@Test public void verifyOK() throws Exception { final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.ACCESS_TOKEN_URL); mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID); mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI); mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET); mockRequest.setParameter(OAuthConstants.CODE, CODE); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); ((OAuth20WrapperController) oauth20WrapperController) .getServicesManager() .save(getRegisteredService(REDIRECT_URI, CLIENT_SECRET)); final Map<String, Object> map = new HashMap<>(); map.put(NAME, VALUE); final List<String> list = Arrays.asList(VALUE, VALUE); map.put(NAME2, list); final Principal p = org.jasig.cas.authentication.TestUtils.getPrincipal(ID, map); final TicketGrantingTicketImpl impl = new TicketGrantingTicketImpl( TGT_ID, org.jasig.cas.authentication.TestUtils.getAuthentication(p), new NeverExpiresExpirationPolicy()); ((OAuth20WrapperController) oauth20WrapperController) .getTicketRegistry() .addTicket( new ServiceTicketImpl( CODE, impl, org.jasig.cas.authentication.TestUtils.getService(), false, new ExpirationPolicy() { private static final long serialVersionUID = -7321055962209199811L; @Override public boolean isExpired(final TicketState ticketState) { return false; } })); oauth20WrapperController.handleRequest(mockRequest, mockResponse); ((OAuth20WrapperController) oauth20WrapperController).getTicketRegistry().deleteTicket(CODE); assertEquals("text/plain", mockResponse.getContentType()); assertEquals(200, mockResponse.getStatus()); final String body = mockResponse.getContentAsString(); assertTrue( body.startsWith( OAuthConstants.ACCESS_TOKEN + '=' + TGT_ID + '&' + OAuthConstants.EXPIRES + '=')); // delta = 2 seconds final int delta = 2; final int timeLeft = Integer.parseInt(StringUtils.substringAfter(body, '&' + OAuthConstants.EXPIRES + '=')); assertTrue(timeLeft >= TIMEOUT - 10 - delta); }
@Test public void verifyExpiredServiceTicket() throws Exception { clearAllServices(); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.ACCESS_TOKEN_URL); mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID); mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI); mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET); mockRequest.setParameter(OAuthConstants.CODE, CODE); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); ((OAuth20WrapperController) oauth20WrapperController) .getServicesManager() .save(getRegisteredService(REDIRECT_URI, CLIENT_SECRET)); final Map<String, Object> map = new HashMap<>(); map.put(NAME, VALUE); final List<String> list = Arrays.asList(VALUE, VALUE); map.put(NAME2, list); final Principal p = org.jasig.cas.authentication.TestUtils.getPrincipal(ID, map); final TicketGrantingTicketImpl impl = new TicketGrantingTicketImpl( TGT_ID, org.jasig.cas.authentication.TestUtils.getAuthentication(p), new NeverExpiresExpirationPolicy()); ((OAuth20WrapperController) oauth20WrapperController) .getTicketRegistry() .addTicket( new ServiceTicketImpl( "ST1", impl, org.jasig.cas.authentication.TestUtils.getService(), false, new ExpirationPolicy() { private static final long serialVersionUID = -7321055962209199811L; @Override public boolean isExpired(final TicketState ticketState) { return true; } })); oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertEquals(400, mockResponse.getStatus()); assertEquals("error=" + OAuthConstants.INVALID_GRANT, mockResponse.getContentAsString()); }
@Test public void verifyNoServiceTicket() throws Exception { clearAllServices(); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.ACCESS_TOKEN_URL); mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID); mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI); mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET); mockRequest.setParameter(OAuthConstants.CODE, CODE); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); ((OAuth20WrapperController) oauth20WrapperController) .getServicesManager() .save(getRegisteredService(REDIRECT_URI, CLIENT_SECRET)); oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertEquals(400, mockResponse.getStatus()); assertEquals("error=" + OAuthConstants.INVALID_GRANT, mockResponse.getContentAsString()); }