Projects information

Chunk

Conflicting content
package org.cloudfoundry.identity.uaa.mock.zones; <<<<<<< HEAD import java.util.ArrayList; import java.util.LinkedList; import java.util.List; import java.util.UUID; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertTrue; import static org.springframework.http.MediaType.APPLICATION_JSON; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; ======= >>>>>>> ceb434fe6a8cb9874bb89ac83b68000e864cba8e import com.googlecode.flyway.core.Flyway; import org.apache.commons.codec.binary.Base64; import org.cloudfoundry.identity.uaa.authentication.Origin;

Conflicting content

package org.cloudfoundry.identity.uaa.mock.zones;


<<<<<<< HEAD
import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertTrue;
import static org.springframework.http.MediaType.APPLICATION_JSON;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
=======
>>>>>>> ceb434fe6a8cb9874bb89ac83b68000e864cba8e
import com.googlecode.flyway.core.Flyway;
import org.apache.commons.codec.binary.Base64;
import org.cloudfoundry.identity.uaa.authentication.Origin;

Solution content
package org.cloudfoundry.identity.uaa.mock.zones; import com.googlecode.flyway.core.Flyway; import org.apache.commons.codec.binary.Base64; import org.cloudfoundry.identity.uaa.authentication.Origin;

File
IdentityZoneEndpointsMockMvcTests.java

Developer's decision
Version 2

Kind of conflict
Import

Chunk

Conflicting content
.build(); testClient = new TestClient(mockMvc); identityAdminToken = testClient.getClientCredentialsOAuthAccessToken( <<<<<<< HEAD "identity", "identitysecret", "zones.create"); adminToken = testClient.getClientCredentialsOAuthAccessToken( "admin", "adminsecret", "uaa.admin"); ======= "identity", "identitysecret", "zones.create", null); >>>>>>> ceb434fe6a8cb9874bb89ac83b68000e864cba8e } @AfterClass

Conflicting content

            .build();
        testClient = new TestClient(mockMvc);
        identityAdminToken = testClient.getClientCredentialsOAuthAccessToken(
<<<<<<< HEAD
            "identity",
            "identitysecret",
            "zones.create");
        adminToken = testClient.getClientCredentialsOAuthAccessToken(
            "admin",
            "adminsecret",
            "uaa.admin");

=======
                "identity",
                "identitysecret",
                "zones.create", null);
>>>>>>> ceb434fe6a8cb9874bb89ac83b68000e864cba8e
    }

    @AfterClass

Solution content
.build(); testClient = new TestClient(mockMvc); identityAdminToken = testClient.getClientCredentialsOAuthAccessToken( "identity", "identitysecret", "zones.create", null); adminToken = testClient.getClientCredentialsOAuthAccessToken( "admin", "adminsecret", "uaa.admin", null); } @AfterClass

Solution content

            .build();
        testClient = new TestClient(mockMvc);
        identityAdminToken = testClient.getClientCredentialsOAuthAccessToken(
                "identity",
                "identitysecret",
                "zones.create", null);
        adminToken = testClient.getClientCredentialsOAuthAccessToken(
            "admin",
            "adminsecret",
            "uaa.admin", null);

    }

    @AfterClass

File
IdentityZoneEndpointsMockMvcTests.java

Developer's decision
Manual

Kind of conflict
Attribute
Method invocation

Chunk

Conflicting content
} <<<<<<< HEAD ======= @Test public void testSuccessfulUserManagementInZone() throws Exception { String subdomain = generator.generate(); createOtherIdentityZone(subdomain); String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain); ScimUser user = createUser(zoneAdminToken, subdomain); user.setUserName("updated-username@test.com"); MockHttpServletRequestBuilder put = put("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON) .content(new ObjectMapper().writeValueAsString(user)) .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); MvcResult result = mockMvc.perform(put) .andExpect(status().isOk()) .andExpect(jsonPath("$.userName").value(user.getUserName())) .andReturn(); user = new ObjectMapper().readValue(result.getResponse().getContentAsString(), ScimUser.class); List users = getUsersInZone(subdomain, zoneAdminToken); assertTrue(users.contains(user)); assertEquals(1, users.size()); MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON) .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); mockMvc.perform(delete) .andExpect(status().isOk()) .andExpect(jsonPath("$.id").value(user.getId())) .andReturn(); users = getUsersInZone(subdomain, zoneAdminToken); assertEquals(0, users.size()); } private List getUsersInZone(String subdomain, String token) throws Exception { MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + token); if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); MvcResult mvcResult = mockMvc.perform(get).andExpect(status().isOk()).andReturn(); JsonNode root = new ObjectMapper().readTree(mvcResult.getResponse().getContentAsString()); return new ObjectMapper().readValue(root.get("resources").toString(), new TypeReference>() {}); } @Test public void testCreateAndListUsersInOtherZoneIsUnauthorized() throws Exception { String subdomain = generator.generate(); createOtherIdentityZone(subdomain); String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write,scim.read", null); ScimUser user = getScimUser(); byte[] requestBody = new ObjectMapper().writeValueAsBytes(user); MockHttpServletRequestBuilder post = post("/Users") .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")) .header("Authorization", "Bearer " + zoneAdminToken) .contentType(APPLICATION_JSON) .content(requestBody); mockMvc.perform(post).andExpect(status().isUnauthorized()); MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + zoneAdminToken); if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); mockMvc.perform(get).andExpect(status().isUnauthorized()).andReturn(); } @Test public void testModifyandDeleteUserInOtherZoneIsUnauthorized() throws Exception { String defaultZoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write", null); ScimUser user = createUser(defaultZoneAdminToken, null); String subdomain = generator.generate(); createOtherIdentityZone(subdomain); String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain); user.setUserName("updated-user@defaultzone.com"); MockHttpServletRequestBuilder put = put("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON) .content(new ObjectMapper().writeValueAsString(user)); mockMvc.perform(put) .andExpect(status().isUnauthorized()) .andReturn(); MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON); mockMvc.perform(delete) .andExpect(status().isUnauthorized()) .andReturn(); } private IdentityZone createOtherIdentityZone(String subdomain) throws Exception { String identityToken = testClient.getClientCredentialsOAuthAccessToken("identity", "identitysecret", "zones.create", null); IdentityZone identityZone = MultitenancyFixture.identityZone(subdomain, subdomain); IdentityZoneCreationRequest creationRequest = new IdentityZoneCreationRequest(); creationRequest.setIdentityZone(identityZone); List clientDetails = new ArrayList<>(); BaseClientDetails client = new BaseClientDetails("admin", null,null, "client_credentials", "clients.admin,scim.read,scim.write"); client.setClientSecret("admin-secret"); clientDetails.add(client); creationRequest.setClientDetails(clientDetails); mockMvc.perform(post("/identity-zones") .header("Authorization", "Bearer " + identityToken) .contentType(APPLICATION_JSON) .accept(APPLICATION_JSON) .content(new ObjectMapper().writeValueAsString(creationRequest))) .andExpect(status().isCreated()); return identityZone; } >>>>>>> ceb434fe6a8cb9874bb89ac83b68000e864cba8e private String getBasicAuthHeaderValue(String clientId, String clientSecret) { final String plainCreds = clientId+":"+clientSecret; final byte[] plainCredsBytes = plainCreds.getBytes();

Conflicting content

    }

<<<<<<< HEAD
=======
    @Test
    public void testSuccessfulUserManagementInZone() throws Exception {
        String subdomain = generator.generate();
        createOtherIdentityZone(subdomain);
        String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain);
        ScimUser user = createUser(zoneAdminToken, subdomain);

        user.setUserName("updated-username@test.com");
        MockHttpServletRequestBuilder put = put("/Users/" + user.getId())
                                            .header("Authorization", "Bearer " + zoneAdminToken)
                                            .header("If-Match", "\"" + user.getVersion() + "\"")
                                            .contentType(APPLICATION_JSON)
                                            .content(new ObjectMapper().writeValueAsString(user))
                                            .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        MvcResult result = mockMvc.perform(put)
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.userName").value(user.getUserName()))
                .andReturn();
        user = new ObjectMapper().readValue(result.getResponse().getContentAsString(), ScimUser.class);

        List users = getUsersInZone(subdomain, zoneAdminToken);
        assertTrue(users.contains(user));
        assertEquals(1, users.size());

        MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId())
                .header("Authorization", "Bearer " + zoneAdminToken)
                .header("If-Match", "\"" + user.getVersion() + "\"")
                .contentType(APPLICATION_JSON)
                .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        mockMvc.perform(delete)
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.id").value(user.getId()))
                .andReturn();

        users = getUsersInZone(subdomain, zoneAdminToken);
        assertEquals(0, users.size());
    }

    private List getUsersInZone(String subdomain, String token) throws Exception {
        MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + token);
        if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        MvcResult mvcResult = mockMvc.perform(get).andExpect(status().isOk()).andReturn();

        JsonNode root = new ObjectMapper().readTree(mvcResult.getResponse().getContentAsString());
        return new ObjectMapper().readValue(root.get("resources").toString(), new TypeReference>() {});
    }

    @Test
    public void testCreateAndListUsersInOtherZoneIsUnauthorized() throws Exception {
        String subdomain = generator.generate();
        createOtherIdentityZone(subdomain);

        String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write,scim.read", null);

        ScimUser user = getScimUser();

        byte[] requestBody = new ObjectMapper().writeValueAsBytes(user);
        MockHttpServletRequestBuilder post = post("/Users")
                .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"))
                .header("Authorization", "Bearer " + zoneAdminToken)
                .contentType(APPLICATION_JSON)
                .content(requestBody);

        mockMvc.perform(post).andExpect(status().isUnauthorized());

        MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + zoneAdminToken);
        if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        mockMvc.perform(get).andExpect(status().isUnauthorized()).andReturn();
    }

    @Test
    public void testModifyandDeleteUserInOtherZoneIsUnauthorized() throws Exception {
        String defaultZoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write", null);
        ScimUser user = createUser(defaultZoneAdminToken, null);

        String subdomain = generator.generate();
        createOtherIdentityZone(subdomain);

        String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain);
        user.setUserName("updated-user@defaultzone.com");

        MockHttpServletRequestBuilder put = put("/Users/" + user.getId())
                .header("Authorization", "Bearer " + zoneAdminToken)
                .header("If-Match", "\"" + user.getVersion() + "\"")
                .contentType(APPLICATION_JSON)
                .content(new ObjectMapper().writeValueAsString(user));

        mockMvc.perform(put)
                .andExpect(status().isUnauthorized())
                .andReturn();

        MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId())
                .header("Authorization", "Bearer " + zoneAdminToken)
                .header("If-Match", "\"" + user.getVersion() + "\"")
                .contentType(APPLICATION_JSON);

        mockMvc.perform(delete)
                .andExpect(status().isUnauthorized())
                .andReturn();
    }

    private IdentityZone createOtherIdentityZone(String subdomain) throws Exception {

        String identityToken = testClient.getClientCredentialsOAuthAccessToken("identity", "identitysecret", "zones.create", null);

        IdentityZone identityZone = MultitenancyFixture.identityZone(subdomain, subdomain);
        IdentityZoneCreationRequest creationRequest = new IdentityZoneCreationRequest();
        creationRequest.setIdentityZone(identityZone);

        List clientDetails = new ArrayList<>();
        BaseClientDetails client = new BaseClientDetails("admin", null,null, "client_credentials", "clients.admin,scim.read,scim.write");
        client.setClientSecret("admin-secret");
        clientDetails.add(client);
        creationRequest.setClientDetails(clientDetails);

        mockMvc.perform(post("/identity-zones")
                .header("Authorization", "Bearer " + identityToken)
                .contentType(APPLICATION_JSON)
                .accept(APPLICATION_JSON)
                .content(new ObjectMapper().writeValueAsString(creationRequest)))
                .andExpect(status().isCreated());

        return identityZone;
    }
    
>>>>>>> ceb434fe6a8cb9874bb89ac83b68000e864cba8e
    private String getBasicAuthHeaderValue(String clientId, String clientSecret) {
        final String plainCreds = clientId+":"+clientSecret;
        final byte[] plainCredsBytes = plainCreds.getBytes();

Solution content
} @Test public void testSuccessfulUserManagementInZone() throws Exception { String subdomain = generator.generate(); createOtherIdentityZone(subdomain); String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain); ScimUser user = createUser(zoneAdminToken, subdomain); user.setUserName("updated-username@test.com"); MockHttpServletRequestBuilder put = put("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON) .content(new ObjectMapper().writeValueAsString(user)) .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); MvcResult result = mockMvc.perform(put) .andExpect(status().isOk()) .andExpect(jsonPath("$.userName").value(user.getUserName())) .andReturn(); user = new ObjectMapper().readValue(result.getResponse().getContentAsString(), ScimUser.class); List users = getUsersInZone(subdomain, zoneAdminToken); assertTrue(users.contains(user)); assertEquals(1, users.size()); MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON) .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); mockMvc.perform(delete) .andExpect(status().isOk()) .andExpect(jsonPath("$.id").value(user.getId())) .andReturn(); users = getUsersInZone(subdomain, zoneAdminToken); assertEquals(0, users.size()); } private List getUsersInZone(String subdomain, String token) throws Exception { MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + token); if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); MvcResult mvcResult = mockMvc.perform(get).andExpect(status().isOk()).andReturn(); JsonNode root = new ObjectMapper().readTree(mvcResult.getResponse().getContentAsString()); return new ObjectMapper().readValue(root.get("resources").toString(), new TypeReference>() {}); } @Test public void testCreateAndListUsersInOtherZoneIsUnauthorized() throws Exception { String subdomain = generator.generate(); createOtherIdentityZone(subdomain); String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write,scim.read", null); ScimUser user = getScimUser(); byte[] requestBody = new ObjectMapper().writeValueAsBytes(user); MockHttpServletRequestBuilder post = post("/Users") .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")) .header("Authorization", "Bearer " + zoneAdminToken) .contentType(APPLICATION_JSON) .content(requestBody); mockMvc.perform(post).andExpect(status().isUnauthorized()); MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + zoneAdminToken); if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost")); mockMvc.perform(get).andExpect(status().isUnauthorized()).andReturn(); } @Test public void testModifyandDeleteUserInOtherZoneIsUnauthorized() throws Exception { String defaultZoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write", null); ScimUser user = createUser(defaultZoneAdminToken, null); String subdomain = generator.generate(); createOtherIdentityZone(subdomain); String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain); user.setUserName("updated-user@defaultzone.com"); MockHttpServletRequestBuilder put = put("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON) .content(new ObjectMapper().writeValueAsString(user)); mockMvc.perform(put) .andExpect(status().isUnauthorized()) .andReturn(); MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId()) .header("Authorization", "Bearer " + zoneAdminToken) .header("If-Match", "\"" + user.getVersion() + "\"") .contentType(APPLICATION_JSON); mockMvc.perform(delete) .andExpect(status().isUnauthorized()) .andReturn(); } private IdentityZone createOtherIdentityZone(String subdomain) throws Exception { String identityToken = testClient.getClientCredentialsOAuthAccessToken("identity", "identitysecret", "zones.create", null); IdentityZone identityZone = MultitenancyFixture.identityZone(subdomain, subdomain); IdentityZoneCreationRequest creationRequest = new IdentityZoneCreationRequest(); creationRequest.setIdentityZone(identityZone); List clientDetails = new ArrayList<>(); BaseClientDetails client = new BaseClientDetails("admin", null,null, "client_credentials", "clients.admin,scim.read,scim.write"); client.setClientSecret("admin-secret"); clientDetails.add(client); creationRequest.setClientDetails(clientDetails); mockMvc.perform(post("/identity-zones") .header("Authorization", "Bearer " + identityToken) .contentType(APPLICATION_JSON) .accept(APPLICATION_JSON) .content(new ObjectMapper().writeValueAsString(creationRequest))) .andExpect(status().isCreated()); return identityZone; } private String getBasicAuthHeaderValue(String clientId, String clientSecret) { final String plainCreds = clientId+":"+clientSecret; final byte[] plainCredsBytes = plainCreds.getBytes();

Solution content

    }

    @Test
    public void testSuccessfulUserManagementInZone() throws Exception {
        String subdomain = generator.generate();
        createOtherIdentityZone(subdomain);
        String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain);
        ScimUser user = createUser(zoneAdminToken, subdomain);

        user.setUserName("updated-username@test.com");
        MockHttpServletRequestBuilder put = put("/Users/" + user.getId())
            .header("Authorization", "Bearer " + zoneAdminToken)
            .header("If-Match", "\"" + user.getVersion() + "\"")
            .contentType(APPLICATION_JSON)
            .content(new ObjectMapper().writeValueAsString(user))
            .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        MvcResult result = mockMvc.perform(put)
            .andExpect(status().isOk())
            .andExpect(jsonPath("$.userName").value(user.getUserName()))
            .andReturn();
        user = new ObjectMapper().readValue(result.getResponse().getContentAsString(), ScimUser.class);

        List users = getUsersInZone(subdomain, zoneAdminToken);
        assertTrue(users.contains(user));
        assertEquals(1, users.size());

        MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId())
            .header("Authorization", "Bearer " + zoneAdminToken)
            .header("If-Match", "\"" + user.getVersion() + "\"")
            .contentType(APPLICATION_JSON)
            .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        mockMvc.perform(delete)
            .andExpect(status().isOk())
            .andExpect(jsonPath("$.id").value(user.getId()))
            .andReturn();

        users = getUsersInZone(subdomain, zoneAdminToken);
        assertEquals(0, users.size());
    }

    private List getUsersInZone(String subdomain, String token) throws Exception {
        MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + token);
        if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        MvcResult mvcResult = mockMvc.perform(get).andExpect(status().isOk()).andReturn();

        JsonNode root = new ObjectMapper().readTree(mvcResult.getResponse().getContentAsString());
        return new ObjectMapper().readValue(root.get("resources").toString(), new TypeReference>() {});
    }

    @Test
    public void testCreateAndListUsersInOtherZoneIsUnauthorized() throws Exception {
        String subdomain = generator.generate();
        createOtherIdentityZone(subdomain);

        String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write,scim.read", null);

        ScimUser user = getScimUser();

        byte[] requestBody = new ObjectMapper().writeValueAsBytes(user);
        MockHttpServletRequestBuilder post = post("/Users")
            .with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"))
            .header("Authorization", "Bearer " + zoneAdminToken)
            .contentType(APPLICATION_JSON)
            .content(requestBody);

        mockMvc.perform(post).andExpect(status().isUnauthorized());

        MockHttpServletRequestBuilder get = get("/Users").header("Authorization", "Bearer " + zoneAdminToken);
        if (subdomain != null && !subdomain.equals("")) get.with(new SetServerNameRequestPostProcessor(subdomain + ".localhost"));

        mockMvc.perform(get).andExpect(status().isUnauthorized()).andReturn();
    }

    @Test
    public void testModifyandDeleteUserInOtherZoneIsUnauthorized() throws Exception {
        String defaultZoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "adminsecret", "scim.write", null);
        ScimUser user = createUser(defaultZoneAdminToken, null);

        String subdomain = generator.generate();
        createOtherIdentityZone(subdomain);

        String zoneAdminToken = testClient.getClientCredentialsOAuthAccessToken("admin", "admin-secret", "scim.write,scim.read", subdomain);
        user.setUserName("updated-user@defaultzone.com");

        MockHttpServletRequestBuilder put = put("/Users/" + user.getId())
            .header("Authorization", "Bearer " + zoneAdminToken)
            .header("If-Match", "\"" + user.getVersion() + "\"")
            .contentType(APPLICATION_JSON)
            .content(new ObjectMapper().writeValueAsString(user));

        mockMvc.perform(put)
            .andExpect(status().isUnauthorized())
            .andReturn();

        MockHttpServletRequestBuilder delete = delete("/Users/" + user.getId())
            .header("Authorization", "Bearer " + zoneAdminToken)
            .header("If-Match", "\"" + user.getVersion() + "\"")
            .contentType(APPLICATION_JSON);

        mockMvc.perform(delete)
            .andExpect(status().isUnauthorized())
            .andReturn();
    }

    private IdentityZone createOtherIdentityZone(String subdomain) throws Exception {

        String identityToken = testClient.getClientCredentialsOAuthAccessToken("identity", "identitysecret", "zones.create", null);

        IdentityZone identityZone = MultitenancyFixture.identityZone(subdomain, subdomain);
        IdentityZoneCreationRequest creationRequest = new IdentityZoneCreationRequest();
        creationRequest.setIdentityZone(identityZone);

        List clientDetails = new ArrayList<>();
        BaseClientDetails client = new BaseClientDetails("admin", null,null, "client_credentials", "clients.admin,scim.read,scim.write");
        client.setClientSecret("admin-secret");
        clientDetails.add(client);
        creationRequest.setClientDetails(clientDetails);

        mockMvc.perform(post("/identity-zones")
            .header("Authorization", "Bearer " + identityToken)
            .contentType(APPLICATION_JSON)
            .accept(APPLICATION_JSON)
            .content(new ObjectMapper().writeValueAsString(creationRequest)))
            .andExpect(status().isCreated());

        return identityZone;
    }

    private String getBasicAuthHeaderValue(String clientId, String clientSecret) {
        final String plainCreds = clientId+":"+clientSecret;
        final byte[] plainCredsBytes = plainCreds.getBytes();

File
IdentityZoneEndpointsMockMvcTests.java

Developer's decision
Version 2

Kind of conflict
Annotation
Method declaration

Projects >> uaa >>94db319fff567569de6b6712003eed1a7a8d257d