2019-08-31 20:51:14 -07:00
|
|
|
package app;
|
|
|
|
|
|
2023-12-06 11:02:42 +05:30
|
|
|
import static org.junit.jupiter.api.Assertions.assertEquals;
|
2025-09-03 07:52:16 -05:00
|
|
|
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
2023-12-06 11:02:42 +05:30
|
|
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
2025-09-03 07:52:16 -05:00
|
|
|
import static org.mockito.Mockito.*;
|
2023-12-06 11:02:42 +05:30
|
|
|
import static play.mvc.Http.Status.NOT_FOUND;
|
|
|
|
|
import static play.mvc.Http.Status.OK;
|
|
|
|
|
import static play.test.Helpers.fakeRequest;
|
|
|
|
|
import static play.test.Helpers.route;
|
|
|
|
|
|
2025-09-03 07:52:16 -05:00
|
|
|
import com.google.inject.AbstractModule;
|
|
|
|
|
import com.google.inject.Provides;
|
|
|
|
|
import com.google.inject.Singleton;
|
|
|
|
|
import com.linkedin.common.urn.Urn;
|
|
|
|
|
import com.linkedin.entity.Entity;
|
|
|
|
|
import com.linkedin.entity.client.SystemEntityClient;
|
|
|
|
|
import com.linkedin.metadata.aspect.CorpUserAspectArray;
|
|
|
|
|
import com.linkedin.metadata.snapshot.CorpUserSnapshot;
|
|
|
|
|
import com.linkedin.metadata.snapshot.Snapshot;
|
|
|
|
|
import com.linkedin.mxe.MetadataChangeProposal;
|
|
|
|
|
import com.linkedin.r2.RemoteInvocationException;
|
2023-10-17 15:50:32 -05:00
|
|
|
import com.nimbusds.jwt.JWT;
|
|
|
|
|
import com.nimbusds.jwt.JWTClaimsSet;
|
|
|
|
|
import com.nimbusds.jwt.JWTParser;
|
2022-12-08 20:27:51 -06:00
|
|
|
import controllers.routes;
|
2023-12-06 11:02:42 +05:30
|
|
|
import java.io.IOException;
|
2024-10-28 09:05:16 -05:00
|
|
|
import java.net.HttpURLConnection;
|
2023-12-06 11:02:42 +05:30
|
|
|
import java.net.InetAddress;
|
2025-09-03 23:05:41 -05:00
|
|
|
import java.net.ServerSocket;
|
2024-10-28 09:05:16 -05:00
|
|
|
import java.net.URL;
|
2025-09-03 07:52:16 -05:00
|
|
|
import java.nio.charset.StandardCharsets;
|
2023-10-17 15:50:32 -05:00
|
|
|
import java.text.ParseException;
|
2025-09-03 07:52:16 -05:00
|
|
|
import java.util.ArrayList;
|
|
|
|
|
import java.util.Collections;
|
2023-10-17 15:50:32 -05:00
|
|
|
import java.util.Date;
|
2025-09-03 07:52:16 -05:00
|
|
|
import java.util.HashMap;
|
2023-12-06 11:02:42 +05:30
|
|
|
import java.util.List;
|
|
|
|
|
import java.util.Map;
|
2025-09-03 07:52:16 -05:00
|
|
|
import java.util.Set;
|
2024-10-28 09:05:16 -05:00
|
|
|
import java.util.concurrent.CompletableFuture;
|
|
|
|
|
import java.util.concurrent.TimeUnit;
|
|
|
|
|
import java.util.concurrent.TimeoutException;
|
2025-09-03 07:52:16 -05:00
|
|
|
import java.util.concurrent.atomic.AtomicReference;
|
2022-12-08 20:27:51 -06:00
|
|
|
import no.nav.security.mock.oauth2.MockOAuth2Server;
|
2024-10-28 09:05:16 -05:00
|
|
|
import no.nav.security.mock.oauth2.http.OAuth2HttpRequest;
|
|
|
|
|
import no.nav.security.mock.oauth2.http.OAuth2HttpResponse;
|
|
|
|
|
import no.nav.security.mock.oauth2.http.Route;
|
2022-12-08 20:27:51 -06:00
|
|
|
import no.nav.security.mock.oauth2.token.DefaultOAuth2TokenCallback;
|
2024-10-28 09:05:16 -05:00
|
|
|
import okhttp3.Headers;
|
2022-12-08 20:27:51 -06:00
|
|
|
import okhttp3.mockwebserver.MockResponse;
|
|
|
|
|
import okhttp3.mockwebserver.MockWebServer;
|
2025-09-03 23:05:41 -05:00
|
|
|
import okhttp3.mockwebserver.RecordedRequest;
|
2022-12-26 10:09:08 -06:00
|
|
|
import org.awaitility.Awaitility;
|
|
|
|
|
import org.awaitility.Durations;
|
2024-10-28 09:05:16 -05:00
|
|
|
import org.jetbrains.annotations.NotNull;
|
2022-12-08 20:27:51 -06:00
|
|
|
import org.junit.jupiter.api.AfterAll;
|
|
|
|
|
import org.junit.jupiter.api.BeforeAll;
|
2025-09-03 23:05:41 -05:00
|
|
|
import org.junit.jupiter.api.BeforeEach;
|
2022-12-08 20:27:51 -06:00
|
|
|
import org.junit.jupiter.api.Test;
|
|
|
|
|
import org.junit.jupiter.api.TestInstance;
|
|
|
|
|
import org.junitpioneer.jupiter.SetEnvironmentVariable;
|
|
|
|
|
import org.openqa.selenium.Cookie;
|
2022-12-26 10:09:08 -06:00
|
|
|
import org.openqa.selenium.htmlunit.HtmlUnitDriver;
|
2024-10-28 09:05:16 -05:00
|
|
|
import org.slf4j.Logger;
|
|
|
|
|
import org.slf4j.LoggerFactory;
|
2022-12-08 20:27:51 -06:00
|
|
|
import play.Application;
|
|
|
|
|
import play.Environment;
|
|
|
|
|
import play.Mode;
|
|
|
|
|
import play.inject.guice.GuiceApplicationBuilder;
|
|
|
|
|
import play.mvc.Http;
|
|
|
|
|
import play.mvc.Result;
|
|
|
|
|
import play.test.Helpers;
|
|
|
|
|
import play.test.TestBrowser;
|
|
|
|
|
import play.test.WithBrowser;
|
2019-08-31 20:51:14 -07:00
|
|
|
|
2022-12-08 20:27:51 -06:00
|
|
|
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
|
|
|
|
@SetEnvironmentVariable(key = "DATAHUB_SECRET", value = "test")
|
|
|
|
|
@SetEnvironmentVariable(key = "KAFKA_BOOTSTRAP_SERVER", value = "")
|
|
|
|
|
@SetEnvironmentVariable(key = "DATAHUB_ANALYTICS_ENABLED", value = "false")
|
|
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_ENABLED", value = "true")
|
2025-09-03 07:52:16 -05:00
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_JIT_PROVISIONING_ENABLED", value = "true")
|
|
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_EXTRACT_GROUPS_ENABLED", value = "true")
|
|
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_GROUPS_CLAIM_NAME", value = "groups")
|
2022-12-08 20:27:51 -06:00
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_CLIENT_ID", value = "testclient")
|
|
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_CLIENT_SECRET", value = "testsecret")
|
2025-09-03 23:05:41 -05:00
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_CONNECT_TIMEOUT", value = "2000")
|
|
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_READ_TIMEOUT", value = "2000")
|
|
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_HTTP_RETRY_ATTEMPTS", value = "5")
|
|
|
|
|
@SetEnvironmentVariable(key = "AUTH_OIDC_HTTP_RETRY_DELAY", value = "500")
|
2024-10-28 09:05:16 -05:00
|
|
|
@SetEnvironmentVariable(key = "AUTH_VERBOSE_LOGGING", value = "true")
|
2022-12-08 20:27:51 -06:00
|
|
|
public class ApplicationTest extends WithBrowser {
|
2024-10-28 09:05:16 -05:00
|
|
|
private static final Logger logger = LoggerFactory.getLogger(ApplicationTest.class);
|
2022-12-08 20:27:51 -06:00
|
|
|
private static final String ISSUER_ID = "testIssuer";
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
protected Application provideApplication() {
|
|
|
|
|
return new GuiceApplicationBuilder()
|
2025-09-03 23:05:41 -05:00
|
|
|
.configure("metadataService.port", String.valueOf(actualGmsServerPort))
|
2023-12-06 11:02:42 +05:30
|
|
|
.configure("auth.baseUrl", "http://localhost:" + providePort())
|
|
|
|
|
.configure(
|
|
|
|
|
"auth.oidc.discoveryUri",
|
|
|
|
|
"http://localhost:"
|
2025-09-03 23:05:41 -05:00
|
|
|
+ actualOauthServerPort
|
2023-12-06 11:02:42 +05:30
|
|
|
+ "/testIssuer/.well-known/openid-configuration")
|
2025-09-03 07:52:16 -05:00
|
|
|
.overrides(new TestModule())
|
2023-12-06 11:02:42 +05:30
|
|
|
.in(new Environment(Mode.TEST))
|
|
|
|
|
.build();
|
2022-12-08 20:27:51 -06:00
|
|
|
}
|
|
|
|
|
|
2022-12-26 10:09:08 -06:00
|
|
|
@Override
|
|
|
|
|
protected TestBrowser provideBrowser(int port) {
|
|
|
|
|
HtmlUnitDriver webClient = new HtmlUnitDriver();
|
|
|
|
|
webClient.setJavascriptEnabled(false);
|
|
|
|
|
return Helpers.testBrowser(webClient, providePort());
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-03 23:05:41 -05:00
|
|
|
/** Find an available port for testing to avoid port conflicts */
|
|
|
|
|
private int findAvailablePort() {
|
|
|
|
|
try (ServerSocket socket = new ServerSocket(0)) {
|
|
|
|
|
return socket.getLocalPort();
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
throw new RuntimeException("Failed to find available port", e);
|
|
|
|
|
}
|
2022-12-08 20:27:51 -06:00
|
|
|
}
|
|
|
|
|
|
2024-10-28 09:05:16 -05:00
|
|
|
private MockOAuth2Server oauthServer;
|
|
|
|
|
private Thread oauthServerThread;
|
|
|
|
|
private CompletableFuture<Void> oauthServerStarted;
|
2022-12-08 20:27:51 -06:00
|
|
|
|
2024-10-28 09:05:16 -05:00
|
|
|
private MockWebServer gmsServer;
|
|
|
|
|
|
|
|
|
|
private String wellKnownUrl;
|
2025-09-03 23:05:41 -05:00
|
|
|
private int actualOauthServerPort;
|
|
|
|
|
private int actualGmsServerPort;
|
2022-12-08 20:27:51 -06:00
|
|
|
|
2022-12-22 16:12:51 -06:00
|
|
|
private static final String TEST_USER = "urn:li:corpuser:testUser@myCompany.com";
|
|
|
|
|
private static final String TEST_TOKEN = "faketoken_YCpYIrjQH4sD3_rAc3VPPFg4";
|
|
|
|
|
|
2022-12-08 20:27:51 -06:00
|
|
|
@BeforeAll
|
2022-12-26 10:09:08 -06:00
|
|
|
public void init() throws IOException {
|
2025-09-03 23:05:41 -05:00
|
|
|
// Store actual ports to avoid dynamic allocation issues
|
|
|
|
|
actualOauthServerPort = findAvailablePort();
|
|
|
|
|
actualGmsServerPort = findAvailablePort();
|
|
|
|
|
|
2024-10-28 09:05:16 -05:00
|
|
|
// Start Mock GMS
|
|
|
|
|
gmsServer = new MockWebServer();
|
2025-09-03 23:05:41 -05:00
|
|
|
|
|
|
|
|
// Set up dispatcher to handle requests based on path
|
|
|
|
|
gmsServer.setDispatcher(
|
|
|
|
|
new okhttp3.mockwebserver.Dispatcher() {
|
|
|
|
|
@Override
|
|
|
|
|
public MockResponse dispatch(RecordedRequest request) {
|
|
|
|
|
String path = request.getPath();
|
|
|
|
|
|
|
|
|
|
// Handle user info requests
|
|
|
|
|
if (path.contains("/users/") && path.contains("/info")) {
|
|
|
|
|
return new MockResponse().setBody(String.format("{\"value\":\"%s\"}", TEST_USER));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Handle token generation requests
|
|
|
|
|
if (path.contains("/generateSessionTokenForUser")) {
|
|
|
|
|
return new MockResponse()
|
|
|
|
|
.setBody(String.format("{\"accessToken\":\"%s\"}", TEST_TOKEN));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Handle other requests (like /config endpoint requests)
|
|
|
|
|
if (path.contains("/config") || path.contains("/health")) {
|
|
|
|
|
return new MockResponse().setResponseCode(200).setBody("{}");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// No stored sso settings
|
|
|
|
|
if (path.contains("/auth/getSsoSettings")) {
|
|
|
|
|
return new MockResponse().setResponseCode(404);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Log and return 404 for unexpected requests
|
|
|
|
|
logger.warn("GMS Server received unexpected request: {} {}", request.getMethod(), path);
|
|
|
|
|
return new MockResponse().setResponseCode(404).setBody("Not found");
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
gmsServer.start(actualGmsServerPort);
|
2022-12-08 20:27:51 -06:00
|
|
|
|
2024-10-28 09:05:16 -05:00
|
|
|
// Start Mock Identity Provider
|
|
|
|
|
startMockOauthServer();
|
|
|
|
|
// Start Play Frontend
|
2022-12-08 20:27:51 -06:00
|
|
|
startServer();
|
2024-10-28 09:05:16 -05:00
|
|
|
// Start Browser
|
2022-12-08 20:27:51 -06:00
|
|
|
createBrowser();
|
2022-12-26 10:09:08 -06:00
|
|
|
|
|
|
|
|
Awaitility.await().timeout(Durations.TEN_SECONDS).until(() -> app != null);
|
2025-09-03 07:52:16 -05:00
|
|
|
|
2025-09-03 23:05:41 -05:00
|
|
|
// Wait for all servers to be fully ready to handle requests
|
2025-09-03 07:52:16 -05:00
|
|
|
Awaitility.await()
|
|
|
|
|
.timeout(Durations.TEN_SECONDS)
|
|
|
|
|
.until(
|
|
|
|
|
() -> {
|
|
|
|
|
try {
|
2025-09-03 23:05:41 -05:00
|
|
|
// Check Play application readiness
|
2025-09-03 07:52:16 -05:00
|
|
|
browser.goTo("/admin");
|
2025-09-03 23:05:41 -05:00
|
|
|
|
|
|
|
|
// Check mock OAuth server critical endpoints
|
|
|
|
|
// Test the well-known endpoint (first thing OIDC client hits)
|
|
|
|
|
String wellKnownUrl =
|
|
|
|
|
String.format(
|
|
|
|
|
"http://localhost:%d/%s/.well-known/openid-configuration",
|
|
|
|
|
actualOauthServerPort, ISSUER_ID);
|
|
|
|
|
java.net.URL url = new java.net.URL(wellKnownUrl);
|
|
|
|
|
java.net.HttpURLConnection connection =
|
|
|
|
|
(java.net.HttpURLConnection) url.openConnection();
|
|
|
|
|
connection.setRequestMethod("GET");
|
|
|
|
|
connection.setConnectTimeout(5000);
|
|
|
|
|
connection.setReadTimeout(5000);
|
|
|
|
|
int wellKnownResponseCode = connection.getResponseCode();
|
|
|
|
|
connection.disconnect();
|
|
|
|
|
|
|
|
|
|
// Test the userinfo endpoint (where groups are retrieved)
|
|
|
|
|
String userInfoUrl =
|
|
|
|
|
String.format(
|
|
|
|
|
"http://localhost:%d/%s/userinfo", actualOauthServerPort, ISSUER_ID);
|
|
|
|
|
java.net.URL userInfoUrlObj = new java.net.URL(userInfoUrl);
|
|
|
|
|
java.net.HttpURLConnection userInfoConnection =
|
|
|
|
|
(java.net.HttpURLConnection) userInfoUrlObj.openConnection();
|
|
|
|
|
userInfoConnection.setRequestMethod("GET");
|
|
|
|
|
userInfoConnection.setConnectTimeout(5000);
|
|
|
|
|
userInfoConnection.setReadTimeout(5000);
|
|
|
|
|
int userInfoResponseCode = userInfoConnection.getResponseCode();
|
|
|
|
|
userInfoConnection.disconnect();
|
|
|
|
|
|
|
|
|
|
logger.debug(
|
|
|
|
|
"All servers readiness check - Play app: OK, well-known: {}, userinfo: {}",
|
|
|
|
|
wellKnownResponseCode,
|
|
|
|
|
userInfoResponseCode);
|
|
|
|
|
|
|
|
|
|
return wellKnownResponseCode == 200 && userInfoResponseCode == 200;
|
2025-09-03 07:52:16 -05:00
|
|
|
} catch (Exception e) {
|
2025-09-03 23:05:41 -05:00
|
|
|
logger.debug("Servers not ready yet: {}", e.getMessage());
|
2025-09-03 07:52:16 -05:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
});
|
2022-12-08 20:27:51 -06:00
|
|
|
}
|
|
|
|
|
|
2025-09-03 23:05:41 -05:00
|
|
|
@BeforeEach
|
|
|
|
|
public void setUpTest() {
|
|
|
|
|
// Clear any captured proposals from previous tests to prevent interference
|
|
|
|
|
TestModule.clearCapturedProposals();
|
|
|
|
|
|
|
|
|
|
// Clear browser cookies and state to ensure clean test isolation
|
|
|
|
|
if (browser != null) {
|
|
|
|
|
// Clear cookies using the underlying WebDriver
|
|
|
|
|
browser.getDriver().manage().deleteAllCookies();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-08 20:27:51 -06:00
|
|
|
@AfterAll
|
|
|
|
|
public void shutdown() throws IOException {
|
2024-10-28 09:05:16 -05:00
|
|
|
if (gmsServer != null) {
|
|
|
|
|
logger.info("Shutdown Mock GMS");
|
|
|
|
|
gmsServer.shutdown();
|
2022-12-08 20:27:51 -06:00
|
|
|
}
|
2024-10-28 09:05:16 -05:00
|
|
|
logger.info("Shutdown Play Frontend");
|
2022-12-08 20:27:51 -06:00
|
|
|
stopServer();
|
2024-10-28 09:05:16 -05:00
|
|
|
if (oauthServer != null) {
|
|
|
|
|
logger.info("Shutdown MockOAuth2Server");
|
|
|
|
|
oauthServer.shutdown();
|
|
|
|
|
}
|
|
|
|
|
if (oauthServerThread != null && oauthServerThread.isAlive()) {
|
|
|
|
|
logger.info("Shutdown MockOAuth2Server thread");
|
|
|
|
|
oauthServerThread.interrupt();
|
|
|
|
|
try {
|
2025-09-03 23:05:41 -05:00
|
|
|
oauthServerThread.join(1000); // Wait up to 1 second for thread to finish
|
2024-10-28 09:05:16 -05:00
|
|
|
} catch (InterruptedException e) {
|
|
|
|
|
logger.warn("Shutdown MockOAuth2Server thread failed to join.");
|
2025-09-03 23:05:41 -05:00
|
|
|
Thread.currentThread().interrupt();
|
|
|
|
|
}
|
|
|
|
|
// Force stop if still alive
|
|
|
|
|
if (oauthServerThread.isAlive()) {
|
|
|
|
|
logger.warn("OAuth server thread still alive after interrupt, forcing stop");
|
|
|
|
|
oauthServerThread.stop(); // Force stop as last resort
|
2024-10-28 09:05:16 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void startMockOauthServer() {
|
2025-09-03 07:52:16 -05:00
|
|
|
// Configure HEAD responses and userInfo endpoint
|
2024-10-28 09:05:16 -05:00
|
|
|
Route[] routes =
|
|
|
|
|
new Route[] {
|
|
|
|
|
new Route() {
|
|
|
|
|
@Override
|
|
|
|
|
public boolean match(@NotNull OAuth2HttpRequest oAuth2HttpRequest) {
|
|
|
|
|
return "HEAD".equals(oAuth2HttpRequest.getMethod())
|
|
|
|
|
&& (String.format("/%s/.well-known/openid-configuration", ISSUER_ID)
|
|
|
|
|
.equals(oAuth2HttpRequest.getUrl().url().getPath())
|
|
|
|
|
|| String.format("/%s/token", ISSUER_ID)
|
2025-09-03 23:05:41 -05:00
|
|
|
.equals(oAuth2HttpRequest.getUrl().url().getPath())
|
|
|
|
|
|| String.format("/%s/userinfo", ISSUER_ID)
|
2024-10-28 09:05:16 -05:00
|
|
|
.equals(oAuth2HttpRequest.getUrl().url().getPath()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public OAuth2HttpResponse invoke(OAuth2HttpRequest oAuth2HttpRequest) {
|
2025-09-03 07:52:16 -05:00
|
|
|
String path = oAuth2HttpRequest.getUrl().url().getPath();
|
|
|
|
|
String responseBody = null;
|
|
|
|
|
|
|
|
|
|
if (path.equals(String.format("/%s/.well-known/openid-configuration", ISSUER_ID))) {
|
|
|
|
|
// Return well-known configuration with userinfo endpoint
|
|
|
|
|
int port = oAuth2HttpRequest.getUrl().url().getPort();
|
|
|
|
|
responseBody =
|
|
|
|
|
String.format(
|
|
|
|
|
"{\n"
|
|
|
|
|
+ " \"issuer\": \"http://localhost:%d/%s\",\n"
|
|
|
|
|
+ " \"authorization_endpoint\": \"http://localhost:%d/%s/authorize\",\n"
|
|
|
|
|
+ " \"token_endpoint\": \"http://localhost:%d/%s/token\",\n"
|
|
|
|
|
+ " \"userinfo_endpoint\": \"http://localhost:%d/%s/userinfo\",\n"
|
|
|
|
|
+ " \"jwks_uri\": \"http://localhost:%d/%s/.well-known/jwks.json\",\n"
|
|
|
|
|
+ " \"response_types_supported\": [\"code\"],\n"
|
|
|
|
|
+ " \"subject_types_supported\": [\"public\"],\n"
|
|
|
|
|
+ " \"id_token_signing_alg_values_supported\": [\"RS256\"]\n"
|
|
|
|
|
+ "}",
|
|
|
|
|
port, ISSUER_ID, port, ISSUER_ID, port, ISSUER_ID, port, ISSUER_ID, port,
|
|
|
|
|
ISSUER_ID);
|
2025-09-03 23:05:41 -05:00
|
|
|
} else if (path.equals(String.format("/%s/userinfo", ISSUER_ID))) {
|
|
|
|
|
// For HEAD requests to userinfo endpoint, just return 200 with no body
|
|
|
|
|
responseBody = null;
|
2025-09-03 07:52:16 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return new OAuth2HttpResponse(
|
|
|
|
|
Headers.of(
|
|
|
|
|
Map.of(
|
|
|
|
|
"Content-Type", "application/json",
|
|
|
|
|
"Cache-Control", "no-store",
|
|
|
|
|
"Pragma", "no-cache")),
|
|
|
|
|
200,
|
|
|
|
|
responseBody,
|
|
|
|
|
null);
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
// Add userInfo endpoint route
|
|
|
|
|
new Route() {
|
|
|
|
|
@Override
|
|
|
|
|
public boolean match(@NotNull OAuth2HttpRequest oAuth2HttpRequest) {
|
|
|
|
|
return "GET".equals(oAuth2HttpRequest.getMethod())
|
|
|
|
|
&& String.format("/%s/userinfo", ISSUER_ID)
|
|
|
|
|
.equals(oAuth2HttpRequest.getUrl().url().getPath());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public OAuth2HttpResponse invoke(OAuth2HttpRequest oAuth2HttpRequest) {
|
2025-09-03 23:05:41 -05:00
|
|
|
// Log the request to help debug
|
|
|
|
|
logger.debug(
|
|
|
|
|
"UserInfo endpoint called with headers: {}", oAuth2HttpRequest.getHeaders());
|
|
|
|
|
|
2025-09-03 07:52:16 -05:00
|
|
|
// Return userInfo with groups (not in ID token)
|
|
|
|
|
String userInfoResponse =
|
|
|
|
|
String.format(
|
|
|
|
|
"{\n"
|
|
|
|
|
+ " \"sub\": \"testUser\",\n"
|
|
|
|
|
+ " \"preferred_username\": \"testUser\",\n"
|
|
|
|
|
+ " \"given_name\": \"Test\",\n"
|
|
|
|
|
+ " \"family_name\": \"User\",\n"
|
|
|
|
|
+ " \"email\": \"testUser@myCompany.com\",\n"
|
|
|
|
|
+ " \"name\": \"Test User\",\n"
|
|
|
|
|
+ " \"groups\": \"myGroup\",\n"
|
|
|
|
|
+ " \"email_verified\": true\n"
|
|
|
|
|
+ "}");
|
|
|
|
|
|
2024-10-28 09:05:16 -05:00
|
|
|
return new OAuth2HttpResponse(
|
2025-09-03 23:05:41 -05:00
|
|
|
Headers.of(Map.of("Content-Type", "application/json")),
|
2024-10-28 09:05:16 -05:00
|
|
|
200,
|
2025-09-03 07:52:16 -05:00
|
|
|
userInfoResponse,
|
2024-10-28 09:05:16 -05:00
|
|
|
null);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
oauthServer = new MockOAuth2Server(routes);
|
|
|
|
|
oauthServerStarted = new CompletableFuture<>();
|
|
|
|
|
|
|
|
|
|
// Create and start server in separate thread
|
|
|
|
|
oauthServerThread =
|
|
|
|
|
new Thread(
|
|
|
|
|
() -> {
|
|
|
|
|
try {
|
2025-09-03 07:52:16 -05:00
|
|
|
// Configure mock responses - groups are NOT in ID token, only in userInfo endpoint
|
2025-09-03 23:05:41 -05:00
|
|
|
// Enqueue multiple callbacks to handle potential retries or multiple requests
|
|
|
|
|
for (int i = 0; i < 10; i++) {
|
|
|
|
|
oauthServer.enqueueCallback(
|
|
|
|
|
new DefaultOAuth2TokenCallback(
|
|
|
|
|
ISSUER_ID,
|
|
|
|
|
"testUser",
|
|
|
|
|
"JWT",
|
|
|
|
|
List.of(),
|
|
|
|
|
Map.of(
|
|
|
|
|
"email", "testUser@myCompany.com"
|
|
|
|
|
// Note: groups are intentionally NOT included in ID token
|
|
|
|
|
// They will only be available from the userInfo endpoint
|
|
|
|
|
),
|
|
|
|
|
600));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
oauthServer.start(InetAddress.getByName("localhost"), actualOauthServerPort);
|
2024-10-28 09:05:16 -05:00
|
|
|
|
|
|
|
|
oauthServerStarted.complete(null);
|
|
|
|
|
|
|
|
|
|
// Keep thread alive until server is stopped
|
|
|
|
|
while (!Thread.currentThread().isInterrupted() && testServer.isRunning()) {
|
|
|
|
|
try {
|
|
|
|
|
Thread.sleep(1000);
|
|
|
|
|
} catch (InterruptedException e) {
|
|
|
|
|
Thread.currentThread().interrupt();
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
oauthServerStarted.completeExceptionally(e);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
oauthServerThread.setDaemon(true); // Ensure thread doesn't prevent JVM shutdown
|
|
|
|
|
oauthServerThread.start();
|
|
|
|
|
|
|
|
|
|
// Wait for server to start with timeout
|
|
|
|
|
oauthServerStarted
|
|
|
|
|
.orTimeout(10, TimeUnit.SECONDS)
|
|
|
|
|
.whenComplete(
|
|
|
|
|
(result, throwable) -> {
|
|
|
|
|
if (throwable != null) {
|
|
|
|
|
if (throwable instanceof TimeoutException) {
|
|
|
|
|
throw new RuntimeException(
|
|
|
|
|
"MockOAuth2Server failed to start within timeout", throwable);
|
|
|
|
|
}
|
|
|
|
|
throw new RuntimeException("MockOAuth2Server failed to start", throwable);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Discovery url to authorization server metadata
|
2025-09-03 23:05:41 -05:00
|
|
|
wellKnownUrl =
|
|
|
|
|
"http://localhost:"
|
|
|
|
|
+ actualOauthServerPort
|
|
|
|
|
+ "/"
|
|
|
|
|
+ ISSUER_ID
|
|
|
|
|
+ "/.well-known/openid-configuration";
|
2024-10-28 09:05:16 -05:00
|
|
|
|
|
|
|
|
// Wait for server to return configuration
|
|
|
|
|
// Validate mock server returns data
|
|
|
|
|
try {
|
|
|
|
|
URL url = new URL(wellKnownUrl);
|
|
|
|
|
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
|
|
|
|
|
conn.setRequestMethod("GET");
|
|
|
|
|
int responseCode = conn.getResponseCode();
|
|
|
|
|
logger.info("Well-known endpoint response code: {}", responseCode);
|
|
|
|
|
|
|
|
|
|
if (responseCode != 200) {
|
|
|
|
|
throw new RuntimeException(
|
|
|
|
|
"MockOAuth2Server not accessible. Response code: " + responseCode);
|
|
|
|
|
}
|
|
|
|
|
logger.info("Successfully started MockOAuth2Server.");
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
throw new RuntimeException("Failed to connect to MockOAuth2Server", e);
|
|
|
|
|
}
|
2022-12-08 20:27:51 -06:00
|
|
|
}
|
2019-08-31 20:51:14 -07:00
|
|
|
|
|
|
|
|
@Test
|
2022-12-08 20:27:51 -06:00
|
|
|
public void testHealth() {
|
|
|
|
|
Http.RequestBuilder request = fakeRequest(routes.Application.healthcheck());
|
|
|
|
|
|
|
|
|
|
Result result = route(app, request);
|
|
|
|
|
assertEquals(OK, result.status());
|
2019-08-31 20:51:14 -07:00
|
|
|
}
|
2022-12-08 20:27:51 -06:00
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
public void testIndex() {
|
|
|
|
|
Http.RequestBuilder request = fakeRequest(routes.Application.index(""));
|
|
|
|
|
|
|
|
|
|
Result result = route(app, request);
|
|
|
|
|
assertEquals(OK, result.status());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
public void testIndexNotFound() {
|
|
|
|
|
Http.RequestBuilder request = fakeRequest(routes.Application.index("/other"));
|
|
|
|
|
Result result = route(app, request);
|
|
|
|
|
assertEquals(NOT_FOUND, result.status());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
public void testOpenIdConfig() {
|
2023-12-06 11:02:42 +05:30
|
|
|
assertEquals(
|
2025-09-03 23:05:41 -05:00
|
|
|
"http://localhost:"
|
|
|
|
|
+ actualOauthServerPort
|
|
|
|
|
+ "/testIssuer/.well-known/openid-configuration",
|
2024-10-28 09:05:16 -05:00
|
|
|
wellKnownUrl);
|
2022-12-08 20:27:51 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
2023-10-17 15:50:32 -05:00
|
|
|
public void testHappyPathOidc() throws ParseException {
|
2025-09-03 23:05:41 -05:00
|
|
|
// Verify the list is actually empty (cleared by @BeforeEach)
|
2025-09-03 07:52:16 -05:00
|
|
|
assertTrue(TestModule.getCapturedProposals().isEmpty());
|
|
|
|
|
|
2022-12-08 20:27:51 -06:00
|
|
|
browser.goTo("/authenticate");
|
|
|
|
|
assertEquals("", browser.url());
|
2022-12-22 16:12:51 -06:00
|
|
|
|
2022-12-08 20:27:51 -06:00
|
|
|
Cookie actorCookie = browser.getCookie("actor");
|
2022-12-22 16:12:51 -06:00
|
|
|
assertEquals(TEST_USER, actorCookie.getValue());
|
|
|
|
|
|
|
|
|
|
Cookie sessionCookie = browser.getCookie("PLAY_SESSION");
|
2023-10-17 15:50:32 -05:00
|
|
|
String jwtStr = sessionCookie.getValue();
|
|
|
|
|
JWT jwt = JWTParser.parse(jwtStr);
|
|
|
|
|
JWTClaimsSet claims = jwt.getJWTClaimsSet();
|
|
|
|
|
Map<String, String> data = (Map<String, String>) claims.getClaim("data");
|
|
|
|
|
assertEquals(TEST_TOKEN, data.get("token"));
|
|
|
|
|
assertEquals(TEST_USER, data.get("actor"));
|
2023-12-06 11:02:42 +05:30
|
|
|
// Default expiration is 24h, so should always be less than current time + 1 day since it stamps
|
2025-09-03 23:05:41 -05:00
|
|
|
// the time before this executes. Use a more generous tolerance to account for timezone
|
|
|
|
|
// differences
|
|
|
|
|
// and test execution time variations.
|
|
|
|
|
Date maxExpectedExpiration =
|
|
|
|
|
new Date(System.currentTimeMillis() + (25 * 60 * 60 * 1000)); // 25 hours
|
|
|
|
|
Date minExpectedExpiration =
|
|
|
|
|
new Date(System.currentTimeMillis() + (23 * 60 * 60 * 1000)); // 23 hours
|
|
|
|
|
Date actualExpiration = claims.getExpirationTime();
|
|
|
|
|
|
2023-12-06 11:02:42 +05:30
|
|
|
assertTrue(
|
2025-09-03 23:05:41 -05:00
|
|
|
actualExpiration.after(minExpectedExpiration)
|
|
|
|
|
&& actualExpiration.before(maxExpectedExpiration),
|
|
|
|
|
"JWT expiration time should be within reasonable bounds. Actual: "
|
|
|
|
|
+ actualExpiration
|
|
|
|
|
+ ", Min expected: "
|
|
|
|
|
+ minExpectedExpiration
|
|
|
|
|
+ ", Max expected: "
|
|
|
|
|
+ maxExpectedExpiration);
|
2025-07-09 19:25:42 +05:30
|
|
|
|
2025-09-03 07:52:16 -05:00
|
|
|
// Verify that ingestProposal was called for group membership and user status updates
|
|
|
|
|
List<MetadataChangeProposal> capturedProposals = TestModule.getCapturedProposals();
|
|
|
|
|
logger.debug("Captured {} ingestProposal calls", capturedProposals.size());
|
|
|
|
|
|
|
|
|
|
// We should have at least 2 calls: one for group membership and one for user status
|
|
|
|
|
assertTrue(capturedProposals.size() >= 2);
|
|
|
|
|
|
|
|
|
|
// Verify we have a group membership proposal
|
|
|
|
|
boolean hasGroupMembership =
|
|
|
|
|
capturedProposals.stream()
|
|
|
|
|
.anyMatch(proposal -> "groupMembership".equals(proposal.getAspectName()));
|
|
|
|
|
assertTrue(hasGroupMembership);
|
|
|
|
|
|
|
|
|
|
// Verify we have a user status proposal
|
|
|
|
|
boolean hasUserStatus =
|
|
|
|
|
capturedProposals.stream()
|
|
|
|
|
.anyMatch(proposal -> "corpUserStatus".equals(proposal.getAspectName()));
|
|
|
|
|
assertTrue(hasUserStatus);
|
|
|
|
|
|
|
|
|
|
// Verify the basic OIDC flow worked and the user was authenticated
|
|
|
|
|
assertNotNull(actorCookie);
|
|
|
|
|
assertNotNull(sessionCookie);
|
|
|
|
|
|
|
|
|
|
// Find and validate the group membership proposal
|
|
|
|
|
MetadataChangeProposal groupMembershipProposal =
|
|
|
|
|
capturedProposals.stream()
|
|
|
|
|
.filter(proposal -> "groupMembership".equals(proposal.getAspectName()))
|
|
|
|
|
.findFirst()
|
|
|
|
|
.orElse(null);
|
|
|
|
|
|
|
|
|
|
assertNotNull(groupMembershipProposal);
|
|
|
|
|
assertEquals(
|
|
|
|
|
"urn:li:corpuser:testUser@myCompany.com",
|
|
|
|
|
groupMembershipProposal.getEntityUrn().toString());
|
|
|
|
|
assertEquals("corpuser", groupMembershipProposal.getEntityType());
|
|
|
|
|
assertEquals("groupMembership", groupMembershipProposal.getAspectName());
|
|
|
|
|
assertEquals("UPSERT", groupMembershipProposal.getChangeType().toString());
|
|
|
|
|
|
|
|
|
|
// Validate that the group membership proposal contains "myGroup" from the /userInfo endpoint
|
|
|
|
|
String aspectData =
|
|
|
|
|
groupMembershipProposal.getAspect().getValue().asString(StandardCharsets.UTF_8);
|
|
|
|
|
logger.debug("Group membership aspect data: {}", aspectData);
|
|
|
|
|
assertTrue(aspectData.contains("myGroup"));
|
2022-12-08 20:27:51 -06:00
|
|
|
}
|
|
|
|
|
|
2023-01-11 10:45:18 -08:00
|
|
|
@Test
|
2024-01-09 14:15:50 -06:00
|
|
|
public void testOidcRedirectToRequestedUrl() {
|
2023-01-11 10:45:18 -08:00
|
|
|
browser.goTo("/authenticate?redirect_uri=%2Fcontainer%2Furn%3Ali%3Acontainer%3ADATABASE");
|
|
|
|
|
assertEquals("container/urn:li:container:DATABASE", browser.url());
|
|
|
|
|
}
|
2024-01-09 14:15:50 -06:00
|
|
|
|
|
|
|
|
/**
|
2024-10-28 09:05:16 -05:00
|
|
|
* The Redirect Uri parameter is used to store a previous relative location within the app to be
|
|
|
|
|
* able to take a user back to their expected page. Redirecting to other domains should be
|
|
|
|
|
* blocked.
|
2024-01-09 14:15:50 -06:00
|
|
|
*/
|
|
|
|
|
@Test
|
|
|
|
|
public void testInvalidRedirectUrl() {
|
|
|
|
|
browser.goTo("/authenticate?redirect_uri=https%3A%2F%2Fwww.google.com");
|
|
|
|
|
assertEquals("", browser.url());
|
|
|
|
|
|
|
|
|
|
browser.goTo("/authenticate?redirect_uri=file%3A%2F%2FmyFile");
|
|
|
|
|
assertEquals("", browser.url());
|
|
|
|
|
|
|
|
|
|
browser.goTo("/authenticate?redirect_uri=ftp%3A%2F%2FsomeFtp");
|
|
|
|
|
assertEquals("", browser.url());
|
|
|
|
|
|
|
|
|
|
browser.goTo("/authenticate?redirect_uri=localhost%3A9002%2Flogin");
|
|
|
|
|
assertEquals("", browser.url());
|
|
|
|
|
}
|
2025-09-03 07:52:16 -05:00
|
|
|
|
|
|
|
|
/** Test module that provides comprehensive mocks to handle all GMS interactions */
|
|
|
|
|
private static class TestModule extends AbstractModule {
|
|
|
|
|
// Store captured ingestProposal calls for validation
|
|
|
|
|
private static final List<MetadataChangeProposal> capturedProposals = new ArrayList<>();
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
protected void configure() {
|
|
|
|
|
// This module will override providers for GMS interactions
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static List<MetadataChangeProposal> getCapturedProposals() {
|
|
|
|
|
return new ArrayList<>(capturedProposals);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static void clearCapturedProposals() {
|
|
|
|
|
capturedProposals.clear();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Provides
|
|
|
|
|
@Singleton
|
|
|
|
|
protected SystemEntityClient provideMockSystemEntityClient() {
|
|
|
|
|
logger.debug("Creating mock SystemEntityClient");
|
|
|
|
|
SystemEntityClient mockClient = mock(SystemEntityClient.class);
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
// Configure user provisioning mocks (mirrors tryProvisionUser)
|
|
|
|
|
configureUserProvisioningMocks(mockClient);
|
|
|
|
|
|
|
|
|
|
// Configure group provisioning mocks (mirrors tryProvisionGroups)
|
|
|
|
|
configureGroupProvisioningMocks(mockClient);
|
|
|
|
|
|
|
|
|
|
// Mock ingestProposal to capture calls for validation
|
|
|
|
|
doAnswer(
|
|
|
|
|
invocation -> {
|
|
|
|
|
MetadataChangeProposal proposal = invocation.getArgument(1);
|
|
|
|
|
logger.debug(
|
|
|
|
|
"ingestProposal() called with entityUrn: {}, entityType: {}, aspectName: {}, changeType: {}",
|
|
|
|
|
proposal.getEntityUrn(),
|
|
|
|
|
proposal.getEntityType(),
|
|
|
|
|
proposal.getAspectName(),
|
|
|
|
|
proposal.getChangeType());
|
|
|
|
|
// Capture the proposal for validation
|
|
|
|
|
capturedProposals.add(proposal);
|
|
|
|
|
return null;
|
|
|
|
|
})
|
|
|
|
|
.when(mockClient)
|
|
|
|
|
.ingestProposal(any(), any());
|
|
|
|
|
} catch (RemoteInvocationException e) {
|
|
|
|
|
// This should not happen with mocks, but handle it just in case
|
|
|
|
|
throw new RuntimeException("Failed to configure mock SystemEntityClient", e);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
// This should not happen with mocks, but handle it just in case
|
|
|
|
|
throw new RuntimeException("Failed to configure mock SystemEntityClient", e);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return mockClient;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Configures mocks for user provisioning flow (mirrors tryProvisionUser method). - First get()
|
|
|
|
|
* call returns null (user doesn't exist) - update() call stores the actual Entity object -
|
|
|
|
|
* Subsequent get() calls return the stored Entity
|
|
|
|
|
*/
|
|
|
|
|
private void configureUserProvisioningMocks(SystemEntityClient mockClient)
|
|
|
|
|
throws RemoteInvocationException {
|
|
|
|
|
final AtomicReference<Entity> storedEntity = new AtomicReference<>();
|
|
|
|
|
|
|
|
|
|
// First call to get() returns an Entity with just a key aspect (user doesn't exist),
|
|
|
|
|
// subsequent calls return the stored user with full aspects
|
|
|
|
|
doAnswer(
|
|
|
|
|
invocation -> {
|
|
|
|
|
Entity entity = storedEntity.get();
|
|
|
|
|
if (entity == null) {
|
|
|
|
|
// Return an Entity with just a key aspect (simulating non-existent user)
|
|
|
|
|
Entity keyOnlyEntity = new Entity();
|
|
|
|
|
// Create a minimal CorpUserSnapshot with just the key aspect
|
|
|
|
|
CorpUserSnapshot keyOnlySnapshot = new CorpUserSnapshot();
|
|
|
|
|
keyOnlySnapshot.setUrn(invocation.getArgument(1)); // The URN from the get() call
|
|
|
|
|
keyOnlySnapshot.setAspects(new CorpUserAspectArray());
|
|
|
|
|
keyOnlyEntity.setValue(Snapshot.create(keyOnlySnapshot));
|
|
|
|
|
logger.debug("get() called, returning key-only entity for non-existent user");
|
|
|
|
|
return keyOnlyEntity;
|
|
|
|
|
} else {
|
|
|
|
|
logger.debug("get() called, returning stored entity with full aspects");
|
|
|
|
|
return entity;
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
.when(mockClient)
|
|
|
|
|
.get(any(), any());
|
|
|
|
|
|
|
|
|
|
// Store the entity when update() is called
|
|
|
|
|
doAnswer(
|
|
|
|
|
invocation -> {
|
|
|
|
|
Entity entity = invocation.getArgument(1);
|
|
|
|
|
storedEntity.set(entity);
|
|
|
|
|
logger.debug("update() called, stored entity: {}", entity);
|
|
|
|
|
return null;
|
|
|
|
|
})
|
|
|
|
|
.when(mockClient)
|
|
|
|
|
.update(any(), any());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Configures mocks for group provisioning flow (mirrors tryProvisionGroups method). -
|
|
|
|
|
* batchGet() returns empty map initially (groups don't exist) - batchUpdate() stores the actual
|
|
|
|
|
* Map<Urn, Entity> of groups - Subsequent batchGet() calls return the stored groups
|
|
|
|
|
*/
|
|
|
|
|
private void configureGroupProvisioningMocks(SystemEntityClient mockClient)
|
|
|
|
|
throws RemoteInvocationException {
|
|
|
|
|
final AtomicReference<Map<Urn, Entity>> storedGroups =
|
|
|
|
|
new AtomicReference<>(Collections.emptyMap());
|
|
|
|
|
|
|
|
|
|
// batchGet() returns the stored groups (empty initially, then populated after batchUpdate)
|
|
|
|
|
doAnswer(
|
|
|
|
|
invocation -> {
|
|
|
|
|
Map<Urn, Entity> groups = storedGroups.get();
|
|
|
|
|
logger.debug("batchGet() called, returning {} groups", groups.size());
|
|
|
|
|
return groups;
|
|
|
|
|
})
|
|
|
|
|
.when(mockClient)
|
|
|
|
|
.batchGet(any(), any());
|
|
|
|
|
|
|
|
|
|
// Store the groups when batchUpdate() is called
|
|
|
|
|
doAnswer(
|
|
|
|
|
invocation -> {
|
|
|
|
|
Set<Entity> groupEntities = invocation.getArgument(1);
|
|
|
|
|
// Convert Set<Entity> to Map<Urn, Entity> for storage
|
|
|
|
|
Map<Urn, Entity> groupsMap = new HashMap<>();
|
|
|
|
|
for (Entity entity : groupEntities) {
|
|
|
|
|
Urn urn = entity.getValue().getCorpGroupSnapshot().getUrn();
|
|
|
|
|
groupsMap.put(urn, entity);
|
|
|
|
|
}
|
|
|
|
|
storedGroups.set(groupsMap);
|
|
|
|
|
logger.debug("batchUpdate() called, stored {} groups", groupEntities.size());
|
|
|
|
|
return null;
|
|
|
|
|
})
|
|
|
|
|
.when(mockClient)
|
|
|
|
|
.batchUpdate(any(), any());
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-08-31 20:51:14 -07:00
|
|
|
}
|
