Search in sources :

Example 1 with ResourceRegistrationFilter

use of org.forgerock.openam.oauth2.extensions.ResourceRegistrationFilter in project OpenAM by OpenRock.

the class ResourceSetRegistrationEndpointTest method setup.

@BeforeMethod
@SuppressWarnings("unchecked")
public void setup() throws ServerException, InvalidGrantException, NotFoundException {
    store = mock(ResourceSetStore.class);
    validator = mock(ResourceSetDescriptionValidator.class);
    OAuth2RequestFactory<?, Request> requestFactory = mock(OAuth2RequestFactory.class);
    Set<ResourceSetRegistrationHook> hooks = new HashSet<>();
    hook = mock(ResourceSetRegistrationHook.class);
    hooks.add(hook);
    labelRegistration = mock(ResourceSetLabelRegistration.class);
    ExtensionFilterManager extensionFilterManager = mock(ExtensionFilterManager.class);
    resourceRegistrationFilter = mock(ResourceRegistrationFilter.class);
    given(extensionFilterManager.getFilters(ResourceRegistrationFilter.class)).willReturn(Collections.singletonList(resourceRegistrationFilter));
    OAuth2ProviderSettingsFactory providerSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
    OAuth2ProviderSettings providerSettings = mock(OAuth2ProviderSettings.class);
    given(providerSettingsFactory.get(Matchers.<OAuth2Request>anyObject())).willReturn(providerSettings);
    given(providerSettings.getResourceSetStore()).willReturn(store);
    ExceptionHandler exceptionHandler = mock(ExceptionHandler.class);
    UmaLabelsStore umaLabelsStore = mock(UmaLabelsStore.class);
    endpoint = spy(new ResourceSetRegistrationEndpoint(providerSettingsFactory, validator, requestFactory, hooks, labelRegistration, extensionFilterManager, exceptionHandler, umaLabelsStore, jacksonRepresentationFactory));
    Request request = mock(Request.class);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("PAT");
    given(request.getChallengeResponse()).willReturn(challengeResponse);
    given(endpoint.getRequest()).willReturn(request);
    AccessToken accessToken = mock(AccessToken.class);
    given(accessToken.getClientId()).willReturn("CLIENT_ID");
    given(accessToken.getResourceOwnerId()).willReturn("RESOURCE_OWNER_ID");
    response = mock(Response.class);
    given(endpoint.getResponse()).willReturn(response);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    given(requestFactory.create(Matchers.<Request>anyObject())).willReturn(oAuth2Request);
    given(oAuth2Request.getToken(AccessToken.class)).willReturn(accessToken);
}
Also used : ResourceSetRegistrationHook(org.forgerock.oauth2.restlet.resources.ResourceSetRegistrationHook) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Request(org.restlet.Request) ResourceRegistrationFilter(org.forgerock.openam.oauth2.extensions.ResourceRegistrationFilter) ResourceSetDescriptionValidator(org.forgerock.oauth2.restlet.resources.ResourceSetDescriptionValidator) ChallengeResponse(org.restlet.data.ChallengeResponse) ExceptionHandler(org.forgerock.oauth2.restlet.ExceptionHandler) ChallengeResponse(org.restlet.data.ChallengeResponse) Response(org.restlet.Response) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) OAuth2ProviderSettingsFactory(org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory) ResourceSetStore(org.forgerock.oauth2.resources.ResourceSetStore) AccessToken(org.forgerock.oauth2.core.AccessToken) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings) UmaLabelsStore(org.forgerock.openam.oauth2.resources.labels.UmaLabelsStore) ExtensionFilterManager(org.forgerock.openam.oauth2.extensions.ExtensionFilterManager) HashSet(java.util.HashSet) BeforeMethod(org.testng.annotations.BeforeMethod)

Example 2 with ResourceRegistrationFilter

use of org.forgerock.openam.oauth2.extensions.ResourceRegistrationFilter in project OpenAM by OpenRock.

the class ResourceSetRegistrationEndpoint method createResourceSet.

/**
     * <p>Creates or updates a resource set description.</p>
     *
     * <p>If the request contains a If-Match header an update is performed, otherwise a create is performed.</p>
     *
     * <p>An update will replace the current description of the resource set with the contents of the request body.</p>
     *
     * @param entity The new resource set description.
     * @return A JSON object containing the authorization server's unique id for the resource set and, optionally,
     * a policy uri.
     * @throws NotFoundException If the requested resource set description does not exist.
     * @throws ServerException When an error occurs during creating or updating.
     * @throws BadRequestException If the request JSON is invalid.
     */
@Post
public Representation createResourceSet(JsonRepresentation entity) throws NotFoundException, ServerException, BadRequestException {
    ResourceSetDescription resourceSetDescription = new ResourceSetDescription(null, getClientId(), getResourceOwnerId(), validator.validate(toMap(entity)));
    OAuth2Request oAuth2Request = requestFactory.create(getRequest());
    ResourceSetStore store = providerSettingsFactory.get(oAuth2Request).getResourceSetStore();
    QueryFilter<String> query = QueryFilter.and(QueryFilter.equalTo(ResourceSetTokenField.NAME, resourceSetDescription.getName()), QueryFilter.equalTo(ResourceSetTokenField.CLIENT_ID, getClientId()), QueryFilter.equalTo(ResourceSetTokenField.RESOURCE_OWNER_ID, getResourceOwnerId()));
    if (!store.query(query).isEmpty()) {
        getResponse().setStatus(Status.CLIENT_ERROR_BAD_REQUEST);
        Map<String, Object> response = new HashMap<String, Object>();
        response.put(OAuth2Constants.Params.ERROR, Status.CLIENT_ERROR_BAD_REQUEST.getReasonPhrase());
        response.put(OAuth2Constants.Params.ERROR_DESCRIPTION, "A shared item with the name '" + resourceSetDescription.getName() + "' already exists");
        return new JsonRepresentation(response);
    }
    JsonValue labels = resourceSetDescription.getDescription().get(OAuth2Constants.ResourceSets.LABELS);
    resourceSetDescription.getDescription().remove(OAuth2Constants.ResourceSets.LABELS);
    for (ResourceRegistrationFilter filter : extensionFilterManager.getFilters(ResourceRegistrationFilter.class)) {
        filter.beforeResourceRegistration(resourceSetDescription);
    }
    store.create(oAuth2Request, resourceSetDescription);
    if (labels.isNotNull()) {
        resourceSetDescription.getDescription().add(OAuth2Constants.ResourceSets.LABELS, labels.asSet());
    }
    labelRegistration.updateLabelsForNewResourceSet(resourceSetDescription);
    for (ResourceRegistrationFilter filter : extensionFilterManager.getFilters(ResourceRegistrationFilter.class)) {
        filter.afterResourceRegistration(resourceSetDescription);
    }
    for (ResourceSetRegistrationHook hook : hooks) {
        hook.resourceSetCreated(oAuth2Request.<String>getParameter("realm"), resourceSetDescription);
    }
    getResponse().setStatus(Status.SUCCESS_CREATED);
    return createJsonResponse(resourceSetDescription, false, true);
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) HashMap(java.util.HashMap) ResourceSetStore(org.forgerock.oauth2.resources.ResourceSetStore) ResourceSetRegistrationHook(org.forgerock.oauth2.restlet.resources.ResourceSetRegistrationHook) JsonValue(org.forgerock.json.JsonValue) ResourceSetDescription(org.forgerock.oauth2.resources.ResourceSetDescription) JsonRepresentation(org.restlet.ext.json.JsonRepresentation) ResourceRegistrationFilter(org.forgerock.openam.oauth2.extensions.ResourceRegistrationFilter) Post(org.restlet.resource.Post)

Aggregations

OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)2 ResourceSetStore (org.forgerock.oauth2.resources.ResourceSetStore)2 ResourceSetRegistrationHook (org.forgerock.oauth2.restlet.resources.ResourceSetRegistrationHook)2 ResourceRegistrationFilter (org.forgerock.openam.oauth2.extensions.ResourceRegistrationFilter)2 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 JsonValue (org.forgerock.json.JsonValue)1 AccessToken (org.forgerock.oauth2.core.AccessToken)1 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)1 OAuth2ProviderSettingsFactory (org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory)1 ResourceSetDescription (org.forgerock.oauth2.resources.ResourceSetDescription)1 ExceptionHandler (org.forgerock.oauth2.restlet.ExceptionHandler)1 ResourceSetDescriptionValidator (org.forgerock.oauth2.restlet.resources.ResourceSetDescriptionValidator)1 ExtensionFilterManager (org.forgerock.openam.oauth2.extensions.ExtensionFilterManager)1 UmaLabelsStore (org.forgerock.openam.oauth2.resources.labels.UmaLabelsStore)1 Request (org.restlet.Request)1 Response (org.restlet.Response)1 ChallengeResponse (org.restlet.data.ChallengeResponse)1 JsonRepresentation (org.restlet.ext.json.JsonRepresentation)1 Post (org.restlet.resource.Post)1