliasFeatureEnabled -> shouldReject_AliasNotSupportedForIdpType to nested class NoExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 41 +++++++++---------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index df1c3a04b44..a01143bf967 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -453,6 +453,26 @@ void shouldReject_ReferencedZoneDoesNotExist() throws Exception { shouldRejectUpdate(zone, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); } + + @Test + void shouldReject_AliasNotSupportedForIdpType_UaaToCustomZone() throws Exception { + shouldReject_AliasNotSupportedForIdpType(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldReject_AliasNotSupportedForIdpType_CustomZone() throws Exception { + shouldReject_AliasNotSupportedForIdpType(customZone, IdentityZone.getUaa()); + } + + private void shouldReject_AliasNotSupportedForIdpType(final IdentityZone zone1, final IdentityZone zone2) throws Exception { + final IdentityProvider uaaIdp = buildUaaIdpWithAliasProperties(zone1.getId(), null, null); + final IdentityProvider createdProvider = createIdp(zone1, uaaIdp); + assertThat(createdProvider.getAliasZid()).isBlank(); + + // try to create an alias for the IdP -> should fail because of the IdP's type + createdProvider.setAliasZid(zone2.getId()); + shouldRejectUpdate(zone1, createdProvider, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Test @@ -614,27 +634,6 @@ void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_Uaa shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); } - // TODO no existing alias - @Test - void shouldReject_AliasNotSupportedForIdpType_UaaToCustomZone() throws Exception { - shouldReject_AliasNotSupportedForIdpType(IdentityZone.getUaa(), customZone); - } - - @Test - void shouldReject_AliasNotSupportedForIdpType_CustomZone() throws Exception { - shouldReject_AliasNotSupportedForIdpType(customZone, IdentityZone.getUaa()); - } - - private void shouldReject_AliasNotSupportedForIdpType(final IdentityZone zone1, final IdentityZone zone2) throws Exception { - final IdentityProvider uaaIdp = buildUaaIdpWithAliasProperties(zone1.getId(), null, null); - final IdentityProvider createdProvider = createIdp(zone1, uaaIdp); - assertThat(createdProvider.getAliasZid()).isBlank(); - - // try to create an alias for the IdP -> should fail because of the IdP's type - createdProvider.setAliasZid(zone2.getId()); - shouldRejectUpdate(zone1, createdProvider, HttpStatus.UNPROCESSABLE_ENTITY); - } - @Test void shouldReject_ReferencedAliasNotExistingAndOriginAlreadyExistsInOtherZone_UaaToCustomZone() throws Throwable { shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(IdentityZone.getUaa(), customZone); From 43fc409254fafe2997a170d8355f7e849f13d145 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:24:11 +0100 Subject: [PATCH 26/33] Move tests: Update -> AliasFeatureEnabled -> shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone to nested class NoExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 60 +++++++++---------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index a01143bf967..42b4e24c65b 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -473,6 +473,36 @@ private void shouldReject_AliasNotSupportedForIdpType(final IdentityZone zone1, createdProvider.setAliasZid(zone2.getId()); shouldRejectUpdate(zone1, createdProvider, HttpStatus.UNPROCESSABLE_ENTITY); } + + @Test + void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone_UaaToCustomZone() throws Exception { + shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(IdentityZone.getUaa(), customZone); + } + + @Test + void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone_CustomToUaaZone() throws Exception { + shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(customZone, IdentityZone.getUaa()); + } + + private void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(final IdentityZone zone1, final IdentityZone zone2) throws Exception { + // create IdP with origin key in zone 2 + final IdentityProvider existingIdpInZone2 = buildOidcIdpWithAliasProperties(zone2.getId(), null, null); + createIdp(zone2, existingIdpInZone2); + + // create IdP with same origin key in zone 1 + final IdentityProvider idp = buildIdpWithAliasProperties( + zone1.getId(), + null, + null, + existingIdpInZone2.getOriginKey(), // same origin key + OIDC10 + ); + final IdentityProvider providerInZone1 = createIdp(zone1, idp); + + // update the alias ZID to zone 2, where an IdP with this origin already exists -> should fail + providerInZone1.setAliasZid(zone2.getId()); + shouldRejectUpdate(zone1, providerInZone1, HttpStatus.CONFLICT); + } } @Test @@ -669,36 +699,6 @@ private void shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyE shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); } - @Test - void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone_UaaToCustomZone() throws Exception { - shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(IdentityZone.getUaa(), customZone); - } - - @Test - void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone_CustomToUaaZone() throws Exception { - shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(customZone, IdentityZone.getUaa()); - } - - private void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(final IdentityZone zone1, final IdentityZone zone2) throws Exception { - // create IdP with origin key in zone 2 - final IdentityProvider existingIdpInZone2 = buildOidcIdpWithAliasProperties(zone2.getId(), null, null); - createIdp(zone2, existingIdpInZone2); - - // create IdP with same origin key in zone 1 - final IdentityProvider idp = buildIdpWithAliasProperties( - zone1.getId(), - null, - null, - existingIdpInZone2.getOriginKey(), // same origin key - OIDC10 - ); - final IdentityProvider providerInZone1 = createIdp(zone1, idp); - - // update the alias ZID to zone 2, where an IdP with this origin already exists -> should fail - providerInZone1.setAliasZid(zone2.getId()); - shouldRejectUpdate(zone1, providerInZone1, HttpStatus.CONFLICT); - } - @Test void shouldReject_IdpInCustomZone_AliasToOtherCustomZone() throws Exception { final IdentityProvider idpInCustomZone = createIdp( From 2a206f60f3634885c57676330f2c58d7bcdcf941 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:25:33 +0100 Subject: [PATCH 27/33] Move tests: Update -> AliasFeatureEnabled -> shouldReject_AliasZidSetToSameZone to nested class NoExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 42b4e24c65b..b01938dcc23 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -503,6 +503,25 @@ private void shouldReject_IdpWithOriginKeyAlreadyPresentInOtherZone(final Identi providerInZone1.setAliasZid(zone2.getId()); shouldRejectUpdate(zone1, providerInZone1, HttpStatus.CONFLICT); } + + @Test + void shouldReject_AliasZidSetToSameZone_UaaZone() throws Exception { + shouldReject_AliasZidSetToSameZone(IdentityZone.getUaa()); + } + + @Test + void shouldReject_AliasZidSetToSameZone_CustomZone() throws Exception { + shouldReject_AliasZidSetToSameZone(customZone); + } + + private void shouldReject_AliasZidSetToSameZone(final IdentityZone zone) throws Exception { + final IdentityProvider idp = createIdp( + zone, + buildOidcIdpWithAliasProperties(zone.getId(), null, null) + ); + idp.setAliasZid(zone.getId()); + shouldRejectUpdate(zone, idp, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Test @@ -710,25 +729,6 @@ void shouldReject_IdpInCustomZone_AliasToOtherCustomZone() throws Exception { idpInCustomZone.setAliasZid("not-uaa"); shouldRejectUpdate(customZone, idpInCustomZone, HttpStatus.UNPROCESSABLE_ENTITY); } - - @Test - void shouldReject_AliasZidSetToSameZone_UaaZone() throws Exception { - shouldReject_AliasZidSetToSameZone(IdentityZone.getUaa()); - } - - @Test - void shouldReject_AliasZidSetToSameZone_CustomZone() throws Exception { - shouldReject_AliasZidSetToSameZone(customZone); - } - - private void shouldReject_AliasZidSetToSameZone(final IdentityZone zone) throws Exception { - final IdentityProvider idp = createIdp( - zone, - buildOidcIdpWithAliasProperties(zone.getId(), null, null) - ); - idp.setAliasZid(zone.getId()); - shouldRejectUpdate(zone, idp, HttpStatus.UNPROCESSABLE_ENTITY); - } } @Nested From c2f3c91010c5054e6141cda8d6a2313478bc4978 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:27:17 +0100 Subject: [PATCH 28/33] Move tests: Update -> AliasFeatureEnabled -> shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 69 ++++++++++--------- 1 file changed, 36 insertions(+), 33 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index b01938dcc23..9ac3bd71e1a 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -524,42 +524,45 @@ private void shouldReject_AliasZidSetToSameZone(final IdentityZone zone) throws } } - @Test - void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged_UaaToCustomZone() throws Exception { - shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(IdentityZone.getUaa(), customZone); - } + @Nested + class ExistingAlias { + @Test + void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged_UaaToCustomZone() throws Exception { + shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(IdentityZone.getUaa(), customZone); + } - @Test - void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged_CustomToUaaZone() throws Exception { - shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(customZone, IdentityZone.getUaa()); - } - - private void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(final IdentityZone zone1, final IdentityZone zone2) throws Exception { - // create an IdP with an alias - final IdentityProvider originalIdp = createIdpWithAlias(zone1, zone2); - - // update other property - final String newName = "new name"; - originalIdp.setName(newName); - final IdentityProvider updatedOriginalIdp = updateIdp(zone1, originalIdp); - assertThat(updatedOriginalIdp).isNotNull(); - assertThat(updatedOriginalIdp.getAliasId()).isNotBlank(); - assertThat(updatedOriginalIdp.getAliasZid()).isNotBlank(); - assertThat(updatedOriginalIdp.getAliasZid()).isEqualTo(zone2.getId()); - assertThat(updatedOriginalIdp.getName()).isNotBlank().isEqualTo(newName); - - // check if the change is propagated to the alias IdP - final String id = updatedOriginalIdp.getAliasId(); - final Optional> aliasIdp = readIdpFromZoneIfExists(zone2.getId(), id); - assertThat(aliasIdp).isPresent(); - assertIdpReferencesOtherIdp(aliasIdp.get(), updatedOriginalIdp); - assertThat(aliasIdp.get().getName()).isNotBlank().isEqualTo(newName); + @Test + void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged_CustomToUaaZone() throws Exception { + shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(customZone, IdentityZone.getUaa()); + } - // check if both have the same non-empty relying party secret in the DB - assertIdpAndAliasHaveSameRelyingPartySecretInDb(updatedOriginalIdp); + private void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(final IdentityZone zone1, final IdentityZone zone2) throws Exception { + // create an IdP with an alias + final IdentityProvider originalIdp = createIdpWithAlias(zone1, zone2); + + // update other property + final String newName = "new name"; + originalIdp.setName(newName); + final IdentityProvider updatedOriginalIdp = updateIdp(zone1, originalIdp); + assertThat(updatedOriginalIdp).isNotNull(); + assertThat(updatedOriginalIdp.getAliasId()).isNotBlank(); + assertThat(updatedOriginalIdp.getAliasZid()).isNotBlank(); + assertThat(updatedOriginalIdp.getAliasZid()).isEqualTo(zone2.getId()); + assertThat(updatedOriginalIdp.getName()).isNotBlank().isEqualTo(newName); + + // check if the change is propagated to the alias IdP + final String id = updatedOriginalIdp.getAliasId(); + final Optional> aliasIdp = readIdpFromZoneIfExists(zone2.getId(), id); + assertThat(aliasIdp).isPresent(); + assertIdpReferencesOtherIdp(aliasIdp.get(), updatedOriginalIdp); + assertThat(aliasIdp.get().getName()).isNotBlank().isEqualTo(newName); - // check if the returned IdP has a redacted relying party secret - assertRelyingPartySecretIsRedacted(updatedOriginalIdp); + // check if both have the same non-empty relying party secret in the DB + assertIdpAndAliasHaveSameRelyingPartySecretInDb(updatedOriginalIdp); + + // check if the returned IdP has a redacted relying party secret + assertRelyingPartySecretIsRedacted(updatedOriginalIdp); + } } @Test From fc137644506783fa102f5746eaeffa31c08647b5 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:28:08 +0100 Subject: [PATCH 29/33] Move tests: Update -> AliasFeatureEnabled -> shouldReject_ExistingAlias_AliasIdNotSetInPayload to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 9ac3bd71e1a..cf31001f719 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -563,27 +563,27 @@ private void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(final Identity // check if the returned IdP has a redacted relying party secret assertRelyingPartySecretIsRedacted(updatedOriginalIdp); } - } - @Test - void shouldReject_ExistingAlias_AliasIdNotSetInPayload_UaaToCustomZone() throws Exception { - shouldReject_ExistingAlias_AliasIdNotSetInPayload(IdentityZone.getUaa(), customZone); - } + @Test + void shouldReject_ExistingAlias_AliasIdNotSetInPayload_UaaToCustomZone() throws Exception { + shouldReject_ExistingAlias_AliasIdNotSetInPayload(IdentityZone.getUaa(), customZone); + } - @Test - void shouldReject_ExistingAlias_AliasIdNotSetInPayload_CustomToUaaZone() throws Exception { - shouldReject_ExistingAlias_AliasIdNotSetInPayload(customZone, IdentityZone.getUaa()); - } + @Test + void shouldReject_ExistingAlias_AliasIdNotSetInPayload_CustomToUaaZone() throws Exception { + shouldReject_ExistingAlias_AliasIdNotSetInPayload(customZone, IdentityZone.getUaa()); + } - private void shouldReject_ExistingAlias_AliasIdNotSetInPayload( - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Exception { - final IdentityProvider existingIdp = createIdpWithAlias(zone1, zone2); + private void shouldReject_ExistingAlias_AliasIdNotSetInPayload( + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Exception { + final IdentityProvider existingIdp = createIdpWithAlias(zone1, zone2); - existingIdp.setAliasId(null); - existingIdp.setName("some-new-name"); - shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + existingIdp.setAliasId(null); + existingIdp.setName("some-new-name"); + shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Test From c8bb6df55e3bf20eca7e995fe1e5ac4a5b66fb78 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:28:59 +0100 Subject: [PATCH 30/33] Move tests: Update -> AliasFeatureEnabled -> shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 56 +++++++++---------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index cf31001f719..d7664efe118 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -584,42 +584,42 @@ private void shouldReject_ExistingAlias_AliasIdNotSetInPayload( existingIdp.setName("some-new-name"); shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); } - } - @Test - void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_UaaToCustomZone() throws Exception { - shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(IdentityZone.getUaa(), customZone); - } + @Test + void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_UaaToCustomZone() throws Exception { + shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(IdentityZone.getUaa(), customZone); + } - @Test - void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_CustomToUaaZone() throws Exception { - shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(customZone, IdentityZone.getUaa()); - } + @Test + void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_CustomToUaaZone() throws Exception { + shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(customZone, IdentityZone.getUaa()); + } - private void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(final IdentityZone zone1, final IdentityZone zone2) throws Exception { - final IdentityProvider idp = createIdpWithAlias(zone1, zone2); + private void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(final IdentityZone zone1, final IdentityZone zone2) throws Exception { + final IdentityProvider idp = createIdpWithAlias(zone1, zone2); - // delete the alias IdP directly in the DB -> after that, there is a dangling reference - deleteIdpViaDb(idp.getOriginKey(), zone2.getId()); + // delete the alias IdP directly in the DB -> after that, there is a dangling reference + deleteIdpViaDb(idp.getOriginKey(), zone2.getId()); - // update some other property on the original IdP - idp.setName("some-new-name"); - final IdentityProvider updatedIdp = updateIdp(zone1, idp); - assertThat(updatedIdp.getAliasId()).isNotBlank().isNotEqualTo(idp.getAliasId()); - assertThat(updatedIdp.getAliasZid()).isNotBlank().isEqualTo(idp.getAliasZid()); + // update some other property on the original IdP + idp.setName("some-new-name"); + final IdentityProvider updatedIdp = updateIdp(zone1, idp); + assertThat(updatedIdp.getAliasId()).isNotBlank().isNotEqualTo(idp.getAliasId()); + assertThat(updatedIdp.getAliasZid()).isNotBlank().isEqualTo(idp.getAliasZid()); - // check if the new alias IdP is present and has the correct properties - final String id = updatedIdp.getAliasId(); - final Optional> aliasIdp = readIdpFromZoneIfExists(zone2.getId(), id); - assertThat(aliasIdp).isPresent(); - assertIdpReferencesOtherIdp(updatedIdp, aliasIdp.get()); - assertOtherPropertiesAreEqual(updatedIdp, aliasIdp.get()); + // check if the new alias IdP is present and has the correct properties + final String id = updatedIdp.getAliasId(); + final Optional> aliasIdp = readIdpFromZoneIfExists(zone2.getId(), id); + assertThat(aliasIdp).isPresent(); + assertIdpReferencesOtherIdp(updatedIdp, aliasIdp.get()); + assertOtherPropertiesAreEqual(updatedIdp, aliasIdp.get()); - // check if both have the same non-empty relying party secret - assertIdpAndAliasHaveSameRelyingPartySecretInDb(updatedIdp); + // check if both have the same non-empty relying party secret + assertIdpAndAliasHaveSameRelyingPartySecretInDb(updatedIdp); - // check if the returned IdP has a redacted relying party secret - assertRelyingPartySecretIsRedacted(updatedIdp); + // check if the returned IdP has a redacted relying party secret + assertRelyingPartySecretIsRedacted(updatedIdp); + } } @ParameterizedTest From d6458aab657ad7214c68b0a3ac36e40113610f6f Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:30:01 +0100 Subject: [PATCH 31/33] Move tests: Update -> AliasFeatureEnabled -> shouldReject_ChangingAliasPropertiesOfIdpWithAlias to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 72 +++++++++---------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index d7664efe118..2115b6787b0 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -620,46 +620,46 @@ private void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(f // check if the returned IdP has a redacted relying party secret assertRelyingPartySecretIsRedacted(updatedIdp); } - } - @ParameterizedTest - @MethodSource("shouldReject_ChangingAliasPropertiesOfIdpWithAlias") - void shouldReject_ChangingAliasPropertiesOfIdpWithAlias_UaaToCustomZone( - final String newAliasId, - final String newAliasZid - ) throws Throwable { - shouldReject_ChangingAliasPropertiesOfIdpWithAlias(newAliasId, newAliasZid, IdentityZone.getUaa(), customZone); - } + @ParameterizedTest + @MethodSource("shouldReject_ChangingAliasPropertiesOfIdpWithAlias") + void shouldReject_ChangingAliasPropertiesOfIdpWithAlias_UaaToCustomZone( + final String newAliasId, + final String newAliasZid + ) throws Throwable { + shouldReject_ChangingAliasPropertiesOfIdpWithAlias(newAliasId, newAliasZid, IdentityZone.getUaa(), customZone); + } - @ParameterizedTest - @MethodSource("shouldReject_ChangingAliasPropertiesOfIdpWithAlias") - void shouldReject_ChangingAliasPropertiesOfIdpWithAlias_CustomToUaaZone( - final String newAliasId, - final String newAliasZid - ) throws Throwable { - shouldReject_ChangingAliasPropertiesOfIdpWithAlias(newAliasId, newAliasZid, customZone, IdentityZone.getUaa()); - } + @ParameterizedTest + @MethodSource("shouldReject_ChangingAliasPropertiesOfIdpWithAlias") + void shouldReject_ChangingAliasPropertiesOfIdpWithAlias_CustomToUaaZone( + final String newAliasId, + final String newAliasZid + ) throws Throwable { + shouldReject_ChangingAliasPropertiesOfIdpWithAlias(newAliasId, newAliasZid, customZone, IdentityZone.getUaa()); + } - private void shouldReject_ChangingAliasPropertiesOfIdpWithAlias( - final String newAliasId, - final String newAliasZid, - final IdentityZone zone1, - final IdentityZone zone2 - ) throws Throwable { - final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); - originalIdp.setAliasId(newAliasId); - originalIdp.setAliasZid(newAliasZid); - shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); - } + private void shouldReject_ChangingAliasPropertiesOfIdpWithAlias( + final String newAliasId, + final String newAliasZid, + final IdentityZone zone1, + final IdentityZone zone2 + ) throws Throwable { + final IdentityProvider originalIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); + originalIdp.setAliasId(newAliasId); + originalIdp.setAliasZid(newAliasZid); + shouldRejectUpdate(zone1, originalIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } - private static Stream shouldReject_ChangingAliasPropertiesOfIdpWithAlias() { - return Stream.of(null, "", "other").flatMap(aliasIdValue -> - Stream.of(null, "", "other").map(aliasZidValue -> - Arguments.of(aliasIdValue, aliasZidValue) - )); + private static Stream shouldReject_ChangingAliasPropertiesOfIdpWithAlias() { + return Stream.of(null, "", "other").flatMap(aliasIdValue -> + Stream.of(null, "", "other").map(aliasZidValue -> + Arguments.of(aliasIdValue, aliasZidValue) + )); + } } // TODO existing alias From fa17d4668f5b41daee904fc761f50a38e4ff07f1 Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:31:01 +0100 Subject: [PATCH 32/33] Move test: Update -> AliasFeatureEnabled -> shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_UaaToCustomZone to nested class ExistingAlias --- ...ityProviderEndpointsAliasMockMvcTests.java | 37 +++++++++---------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index 2115b6787b0..cb0be2f4601 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -660,30 +660,29 @@ private static Stream shouldReject_ChangingAliasPropertiesOfIdpWithAl Arguments.of(aliasIdValue, aliasZidValue) )); } - } - // TODO existing alias - @Test - void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_UaaToCustomZone() throws Throwable { - final IdentityZone zone1 = IdentityZone.getUaa(); - final IdentityZone zone2 = customZone; + @Test + void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_UaaToCustomZone() throws Throwable { + final IdentityZone zone1 = IdentityZone.getUaa(); + final IdentityZone zone2 = customZone; - final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( - aliasFeatureEnabled, - () -> createIdpWithAlias(zone1, zone2) - ); + final IdentityProvider existingIdp = executeWithTemporarilyEnabledAliasFeature( + aliasFeatureEnabled, + () -> createIdpWithAlias(zone1, zone2) + ); - // delete alias IdP - deleteIdpViaDb(existingIdp.getOriginKey(), zone2.getId()); + // delete alias IdP + deleteIdpViaDb(existingIdp.getOriginKey(), zone2.getId()); - /* change alias zid to a non-existing zone directly in DB, so that fixing the dangling reference - * will fail because the alias zone does not exist */ - final String nonExistingZoneId = UUID.randomUUID().toString(); - existingIdp.setAliasZid(nonExistingZoneId); - updateIdpViaDb(zone1.getId(), existingIdp); + /* change alias zid to a non-existing zone directly in DB, so that fixing the dangling reference + * will fail because the alias zone does not exist */ + final String nonExistingZoneId = UUID.randomUUID().toString(); + existingIdp.setAliasZid(nonExistingZoneId); + updateIdpViaDb(zone1.getId(), existingIdp); - existingIdp.setName("some-new-name"); - shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + existingIdp.setName("some-new-name"); + shouldRejectUpdate(zone1, existingIdp, HttpStatus.UNPROCESSABLE_ENTITY); + } } @Test From 69e3c6d3ce2b263b3fd3da61cabb8ca6d8bd563c Mon Sep 17 00:00:00 2001 From: Adrian Hoelzl Date: Tue, 19 Mar 2024 16:34:54 +0100 Subject: [PATCH 33/33] Remove obsolete "ExistingAlias" from test method names --- ...ityProviderEndpointsAliasMockMvcTests.java | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java index cb0be2f4601..603219fe41b 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/providers/IdentityProviderEndpointsAliasMockMvcTests.java @@ -565,16 +565,16 @@ private void shouldAccept_OtherPropertiesOfIdpWithAliasAreChanged(final Identity } @Test - void shouldReject_ExistingAlias_AliasIdNotSetInPayload_UaaToCustomZone() throws Exception { - shouldReject_ExistingAlias_AliasIdNotSetInPayload(IdentityZone.getUaa(), customZone); + void shouldReject_AliasIdNotSetInPayload_UaaToCustomZone() throws Exception { + shouldReject_AliasIdNotSetInPayload(IdentityZone.getUaa(), customZone); } @Test - void shouldReject_ExistingAlias_AliasIdNotSetInPayload_CustomToUaaZone() throws Exception { - shouldReject_ExistingAlias_AliasIdNotSetInPayload(customZone, IdentityZone.getUaa()); + void shouldReject_AliasIdNotSetInPayload_CustomToUaaZone() throws Exception { + shouldReject_AliasIdNotSetInPayload(customZone, IdentityZone.getUaa()); } - private void shouldReject_ExistingAlias_AliasIdNotSetInPayload( + private void shouldReject_AliasIdNotSetInPayload( final IdentityZone zone1, final IdentityZone zone2 ) throws Exception { @@ -586,16 +586,16 @@ private void shouldReject_ExistingAlias_AliasIdNotSetInPayload( } @Test - void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_UaaToCustomZone() throws Exception { - shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(IdentityZone.getUaa(), customZone); + void shouldAccept_ShouldFixDanglingRefByCreatingNewAlias_UaaToCustomZone() throws Exception { + shouldAccept_ShouldFixDanglingRefByCreatingNewAlias(IdentityZone.getUaa(), customZone); } @Test - void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias_CustomToUaaZone() throws Exception { - shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(customZone, IdentityZone.getUaa()); + void shouldAccept_ShouldFixDanglingRefByCreatingNewAlias_CustomToUaaZone() throws Exception { + shouldAccept_ShouldFixDanglingRefByCreatingNewAlias(customZone, IdentityZone.getUaa()); } - private void shouldAccept_ExistingAlias_ShouldFixDanglingRefByCreatingNewAlias(final IdentityZone zone1, final IdentityZone zone2) throws Exception { + private void shouldAccept_ShouldFixDanglingRefByCreatingNewAlias(final IdentityZone zone1, final IdentityZone zone2) throws Exception { final IdentityProvider idp = createIdpWithAlias(zone1, zone2); // delete the alias IdP directly in the DB -> after that, there is a dangling reference @@ -662,7 +662,7 @@ private static Stream shouldReject_ChangingAliasPropertiesOfIdpWithAl } @Test - void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_UaaToCustomZone() throws Throwable { + void shouldReject_CannotFixDanglingRefAsAliasZoneIsNotExisting_UaaToCustomZone() throws Throwable { final IdentityZone zone1 = IdentityZone.getUaa(); final IdentityZone zone2 = customZone; @@ -686,16 +686,16 @@ void shouldReject_ExistingAlias_CannotFixDanglingRefAsAliasZoneIsNotExisting_Uaa } @Test - void shouldReject_ReferencedAliasNotExistingAndOriginAlreadyExistsInOtherZone_UaaToCustomZone() throws Throwable { - shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(IdentityZone.getUaa(), customZone); + void shouldReject_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone_UaaToCustomZone() throws Throwable { + shouldReject_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(IdentityZone.getUaa(), customZone); } @Test - void shouldReject_ReferencedAliasNotExistingAndOriginAlreadyExistsInOtherZone_CustomToUaaZone() throws Throwable { - shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(customZone, IdentityZone.getUaa()); + void shouldReject_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone_CustomToUaaZone() throws Throwable { + shouldReject_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone(customZone, IdentityZone.getUaa()); } - private void shouldReject_ExistingAlias_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone( + private void shouldReject_DanglingRefCannotBeFixedAsOriginAlreadyExistsInAliasZone( final IdentityZone zone1, final IdentityZone zone2 ) throws Throwable {