Example 1 with DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy
use of org.apereo.cas.support.oauth.services.DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy in project cas by apereo.
the class OAuth20AuthorizeEndpointControllerTests method verifyPerServiceExpiration.
@Test
public void verifyPerServiceExpiration() throws Exception {
clearAllServices();
val mockRequest = new MockHttpServletRequest(HttpMethod.GET.name(), CONTEXT + OAuth20Constants.AUTHORIZE_URL);
mockRequest.setParameter(OAuth20Constants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuth20Constants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuth20Constants.RESPONSE_TYPE, OAuth20ResponseTypes.TOKEN.name().toLowerCase());
mockRequest.setServerName(CAS_SERVER);
mockRequest.setServerPort(CAS_PORT);
mockRequest.setScheme(CAS_SCHEME);
val mockResponse = new MockHttpServletResponse();
val service = getRegisteredService(REDIRECT_URI, SERVICE_NAME);
service.setBypassApprovalPrompt(true);
val expirationPolicy = new DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy();
expirationPolicy.setMaxTimeToLive("5005");
expirationPolicy.setTimeToKill("1001");
service.setAccessTokenExpirationPolicy(expirationPolicy);
service.setJwtAccessToken(true);
this.servicesManager.save(service);
val profile = new CasProfile();
profile.setId(ID);
val attributes = new HashMap<String, Object>();
attributes.put(FIRST_NAME_ATTRIBUTE, FIRST_NAME);
attributes.put(LAST_NAME_ATTRIBUTE, LAST_NAME);
profile.addAttributes(attributes);
val sessionStore = oAuth20AuthorizeEndpointController.getConfigurationContext().getSessionStore();
val context = new JEEContext(mockRequest, mockResponse);
val ticket = new MockTicketGrantingTicket("casuser");
oAuth20AuthorizeEndpointController.getConfigurationContext().getTicketRegistry().addTicket(ticket);
sessionStore.set(context, WebUtils.PARAMETER_TICKET_GRANTING_TICKET_ID, ticket.getId());
sessionStore.set(context, Pac4jConstants.USER_PROFILES, CollectionUtils.wrapLinkedHashMap(profile.getClientName(), profile));
val modelAndView = oAuth20AuthorizeEndpointController.handleRequest(mockRequest, mockResponse);
val view = modelAndView.getView();
assertTrue(view instanceof RedirectView);
val redirectView = (RedirectView) view;
val redirectUrl = redirectView.getUrl();
assertNotNull(redirectUrl);
assertTrue(redirectUrl.startsWith(REDIRECT_URI + "#access_token="));
val at = StringUtils.substringBetween(redirectUrl, "#access_token=", "&token_type=bearer");
val decoded = this.oauthAccessTokenJwtCipherExecutor.decode(at).toString();
assertNotNull(decoded);
val jwt = JwtClaims.parse(decoded);
assertNotNull(jwt);
assertNotNull(jwt.getExpirationTime());
assertNotNull(jwt.getIssuedAt());
assertEqualsWithDelta(Long.parseLong(expirationPolicy.getMaxTimeToLive()), jwt.getExpirationTime().getValue() - jwt.getIssuedAt().getValue(), DELTA);
val expiresIn = StringUtils.substringAfter(redirectUrl, "&expires_in=");
assertEquals(expirationPolicy.getMaxTimeToLive(), expiresIn);
}
Also used :
lombok.val(lombok.val)
CasProfile(org.pac4j.cas.profile.CasProfile)
MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket)
DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy(org.apereo.cas.support.oauth.services.DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
JEEContext(org.pac4j.core.context.JEEContext)
RedirectView(org.springframework.web.servlet.view.RedirectView)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 2 with DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy
use of org.apereo.cas.support.oauth.services.DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy in project cas by apereo.
the class OAuth20DefaultAccessTokenFactoryTests method verifyOperationCreate.
@Test
public void verifyOperationCreate() {
val registeredService = getRegisteredService("https://app.oauth.org", "clientid-at", "secret-at");
registeredService.setAccessTokenExpirationPolicy(new DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy("PT10S", "PT10S"));
servicesManager.save(registeredService);
val token = defaultAccessTokenFactory.create(RegisteredServiceTestUtils.getService("https://app.oauth.org"), RegisteredServiceTestUtils.getAuthentication(), Set.of("Scope1", "Scope2"), "clientid-at", OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
assertNotNull(token);
assertNotNull(defaultAccessTokenFactory.get(OAuth20AccessToken.class));
}
Also used :
lombok.val(lombok.val)
DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy(org.apereo.cas.support.oauth.services.DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy)
Test(org.junit.jupiter.api.Test)
Aggregations
lombok.val (lombok.val)2
DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy (org.apereo.cas.support.oauth.services.DefaultRegisteredServiceOAuthAccessTokenExpirationPolicy)2
Test (org.junit.jupiter.api.Test)2
HashMap (java.util.HashMap)1
MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)1
CasProfile (org.pac4j.cas.profile.CasProfile)1
JEEContext (org.pac4j.core.context.JEEContext)1
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1
RedirectView (org.springframework.web.servlet.view.RedirectView)1
