usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mru...@apache.org
Subject usergrid git commit: Update error messages thrown when external SSO is enabled.
Date Tue, 02 Aug 2016 15:41:43 GMT
Repository: usergrid
Updated Branches:
  refs/heads/master f385b074b -> 0b8402370


Update error messages thrown when external SSO is enabled.


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/0b840237
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/0b840237
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/0b840237

Branch: refs/heads/master
Commit: 0b84023705eac7765fda8f8ecb8fc277a3bfcfc5
Parents: f385b07
Author: Michael Russo <mrusso@apigee.com>
Authored: Tue Aug 2 08:41:11 2016 -0700
Committer: Michael Russo <mrusso@apigee.com>
Committed: Tue Aug 2 08:41:11 2016 -0700

----------------------------------------------------------------------
 .../rest/management/ManagementResource.java     | 11 +++---
 .../rest/management/users/UserResource.java     | 37 ++++++++++----------
 .../rest/management/users/UsersResource.java    |  5 +--
 .../rest/management/ExternalSSOEnabledIT.java   |  2 +-
 .../rest/management/ManagementResourceIT.java   |  6 ++--
 5 files changed, 31 insertions(+), 30 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/0b840237/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index f36c4ff..83f06ed 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -61,6 +61,7 @@ import java.util.Map;
 import static javax.servlet.http.HttpServletResponse.*;
 import static javax.ws.rs.core.MediaType.*;
 import static org.apache.commons.lang.StringUtils.isNotBlank;
+import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER;
 import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER_URL;
 import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_SSO_ENABLED;
 import static org.apache.usergrid.utils.JsonUtils.mapToJsonString;
@@ -398,7 +399,7 @@ public class ManagementResource extends AbstractContextResource {
                 && !userServiceAdmin(username) ){
                 OAuthResponse response =
                     OAuthResponse.errorResponse( SC_BAD_REQUEST ).setError( OAuthError.TokenResponse.INVALID_GRANT
)
-                        .setErrorDescription( "SSO Integration is enabled, Admin users must
login via provider: "+
+                        .setErrorDescription( "External SSO integration is enabled, admin
users must login via provider: "+
                             properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
).buildJSONMessage();
                 return Response.status( response.getResponseStatus() ).type( jsonMediaType(
callback ) )
                     .entity( wrapWithCallback( response.getBody(), callback ) ).build();
@@ -625,16 +626,12 @@ public class ManagementResource extends AbstractContextResource {
             return; // we only care about username/password auth
         }
 
-        //why !isexternal_sso_enabled ?
-//        final boolean externalTokensEnabled =
-//                !StringUtils.isEmpty( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED
) );
-
         if ( tokens.isExternalSSOProviderEnabled() ) {
             // when external tokens enabled then only superuser can obtain an access token
             if ( !userServiceAdmin(username)) {
                 // this guy is not the superuser
-                throw new IllegalArgumentException( "Admin Users must login via " +
-                        properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+                throw new IllegalArgumentException( "External SSO integration is enabled,
admin users must login via provider: "+
+                    properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
);
             }
         }
     }

http://git-wip-us.apache.org/repos/asf/usergrid/blob/0b840237/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
index 21d4c23..e511e2e 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
@@ -30,6 +30,7 @@ import org.apache.usergrid.rest.management.users.organizations.OrganizationsReso
 import org.apache.usergrid.rest.security.annotations.RequireAdminUserAccess;
 import org.apache.usergrid.security.shiro.principals.PrincipalIdentifier;
 import org.apache.usergrid.security.tokens.TokenInfo;
+import org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl;
 import org.apache.usergrid.security.tokens.exceptions.TokenException;
 import org.apache.usergrid.services.ServiceResults;
 import org.glassfish.jersey.server.mvc.Viewable;
@@ -137,8 +138,8 @@ public class UserResource extends AbstractContextResource {
             throws Exception {
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must reset passwords via " +
-                properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException( "External SSO integration is enabled, admin
users must reset passwords via" +
+                " provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
);
         }
 
         if ( json == null ) {
@@ -205,8 +206,8 @@ public class UserResource extends AbstractContextResource {
         ApiResponse response = createApiResponse();
         response.setAction( "get admin user" );
 
-//        commenting out creation of token each time and setting the token value to the one
sent in the request.
-//        String token = management.getAccessTokenForAdminUser( user.getUuid(), ttl );
+        // commenting out creation of token each time and setting the token value to the
one sent in the request.
+        // String token = management.getAccessTokenForAdminUser( user.getUuid(), ttl );
 
         Map<String, Object> userOrganizationData = management.getAdminUserOrganizationData(
user, !shallow );
         //userOrganizationData.put( "token", token );
@@ -223,8 +224,8 @@ public class UserResource extends AbstractContextResource {
     public Viewable showPasswordResetForm( @Context UriInfo ui, @QueryParam( "token" ) String
token ) {
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must reset passwords via " +
-                    properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException( "External SSO integration is enabled, admin
users must reset password via" +
+                " provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
);
         }
 
         UUID organizationId = null;
@@ -267,8 +268,8 @@ public class UserResource extends AbstractContextResource {
         }
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must reset passwords via " +
-                    properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException(  "External SSO integration is enabled, admin
users must reset password via" +
+                " provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
);
         }
 
         UUID organizationId = null;
@@ -353,8 +354,8 @@ public class UserResource extends AbstractContextResource {
     public Viewable activate( @Context UriInfo ui, @QueryParam( "token" ) String token )
{
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must activate via " +
-                    properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException(  "External SSO integration is enabled, admin
users must activate via" +
+                " provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
);
         }
 
         UUID organizationId = null;
@@ -383,8 +384,8 @@ public class UserResource extends AbstractContextResource {
     public Viewable confirm( @Context UriInfo ui, @QueryParam( "token" ) String token ) {
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must confirm via " +
-                    properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException( "External SSO integration is enabled, admin
users must confirm " +
+                "via provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER
) );
         }
 
         UUID organizationId = null;
@@ -419,8 +420,8 @@ public class UserResource extends AbstractContextResource {
             throws Exception {
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must reactivate via " +
-                    properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException( "External SSO integration is enabled, admin
user must re-activate " +
+                "via provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER
) );
         }
 
         logger.info( "Send activation email for user: {}" , user.getUuid() );
@@ -443,8 +444,8 @@ public class UserResource extends AbstractContextResource {
             throws Exception {
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must tokens must be revoked
via " +
-                properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException( "External SSO integration is enabled, admin
user tokens must be revoked " +
+                "via provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
);
         }
 
         UUID adminId = user.getUuid();
@@ -480,8 +481,8 @@ public class UserResource extends AbstractContextResource {
                                             @QueryParam( "token" ) String token ) throws
Exception {
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must tokens must be revoked
via " +
-                properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException( "External SSO integration is enabled, admin
user token must be revoked via " +
+                "via provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER
) );
         }
 
         UUID adminId = user.getUuid();

http://git-wip-us.apache.org/repos/asf/usergrid/blob/0b840237/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
index ca7833b..607c3e0 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
@@ -29,6 +29,7 @@ import org.apache.usergrid.rest.RootResource;
 import org.apache.usergrid.rest.exceptions.AuthErrorInfo;
 import org.apache.usergrid.rest.exceptions.RedirectionException;
 import org.apache.usergrid.security.shiro.utils.SubjectUtils;
+import org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl;
 import org.glassfish.jersey.server.mvc.Viewable;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -115,8 +116,8 @@ public class UsersResource extends AbstractContextResource {
             throws Exception {
 
         if ( tokens.isExternalSSOProviderEnabled() ) {
-            throw new IllegalArgumentException( "Admin Users must signup via " +
-                    properties.getProperty(USERGRID_EXTERNAL_SSO_PROVIDER_URL) );
+            throw new IllegalArgumentException(  "External SSO integration is enabled, admin
users registering without an org" +
+                " must do so via provider: "+ properties.getProperty(TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER)
);
         }
 
         // email is only required parameter

http://git-wip-us.apache.org/repos/asf/usergrid/blob/0b840237/stack/rest/src/test/java/org/apache/usergrid/rest/management/ExternalSSOEnabledIT.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/management/ExternalSSOEnabledIT.java
b/stack/rest/src/test/java/org/apache/usergrid/rest/management/ExternalSSOEnabledIT.java
index 972ed05..cae65df 100644
--- a/stack/rest/src/test/java/org/apache/usergrid/rest/management/ExternalSSOEnabledIT.java
+++ b/stack/rest/src/test/java/org/apache/usergrid/rest/management/ExternalSSOEnabledIT.java
@@ -166,7 +166,7 @@ public class ExternalSSOEnabledIT extends AbstractRestIT {
 
         // /managment/token -> adminusername and password --> should fail.
         ApiResponse postResponse1 = pathResource("management/token").post(false, ApiResponse.class,loginInfo1);
-//        fail( "SSO Integration is enabled, Admin users must login via provider: "+ USERGRID_EXTERNAL_SSO_PROVIDER_URL);
+//        fail( "External SSO integration is enabled, admin users must login via provider:
"+ USERGRID_EXTERNAL_SSO_PROVIDER_URL);
 
 
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/0b840237/stack/rest/src/test/java/org/apache/usergrid/rest/management/ManagementResourceIT.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/management/ManagementResourceIT.java
b/stack/rest/src/test/java/org/apache/usergrid/rest/management/ManagementResourceIT.java
index b689527..1da00d4 100644
--- a/stack/rest/src/test/java/org/apache/usergrid/rest/management/ManagementResourceIT.java
+++ b/stack/rest/src/test/java/org/apache/usergrid/rest/management/ManagementResourceIT.java
@@ -25,6 +25,7 @@ import org.apache.usergrid.rest.management.organizations.OrganizationsResource;
 import org.apache.usergrid.rest.test.resource.AbstractRestIT;
 import org.apache.usergrid.rest.test.resource.model.*;
 import org.apache.usergrid.rest.test.resource.model.Collection;
+import org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl;
 import org.junit.Before;
 import org.junit.Test;
 import org.slf4j.Logger;
@@ -687,14 +688,15 @@ public class ManagementResourceIT extends AbstractRestIT {
                     put( "grant_type", "password" );
                 }};
                 ApiResponse postResponse = pathResource( "management/token" ).post( false,
ApiResponse.class, loginInfo );
-                fail( "SSO Integration is enabled, Admin users must login via provider: "+
USERGRID_EXTERNAL_SSO_PROVIDER_URL);
+                fail( "External SSO integration is enabled, admin users must login via provider
using configured property: "+
+                    TokenServiceImpl.USERGRID_EXTERNAL_SSO_PROVIDER );
 
             } catch (ClientErrorException actual) {
                 assertEquals( 400, actual.getResponse().getStatus() );
                 String errorMsg = actual.getResponse().readEntity( JsonNode.class )
                     .get( "error_description" ).toString();
                 logger.error( "ERROR: " + errorMsg );
-                assertTrue( errorMsg.contains( "Admin Users must login via" ) );
+                assertTrue( errorMsg.contains( "admin users must login via" ) );
 
             } catch (Exception e) {
                 fail( "We expected a ClientErrorException" );


Mime
View raw message