@Test public void testClientWildcard() throws Exception { BaseClientDetails theclient = new BaseClientDetails( "client", "zones", "zones.*.admin", "authorization_code, password", "scim.read, scim.write", "http://*****:*****@vmware.com")); accessToken = tokenServices.createAccessToken(authentication); endpoint.checkToken(accessToken.getValue()); }
@Before public void setUp() { mockUserDatabase(userId, user); authorizationRequest = new AuthorizationRequest("client", Collections.singleton("read")); authorizationRequest.setResourceIds(new HashSet<>(Arrays.asList("client", "scim"))); Map<String, String> requestParameters = new HashMap<>(); authorizationRequest.setRequestParameters(requestParameters); authentication = new OAuth2Authentication( authorizationRequest.createOAuth2Request(), UaaAuthenticationTestFactory.getAuthentication(userId, userName, "*****@*****.**")); signerProvider = new SignerProvider(); signerProvider.setSigningKey(signerKey); signerProvider.setVerifierKey(verifierKey); tokenServices.setSignerProvider(signerProvider); endpoint.setTokenServices(tokenServices); Date oneSecondAgo = new Date(System.currentTimeMillis() - 1000); Date thirtySecondsAhead = new Date(System.currentTimeMillis() + 30000); approvalStore.addApproval( new Approval( userId, "client", "read", thirtySecondsAhead, ApprovalStatus.APPROVED, oneSecondAgo)); approvalStore.addApproval( new Approval( userId, "client", "write", thirtySecondsAhead, ApprovalStatus.APPROVED, oneSecondAgo)); tokenServices.setApprovalStore(approvalStore); clientDetailsService.setClientDetailsStore(clientDetailsStore); tokenServices.setClientDetailsService(clientDetailsService); accessToken = tokenServices.createAccessToken(authentication); }
@Test public void testIssuerInResults() throws Exception { tokenServices.setIssuer("http://some.other.issuer"); tokenServices.afterPropertiesSet(); accessToken = tokenServices.createAccessToken(authentication); Map<String, ?> result = endpoint.checkToken(accessToken.getValue()); assertNotNull("iss field is not present", result.get("iss")); assertEquals("http://some.other.issuer/oauth/token", result.get("iss")); }
@Test public void testIssuerInResultsInNonDefaultZone() throws Exception { try { IdentityZoneHolder.set(MultitenancyFixture.identityZone("id", "subdomain")); tokenServices.setIssuer("http://some.other.issuer"); tokenServices.afterPropertiesSet(); accessToken = tokenServices.createAccessToken(authentication); Map<String, ?> result = endpoint.checkToken(accessToken.getValue()); assertNotNull("iss field is not present", result.get("iss")); assertEquals("http://subdomain.some.other.issuer/oauth/token", result.get("iss")); } finally { IdentityZoneHolder.clear(); } }
protected void mockUserDatabase(String userId, UaaUser user) { userDatabase = mock(UaaUserDatabase.class); when(userDatabase.retrieveUserById(eq(userId))).thenReturn(user); when(userDatabase.retrieveUserById(not(eq(userId)))) .thenThrow(new UsernameNotFoundException("mock")); tokenServices.setUserDatabase(userDatabase); }
@Test(expected = InvalidTokenException.class) public void testExpiredToken() throws Exception { BaseClientDetails clientDetails = new BaseClientDetails( "client", "scim, cc", "read, write", "authorization_code, password", "scim.read, scim.write", "http://localhost:8080/uaa"); clientDetails.setAccessTokenValiditySeconds(1); Map<String, ? extends ClientDetails> clientDetailsStore = Collections.singletonMap("client", clientDetails); clientDetailsService.setClientDetailsStore(clientDetailsStore); tokenServices.setClientDetailsService(clientDetailsService); accessToken = tokenServices.createAccessToken(authentication); Thread.sleep(1000); Map<String, ?> result = endpoint.checkToken(accessToken.getValue()); }
@Test public void testClientOnly() { authentication = new OAuth2Authentication( new AuthorizationRequest("client", Collections.singleton("read")).createOAuth2Request(), null); accessToken = tokenServices.createAccessToken(authentication); Map<String, ?> result = endpoint.checkToken(accessToken.getValue()); assertEquals("client", result.get("client_id")); assertEquals("client", result.get("user_id")); }
@Test public void testSwitchVerifierKey() throws Exception { signerProvider.setSigningKey(alternateSignerKey); signerProvider.setVerifierKey(alternateVerifierKey); signerProvider.afterPropertiesSet(); OAuth2AccessToken alternateToken = tokenServices.createAccessToken(authentication); endpoint.checkToken(alternateToken.getValue()); try { endpoint.checkToken(accessToken.getValue()); fail(); } catch (InvalidTokenException x) { } }
@Test(expected = InvalidTokenException.class) public void testRejectInvalidIssuer() { tokenServices.setIssuer("http://some.other.issuer"); endpoint.checkToken(accessToken.getValue()); }