@Test
  public void testCreateTokenWithRefreshToken() throws Exception {
    when(ServiceLocator.getInstance().getTokenStore().get(anyString()))
        .thenReturn(new AuthenticationBuilder(claim).build());
    when(ServiceLocator.getInstance().getIdmService().listRoles(anyString(), anyString()))
        .thenReturn(Arrays.asList("admin", "user"));

    HttpTester req = new HttpTester();
    req.setMethod("POST");
    req.setHeader("Content-Type", "application/x-www-form-urlencoded");
    req.setContent(REFRESH_TOKEN);
    req.setURI(CONTEXT + TokenEndpoint.TOKEN_GRANT_ENDPOINT);
    req.setVersion("HTTP/1.0");

    HttpTester resp = new HttpTester();
    resp.parse(server.getResponses(req.generate()));
    assertEquals(201, resp.getStatus());
    assertTrue(resp.getContent().contains("expires_in\":10"));
    assertTrue(resp.getContent().contains("Bearer"));
  }
 @SuppressWarnings("unchecked")
 private static void mockServiceLocator() {
   ServiceLocator.getInstance().setClientService(mock(ClientService.class));
   ServiceLocator.getInstance().setIdmService(mock(IdMService.class));
   ServiceLocator.getInstance().setAuthenticationService(mock(AuthenticationService.class));
   ServiceLocator.getInstance().setTokenStore(mock(TokenStore.class));
   ServiceLocator.getInstance().setCredentialAuth(mock(CredentialAuth.class));
   ServiceLocator.getInstance().getTokenAuthCollection().add(mock(TokenAuth.class));
 }
  @Test
  public void testDeleteToken() throws Exception {
    when(ServiceLocator.getInstance().getTokenStore().delete("token_to_be_deleted"))
        .thenReturn(true);

    HttpTester req = new HttpTester();
    req.setMethod("POST");
    req.setHeader("Content-Type", "application/x-www-form-urlencoded");
    req.setContent("token_to_be_deleted");
    req.setURI(CONTEXT + TokenEndpoint.TOKEN_REVOKE_ENDPOINT);
    req.setVersion("HTTP/1.0");

    HttpTester resp = new HttpTester();
    resp.parse(server.getResponses(req.generate()));
    assertEquals(204, resp.getStatus());
  }
  @Test
  public void testCreateTokenWithPassword() throws Exception {
    when(ServiceLocator.getInstance()
            .getCredentialAuth()
            .authenticate(any(PasswordCredentials.class)))
        .thenReturn(claim);

    HttpTester req = new HttpTester();
    req.setMethod("POST");
    req.setHeader("Content-Type", "application/x-www-form-urlencoded");
    req.setContent(DIRECT_AUTH);
    req.setURI(CONTEXT + TokenEndpoint.TOKEN_GRANT_ENDPOINT);
    req.setVersion("HTTP/1.0");

    HttpTester resp = new HttpTester();
    resp.parse(server.getResponses(req.generate()));
    assertEquals(201, resp.getStatus());
    assertTrue(resp.getContent().contains("expires_in\":10"));
    assertTrue(resp.getContent().contains("Bearer"));
  }
 @After
 public void teardown() {
   ServiceLocator.getInstance().getTokenAuthCollection().clear();
 }
 @Before
 public void setup() {
   mockServiceLocator();
   when(ServiceLocator.getInstance().getTokenStore().tokenExpiration())
       .thenReturn(TOKEN_TIMEOUT_SECS);
 }