diff --git a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/clients/ReactorClientsTest.java b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/clients/ReactorClientsTest.java index c36ac4f4434..a9d730008a5 100644 --- a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/clients/ReactorClientsTest.java +++ b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/clients/ReactorClientsTest.java @@ -24,6 +24,7 @@ import static io.netty.handler.codec.http.HttpResponseStatus.OK; import static org.cloudfoundry.uaa.tokens.GrantType.AUTHORIZATION_CODE; import static org.cloudfoundry.uaa.tokens.GrantType.CLIENT_CREDENTIALS; +import static org.cloudfoundry.uaa.tokens.GrantType.JWT_BEARER; import static org.cloudfoundry.uaa.tokens.GrantType.REFRESH_TOKEN; import java.time.Duration; @@ -620,6 +621,7 @@ void get() { .allowedProviders("uaa", "ldap", "my-saml-provider") .authorities("clients.read", "clients.write") .authorizedGrantType(CLIENT_CREDENTIALS) + .authorizedGrantType(JWT_BEARER) .autoApprove("true") .clientId("4Z3t1r") .lastModified(1468364445592L) diff --git a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/identityzones/ReactorIdentityZonesTest.java b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/identityzones/ReactorIdentityZonesTest.java index 62674816d25..f0a5a60d1ff 100644 --- a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/identityzones/ReactorIdentityZonesTest.java +++ b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/identityzones/ReactorIdentityZonesTest.java @@ -832,6 +832,8 @@ void list() { + " /passcode)") .build()) .ldapDiscoveryEnabled(false) + .defaultIdentityProvider( + "test-identity-provider") .accountChooserEnabled(false) .build()) .name("The Twiglet Zone") diff --git a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/serverinformation/ReactorServerInformationTest.java b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/serverinformation/ReactorServerInformationTest.java index a0e921ef75a..e49bb077a82 100644 --- a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/serverinformation/ReactorServerInformationTest.java +++ b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/serverinformation/ReactorServerInformationTest.java @@ -151,6 +151,7 @@ void getInfo() { .showLoginLinks(true) .timestamp("2017-09-08T23:11:58+0000") .zoneName("uaa") + .defaultIdpName("test-idp-name") .build()) .expectComplete() .verify(Duration.ofSeconds(5)); diff --git a/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/clients/GET_{id}_response.json b/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/clients/GET_{id}_response.json index d8b2187e478..2a05df3d702 100644 --- a/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/clients/GET_{id}_response.json +++ b/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/clients/GET_{id}_response.json @@ -8,7 +8,8 @@ "none" ], "authorized_grant_types": [ - "client_credentials" + "client_credentials", + "urn:ietf:params:oauth:grant-type:jwt-bearer" ], "redirect_uri": [ "http*://ant.path.wildcard/**/passback/*", diff --git a/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/identity-zones/GET_response.json b/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/identity-zones/GET_response.json index a5980a1815b..817cb189274 100644 --- a/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/identity-zones/GET_response.json +++ b/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/identity-zones/GET_response.json @@ -97,6 +97,7 @@ "text": "One Time Code (Get on at /passcode)" } ], + "defaultIdentityProvider": "test-identity-provider", "idpDiscoveryEnabled": false, "accountChooserEnabled": false }, diff --git a/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/info/GET_response.json b/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/info/GET_response.json index 6c6784819cf..2d681f7b5f3 100644 --- a/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/info/GET_response.json +++ b/cloudfoundry-client-reactor/src/test/resources/fixtures/uaa/info/GET_response.json @@ -30,5 +30,6 @@ "One Time Code ( Get one at http://localhost:8080/uaa/passcode )" ] }, - "timestamp": "2017-09-08T23:11:58+0000" + "timestamp": "2017-09-08T23:11:58+0000", + "defaultIdpName": "test-idp-name" } \ No newline at end of file diff --git a/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/identityzones/_IdentityZoneConfiguration.java b/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/identityzones/_IdentityZoneConfiguration.java index 0c98a54a24c..a3cc9886423 100644 --- a/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/identityzones/_IdentityZoneConfiguration.java +++ b/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/identityzones/_IdentityZoneConfiguration.java @@ -65,6 +65,13 @@ abstract class _IdentityZoneConfiguration { @Nullable abstract CorsPolicy getCorsPolicy(); + /** + * The default identity provider for this zone + */ + @JsonProperty("defaultIdentityProvider") + @Nullable + abstract String getDefaultIdentityProvider(); + /** * The issuer of this zone */ diff --git a/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/serverinformation/_GetInfoResponse.java b/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/serverinformation/_GetInfoResponse.java index 018661777ad..4b571ac7090 100644 --- a/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/serverinformation/_GetInfoResponse.java +++ b/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/serverinformation/_GetInfoResponse.java @@ -93,4 +93,12 @@ abstract class _GetInfoResponse { @Nullable abstract String getZoneName(); + /** + * The default identity provider name + */ + @JsonProperty("defaultIdpName") + @Nullable + abstract String getDefaultIdpName(); + + } diff --git a/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/tokens/GrantType.java b/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/tokens/GrantType.java index 6dd626c52d7..0d84a4b2380 100644 --- a/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/tokens/GrantType.java +++ b/cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/tokens/GrantType.java @@ -39,6 +39,11 @@ public enum GrantType { */ IMPLICIT("implicit"), + /** + * The JWT bearer grant type + */ + JWT_BEARER("urn:ietf:params:oauth:grant-type:jwt-bearer"), + /** * The password grant type */ @@ -68,6 +73,8 @@ public static GrantType from(String s) { return PASSWORD; case "refresh_token": return REFRESH_TOKEN; + case "urn:ietf:params:oauth:grant-type:jwt-bearer": + return JWT_BEARER; default: throw new IllegalArgumentException(String.format("Unknown grant type: %s", s)); } diff --git a/integration-test/src/test/java/org/cloudfoundry/uaa/ServerInformationTest.java b/integration-test/src/test/java/org/cloudfoundry/uaa/ServerInformationTest.java index f12fa616dc4..fb1298c9163 100644 --- a/integration-test/src/test/java/org/cloudfoundry/uaa/ServerInformationTest.java +++ b/integration-test/src/test/java/org/cloudfoundry/uaa/ServerInformationTest.java @@ -95,13 +95,17 @@ public void getInfo() { this.uaaClient .serverInformation() .getInfo(GetInfoRequest.builder().build()) - .map(response -> response.getLinks().getPassword()) + .map(response -> response.getLinks().getLogin()) .as(StepVerifier::create) - .consumeNextWith(endsWithExpectation("password")) + .consumeNextWith(containsExpectation("login")) .expectComplete() .verify(Duration.ofMinutes(5)); } + private static Consumer containsExpectation(String substring) { + return actual -> assertThat(actual).contains(substring); + } + private static Consumer endsWithExpectation(String suffix) { return actual -> assertThat(actual).endsWith(suffix); } diff --git a/integration-test/src/test/java/org/cloudfoundry/uaa/TokensTest.java b/integration-test/src/test/java/org/cloudfoundry/uaa/TokensTest.java index 40b02850f02..39d956f801b 100644 --- a/integration-test/src/test/java/org/cloudfoundry/uaa/TokensTest.java +++ b/integration-test/src/test/java/org/cloudfoundry/uaa/TokensTest.java @@ -84,7 +84,7 @@ public void checkTokenNotAuthorized() { t -> assertThat(t) .isInstanceOf(UaaException.class) - .hasMessage("access_denied: Access is denied")) + .hasMessageContainingAll("access_denied", "Access")) .verify(Duration.ofMinutes(5)); }