/**
* @author Ryan Heaton
* @author Dave Syer
*/
@OAuth2ContextConfiguration(ClientCredentials.class)
public class TestClientCredentialsProvider {
@Rule public ServerRunning serverRunning = ServerRunning.isRunning();
@Rule public OAuth2ContextSetup context = OAuth2ContextSetup.standard(serverRunning);
/** tests the basic provider */
@Test
public void testPostForToken() throws Exception {
OAuth2AccessToken token = context.getAccessToken();
assertNull(token.getRefreshToken());
}
static class ClientCredentials extends ClientCredentialsResourceDetails {
public ClientCredentials(Object target) {
setClientId("my-client-with-registered-redirect");
setScope(Arrays.asList("read"));
setId(getClientId());
TestClientCredentialsProvider test = (TestClientCredentialsProvider) target;
setAccessTokenUri(test.serverRunning.getUrl("/sparklr2/oauth/token"));
}
}
}
@OAuth2ContextConfiguration(IdentityZoneEndpointsIntegrationTests.IdentityClient.class)
public class IdentityZoneEndpointsIntegrationTests {
@Rule public ServerRunning serverRunning = ServerRunning.isRunning();
private UaaTestAccounts testAccounts = UaaTestAccounts.standard(serverRunning);
@Rule public OAuth2ContextSetup context = OAuth2ContextSetup.standard(serverRunning);
@Rule
public TestAccountSetup testAccountSetup = TestAccountSetup.standard(serverRunning, testAccounts);
private RestTemplate client;
@Before
public void createRestTemplate() throws Exception {
client = (OAuth2RestTemplate) serverRunning.getRestTemplate();
client.setErrorHandler(
new OAuth2ErrorHandler(context.getResource()) {
// Pass errors through in response entity for status code analysis
@Override
public boolean hasError(ClientHttpResponse response) throws IOException {
return false;
}
@Override
public void handleError(ClientHttpResponse response) throws IOException {}
});
}
@Test
public void testCreateZone() throws Exception {
String zoneId = UUID.randomUUID().toString();
String requestBody =
"{\"id\":\""
+ zoneId
+ "\", \"subdomain\":\""
+ zoneId
+ "\", \"name\":\"testCreateZone() "
+ zoneId
+ "\"}";
HttpHeaders headers = new HttpHeaders();
headers.add("Accept", MediaType.APPLICATION_JSON_VALUE);
headers.add("Content-Type", MediaType.APPLICATION_JSON_VALUE);
ResponseEntity<Void> response =
client.exchange(
serverRunning.getUrl("/identity-zones"),
HttpMethod.POST,
new HttpEntity<>(requestBody, headers),
new ParameterizedTypeReference<Void>() {});
assertEquals(HttpStatus.CREATED, response.getStatusCode());
RestTemplate adminClient =
IntegrationTestUtils.getClientCredentialsTemplate(
IntegrationTestUtils.getClientCredentialsResource(
serverRunning.getBaseUrl(), new String[0], "admin", "adminsecret"));
String email = new RandomValueStringGenerator().generate() + "@samltesting.org";
ScimUser user =
IntegrationTestUtils.createUser(
adminClient, serverRunning.getBaseUrl(), email, "firstname", "lastname", email, true);
IntegrationTestUtils.makeZoneAdmin(client, serverRunning.getBaseUrl(), user.getId(), zoneId);
String zoneAdminToken =
IntegrationTestUtils.getAuthorizationCodeToken(
serverRunning,
UaaTestAccounts.standard(serverRunning),
"identity",
"identitysecret",
email,
"secr3T");
headers.add("Authorization", "bearer " + zoneAdminToken);
headers.add(IdentityZoneSwitchingFilter.HEADER, zoneId);
ResponseEntity<List<IdentityProvider>> idpList =
new RestTemplate()
.exchange(
serverRunning.getUrl("/identity-providers"),
HttpMethod.GET,
new HttpEntity<>(null, headers),
new ParameterizedTypeReference<List<IdentityProvider>>() {});
IdentityProvider identityProvider = idpList.getBody().get(0);
assertThat(identityProvider.getIdentityZoneId(), is(zoneId));
assertThat(identityProvider.getOriginKey(), is(Origin.UAA));
// the default created zone does have a definition, but no policy
assertNotNull(identityProvider.getConfigValue(UaaIdentityProviderDefinition.class));
assertNull(
identityProvider.getConfigValue(UaaIdentityProviderDefinition.class).getPasswordPolicy());
}
@Test
public void testCreateZoneWithClient() throws IOException {
IdentityZone idZone = new IdentityZone();
String id = UUID.randomUUID().toString();
idZone.setId(id);
idZone.setSubdomain(id);
idZone.setName("testCreateZone() " + id);
ResponseEntity<Void> response =
client.exchange(
serverRunning.getUrl("/identity-zones"),
HttpMethod.POST,
new HttpEntity<>(idZone),
new ParameterizedTypeReference<Void>() {},
id);
assertEquals(HttpStatus.CREATED, response.getStatusCode());
BaseClientDetails clientDetails =
new BaseClientDetails("test123", null, "openid", "authorization_code", "uaa.resource");
clientDetails.setClientSecret("testSecret");
clientDetails.addAdditionalInformation(
ClientConstants.ALLOWED_PROVIDERS, Collections.singleton(Origin.UAA));
ResponseEntity<Void> clientCreateResponse =
client.exchange(
serverRunning.getUrl("/identity-zones/" + id + "/clients"),
HttpMethod.POST,
new HttpEntity<>(clientDetails),
new ParameterizedTypeReference<Void>() {},
id);
assertEquals(HttpStatus.CREATED, clientCreateResponse.getStatusCode());
ResponseEntity<Void> clientDeleteResponse =
client.exchange(
serverRunning.getUrl(
"/identity-zones/" + id + "/clients/" + clientDetails.getClientId()),
HttpMethod.DELETE,
null,
new ParameterizedTypeReference<Void>() {},
id);
assertEquals(HttpStatus.OK, clientDeleteResponse.getStatusCode());
}
@Test
public void testCreateZoneWithNonUniqueSubdomain() {
IdentityZone idZone1 = new IdentityZone();
String id1 = UUID.randomUUID().toString();
idZone1.setId(id1);
idZone1.setSubdomain(id1 + "non-unique");
idZone1.setName("testCreateZone() " + id1);
ResponseEntity<Void> response1 =
client.exchange(
serverRunning.getUrl("/identity-zones"),
HttpMethod.POST,
new HttpEntity<>(idZone1),
new ParameterizedTypeReference<Void>() {},
id1);
assertEquals(HttpStatus.CREATED, response1.getStatusCode());
IdentityZone idZone2 = new IdentityZone();
String id2 = UUID.randomUUID().toString();
idZone2.setId(id2);
idZone2.setSubdomain(id1 + "non-unique");
idZone2.setName("testCreateZone() " + id2);
ResponseEntity<Map<String, String>> response2 =
client.exchange(
serverRunning.getUrl("/identity-zones"),
HttpMethod.POST,
new HttpEntity<>(idZone2),
new ParameterizedTypeReference<Map<String, String>>() {},
id2);
assertEquals(HttpStatus.CONFLICT, response2.getStatusCode());
Assert.assertTrue(
response2.getBody().get("error_description").toLowerCase().contains("subdomain"));
}
static class IdentityClient extends ClientCredentialsResourceDetails {
public IdentityClient(Object target) {
IdentityZoneEndpointsIntegrationTests test = (IdentityZoneEndpointsIntegrationTests) target;
ClientCredentialsResourceDetails resource =
test.testAccounts.getClientCredentialsResource(
new String[] {"zones.write"}, "identity", "identitysecret");
setClientId(resource.getClientId());
setClientSecret(resource.getClientSecret());
setId(getClientId());
setAccessTokenUri(test.serverRunning.getAccessTokenUri());
}
}
}
