@Test public void verifyExpiredAccessToken() throws Exception { final Principal principal = org.jasig.cas.authentication.TestUtils.getPrincipal(ID, new HashMap<String, Object>()); final Authentication authentication = new OAuthAuthentication(ZonedDateTime.now(), principal); final DefaultAccessTokenFactory expiringAccessTokenFactory = new DefaultAccessTokenFactory(); expiringAccessTokenFactory.setExpirationPolicy( new ExpirationPolicy() { @Override public boolean isExpired(final TicketState ticketState) { return true; } }); final AccessTokenImpl accessToken = (AccessTokenImpl) expiringAccessTokenFactory.create(TestUtils.getService(), authentication); oAuth20ProfileController.getTicketRegistry().addTicket(accessToken); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL); mockRequest.setParameter(OAuthConstants.ACCESS_TOKEN, accessToken.getId()); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); oAuth20ProfileController.handleRequest(mockRequest, mockResponse); assertEquals(200, mockResponse.getStatus()); assertEquals( "{\"error\":\"" + OAuthConstants.EXPIRED_ACCESS_TOKEN + "\"}", mockResponse.getContentAsString()); }
@Test public void verifyOKWithAuthorizationHeader() throws Exception { final Map<String, Object> map = new HashMap<>(); map.put(NAME, VALUE); final List<String> list = Arrays.asList(VALUE, VALUE); map.put(NAME2, list); final Principal principal = org.jasig.cas.authentication.TestUtils.getPrincipal(ID, map); final Authentication authentication = new OAuthAuthentication(ZonedDateTime.now(), principal); final AccessTokenImpl accessToken = (AccessTokenImpl) accessTokenFactory.create(TestUtils.getService(), authentication); oAuth20ProfileController.getTicketRegistry().addTicket(accessToken); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL); mockRequest.addHeader("Authorization", OAuthConstants.BEARER_TOKEN + ' ' + accessToken.getId()); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); oAuth20ProfileController.handleRequest(mockRequest, mockResponse); assertEquals(200, mockResponse.getStatus()); assertEquals(CONTENT_TYPE, mockResponse.getContentType()); final ObjectMapper mapper = new ObjectMapper(); final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}"; final JsonNode expectedObj = mapper.readTree(expected); final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString()); assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText()); final JsonNode expectedAttributes = expectedObj.get("attributes"); final JsonNode receivedAttributes = receivedObj.get("attributes"); assertEquals( expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText()); assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2)); }