@Test(expected = InvalidTokenException.class)
public void testExpiredApprovals() {
approvalStore.revokeApproval(
new Approval()
.setUserId(userId)
.setClientId("client")
.setScope("read")
.setExpiresAt(new Date())
.setStatus(ApprovalStatus.APPROVED));
approvalStore.addApproval(
new Approval()
.setUserId(userId)
.setClientId("client")
.setScope("read")
.setExpiresAt(new Date())
.setStatus(ApprovalStatus.APPROVED));
Claims result = endpoint.checkToken(accessToken.getValue());
assertEquals(null, result.getAuthorities());
}
@Test(expected = InvalidTokenException.class)
public void testUpdatedApprovals() {
Date thirtySecondsAhead = new Date(System.currentTimeMillis() + 30000);
approvalStore.addApproval(
new Approval()
.setUserId(userId)
.setClientId("client")
.setScope("read")
.setExpiresAt(thirtySecondsAhead)
.setStatus(ApprovalStatus.APPROVED));
Claims result = endpoint.checkToken(accessToken.getValue());
assertEquals(null, result.getAuthorities());
}
@Before
public void setUp() {
userAuthorities = new ArrayList<>();
userAuthorities.add(new SimpleGrantedAuthority("read"));
userAuthorities.add(new SimpleGrantedAuthority("write"));
userAuthorities.add(new SimpleGrantedAuthority("zones.myzone.admin"));
userAuthorities.addAll(UaaAuthority.USER_AUTHORITIES);
user =
new UaaUser(
userId,
userName,
"password",
userEmail,
userAuthorities,
"GivenName",
"FamilyName",
new Date(System.currentTimeMillis() - 2000),
new Date(System.currentTimeMillis() - 2000),
OriginKeys.UAA,
"externalId",
false,
IdentityZoneHolder.get().getId(),
"salt",
new Date(System.currentTimeMillis() - 2000));
mockUserDatabase(userId, user);
authorizationRequest = new AuthorizationRequest("client", Collections.singleton("read"));
authorizationRequest.setResourceIds(new HashSet<>(Arrays.asList("client", "scim")));
Map<String, String> requestParameters = new HashMap<>();
authorizationRequest.setRequestParameters(requestParameters);
authentication =
new OAuth2Authentication(
authorizationRequest.createOAuth2Request(),
UaaAuthenticationTestFactory.getAuthentication(userId, userName, "*****@*****.**"));
signerProvider = new SignerProvider();
signerProvider.setSigningKey(signerKey);
signerProvider.setVerifierKey(verifierKey);
tokenServices.setSignerProvider(signerProvider);
endpoint.setTokenServices(tokenServices);
Date oneSecondAgo = new Date(System.currentTimeMillis() - 1000);
Date thirtySecondsAhead = new Date(System.currentTimeMillis() + 30000);
approvalStore.addApproval(
new Approval()
.setUserId(userId)
.setClientId("client")
.setScope("read")
.setExpiresAt(thirtySecondsAhead)
.setStatus(ApprovalStatus.APPROVED)
.setLastUpdatedAt(oneSecondAgo));
approvalStore.addApproval(
new Approval()
.setUserId(userId)
.setClientId("client")
.setScope("write")
.setExpiresAt(thirtySecondsAhead)
.setStatus(ApprovalStatus.APPROVED)
.setLastUpdatedAt(oneSecondAgo));
tokenServices.setApprovalStore(approvalStore);
tokenServices.setTokenPolicy(new TokenPolicy(43200, 2592000));
defaultClient =
new BaseClientDetails(
"client",
"scim, cc",
"read, write",
"authorization_code, password",
"scim.read, scim.write",
"http://localhost:8080/uaa");
clientDetailsStore = Collections.singletonMap("client", defaultClient);
clientDetailsService.setClientDetailsStore(clientDetailsStore);
tokenServices.setClientDetailsService(clientDetailsService);
accessToken = tokenServices.createAccessToken(authentication);
}