Examples with ClientRegistrationEntity com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity used on opensource projects

Example 6 with ClientRegistrationEntity

use of com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity in project oauth2-server by gw2auth.

the class ClientConsentControllerTest method deleteClientConsent.

@WithGw2AuthLogin
public void deleteClientConsent(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final ClientRegistrationEntity clientRegistrationA = this.testHelper.createClientRegistration(accountId, "Name");
    final ClientRegistrationEntity clientRegistrationB = this.testHelper.createClientRegistration(accountId, "Name");
    final ApiTokenEntity apiTokenA = this.testHelper.createApiToken(accountId, UUID.randomUUID(), Gw2ApiPermission.all(), "TokenNameA");
    final ApiTokenEntity apiTokenB = this.testHelper.createApiToken(accountId, UUID.randomUUID(), Gw2ApiPermission.all(), "TokenNameB");
    final ApiTokenEntity apiTokenC = this.testHelper.createApiToken(accountId, UUID.randomUUID(), Gw2ApiPermission.all(), "TokenNameC");
    final ClientConsentEntity clientConsentA = this.testHelper.createClientConsent(accountId, clientRegistrationA.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2()));
    final ClientConsentEntity clientConsentB = this.testHelper.createClientConsent(accountId, clientRegistrationB.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2(), Gw2ApiPermission.GUILDS.oauth2()));
    final String authorizationIdA = this.testHelper.createClientAuthorization(accountId, clientConsentA.clientRegistrationId(), clientConsentA.authorizedScopes()).id();
    final String authorizationIdB = this.testHelper.createClientAuthorization(accountId, clientConsentB.clientRegistrationId(), clientConsentB.authorizedScopes()).id();
    // tokens for authorization A
    this.testHelper.createClientAuthorizationTokens(accountId, authorizationIdA, apiTokenA.gw2AccountId(), apiTokenC.gw2AccountId());
    // tokens for authorization B
    this.testHelper.createClientAuthorizationTokens(accountId, authorizationIdB, apiTokenB.gw2AccountId());
    // logs for authorization A
    this.testHelper.createClientLog(accountId, clientConsentA.clientRegistrationId(), "SomeTypeA", List.of());
    this.testHelper.createClientLog(accountId, clientConsentA.clientRegistrationId(), "SomeTypeA", List.of());
    // logs for authorization B
    this.testHelper.createClientLog(accountId, clientConsentB.clientRegistrationId(), "SomeTypeA", List.of());
    // delete authorization A
    this.mockMvc.perform(delete("/api/client/consent/{clientId}", clientRegistrationA.clientId()).session(session).with(csrf())).andExpect(status().isOk());
    // entity should still be there
    ClientConsentEntity clientConsent = this.clientConsentRepository.findByAccountIdAndClientRegistrationId(accountId, clientConsentA.clientRegistrationId()).orElse(null);
    assertNotNull(clientConsent);
    assertNotEquals(clientConsentA, clientConsent);
    assertTrue(clientConsent.authorizedScopes().isEmpty());
    assertEquals(clientConsentA.accountSub(), clientConsent.accountSub());
    // logs and tokens should be deleted
    assertTrue(this.clientAuthorizationTokenRepository.findAllByAccountIdAndClientAuthorizationId(accountId, authorizationIdA).isEmpty());
    assertTrue(this.clientConsentLogRepository.findByAccountIdAndClientId(accountId, clientRegistrationA.clientId(), 0, 10).findAny().isEmpty());
    // authorization B should still be there (and unchanged)
    clientConsent = this.clientConsentRepository.findByAccountIdAndClientRegistrationId(accountId, clientConsentB.clientRegistrationId()).orElse(null);
    assertEquals(clientConsentB, clientConsent);
    // logs and tokens of B should still be there
    assertEquals(1, this.clientAuthorizationTokenRepository.findAllByAccountIdAndClientAuthorizationId(accountId, authorizationIdB).size());
    assertEquals(1L, this.clientConsentLogRepository.findByAccountIdAndClientId(accountId, clientRegistrationB.clientId(), 0, 10).count());
}

Example 7 with ClientRegistrationEntity

use of com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity in project oauth2-server by gw2auth.

the class ApiTokenControllerTest method updateApiToken.

@WithGw2AuthLogin
public void updateApiToken(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final UUID gw2AccountId = UUID.randomUUID();
    final ApiTokenEntity apiToken = this.testHelper.createApiToken(accountId, gw2AccountId, Set.of(Gw2ApiPermission.ACCOUNT, Gw2ApiPermission.GUILDS), "TokenA");
    // verified
    this.testHelper.createAccountVerification(accountId, gw2AccountId);
    // register 2 clients
    final ClientRegistrationEntity clientRegistrationA = this.testHelper.createClientRegistration(accountId, "ClientA");
    final ClientRegistrationEntity clientRegistrationB = this.testHelper.createClientRegistration(accountId, "ClientB");
    // authorize 2 clients
    final ClientConsentEntity clientConsentA = this.testHelper.createClientConsent(accountId, clientRegistrationA.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2()));
    final ClientConsentEntity clientConsentB = this.testHelper.createClientConsent(accountId, clientRegistrationB.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2()));
    final String authorizationIdA = this.testHelper.createClientAuthorization(accountId, clientConsentA.clientRegistrationId(), clientConsentA.authorizedScopes()).id();
    final String authorizationIdB = this.testHelper.createClientAuthorization(accountId, clientConsentB.clientRegistrationId(), clientConsentB.authorizedScopes()).id();
    // use this token in both clients
    this.testHelper.createClientAuthorizationToken(accountId, authorizationIdA, gw2AccountId);
    this.testHelper.createClientAuthorizationToken(accountId, authorizationIdB, gw2AccountId);
    final String gw2ApiToken = TestHelper.randomRootToken();
    // prepare the gw2 rest server
    this.gw2RestServer.reset();
    prepareGw2RestServerForTokenInfoRequest(gw2ApiToken, "Token Name", Set.of(Gw2ApiPermission.ACCOUNT));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiToken, "Gw2AccountName.1234");
    final String responseJson = this.mockMvc.perform(patch("/api/token/{gw2AccountId}", gw2AccountId).session(session).with(csrf()).queryParam("gw2ApiToken", gw2ApiToken).queryParam("displayName", "New Display Name")).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
    final ObjectMapper mapper = new ObjectMapper();
    final JsonNode apiTokenNode = mapper.readTree(responseJson);
    assertExpectedApiToken(new ExpectedApiToken(apiToken, true, List.of(clientRegistrationA, clientRegistrationB)), // display name should be updated
    "New Display Name", // api token should be updated
    gw2ApiToken, // the new api token has less permissions than the original one
    Set.of(Gw2ApiPermission.ACCOUNT.gw2()), apiTokenNode);
}

Example 8 with ClientRegistrationEntity

use of com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity in project oauth2-server by gw2auth.

the class ApiTokenControllerTest method assertExpectedApiToken.

private void assertExpectedApiToken(ExpectedApiToken expectedApiToken, String expectedDisplayName, String expectedGw2ApiToken, Set<String> expectedGw2ApiPermissions, JsonNode apiTokenNode) {
    assertNotNull(expectedApiToken);
    assertEquals(expectedApiToken.apiToken().gw2AccountId(), UUID.fromString(apiTokenNode.get("gw2AccountId").textValue()));
    assertInstantEquals(expectedApiToken.apiToken().creationTime(), apiTokenNode.get("creationTime").textValue());
    assertEquals(expectedGw2ApiToken, apiTokenNode.get("gw2ApiToken").textValue());
    assertEquals(expectedDisplayName, apiTokenNode.get("displayName").textValue());
    assertTrue(apiTokenNode.get("isValid").booleanValue());
    assertEquals(expectedApiToken.isVerified(), apiTokenNode.get("isVerified").booleanValue());
    // gw2 api permissions
    expectedGw2ApiPermissions = new HashSet<>(expectedGw2ApiPermissions);
    final JsonNode gw2ApiPermissionsNode = apiTokenNode.get("gw2ApiPermissions");
    assertTrue(gw2ApiPermissionsNode.isArray());
    for (int j = 0; j < gw2ApiPermissionsNode.size(); j++) {
        if (!expectedGw2ApiPermissions.remove(gw2ApiPermissionsNode.get(j).textValue())) {
            fail("Received unexpected gw2ApiPermission");
        }
    }
    assertTrue(expectedGw2ApiPermissions.isEmpty());
    // authorizations
    final Map<UUID, ClientRegistrationEntity> expectedAuthorizations = expectedApiToken.authorizations().stream().collect(Collectors.toMap(ClientRegistrationEntity::clientId, Function.identity()));
    final JsonNode authorizationsNode = apiTokenNode.get("authorizations");
    assertTrue(authorizationsNode.isArray());
    for (int j = 0; j < authorizationsNode.size(); j++) {
        final JsonNode authorizationNode = authorizationsNode.get(j);
        final UUID clientId = UUID.fromString(authorizationNode.get("clientId").textValue());
        final ClientRegistrationEntity expectedAuthorization = expectedAuthorizations.remove(clientId);
        assertNotNull(expectedAuthorization);
        assertEquals(expectedAuthorization.displayName(), authorizationNode.get("displayName").textValue());
    }
    assertTrue(expectedAuthorizations.isEmpty());
}

Example 9 with ClientRegistrationEntity

use of com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity in project oauth2-server by gw2auth.

the class ApiTokenControllerTest method deleteApiToken.

@WithGw2AuthLogin
public void deleteApiToken(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final UUID gw2AccountId = UUID.randomUUID();
    this.testHelper.createApiToken(accountId, gw2AccountId, Set.of(Gw2ApiPermission.ACCOUNT, Gw2ApiPermission.GUILDS), "TokenA");
    // verified
    this.testHelper.createAccountVerification(accountId, gw2AccountId);
    // register a client
    final ClientRegistrationEntity clientRegistration = this.testHelper.createClientRegistration(accountId, "ClientA");
    // authorize the client
    final ClientConsentEntity clientConsent = this.testHelper.createClientConsent(accountId, clientRegistration.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2()));
    final String authorizationId = this.testHelper.createClientAuthorization(accountId, clientConsent.clientRegistrationId(), clientConsent.authorizedScopes()).id();
    // use this token to the authorization
    this.testHelper.createClientAuthorizationToken(accountId, authorizationId, gw2AccountId);
    this.mockMvc.perform(delete("/api/token/{gw2AccountId}", gw2AccountId).session(session).with(csrf())).andExpect(status().isOk());
    // the token should be deleted
    assertTrue(this.apiTokenRepository.findAllByAccountIdAndGw2AccountIds(accountId, Set.of(gw2AccountId)).isEmpty());
    // the verification should still be there
    assertTrue(this.gw2AccountVerificationRepository.findById(gw2AccountId).isPresent());
    // the token should no longer be in the authorization
    assertTrue(this.clientAuthorizationTokenRepository.findAllByAccountIdAndClientAuthorizationId(accountId, authorizationId).isEmpty());
    // the authorization should still be there
    assertTrue(this.clientConsentRepository.findByAccountIdAndClientRegistrationId(accountId, clientConsent.clientRegistrationId()).isPresent());
}

Example 10 with ClientRegistrationEntity

use of com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity in project oauth2-server by gw2auth.

the class ClientRegistrationServiceImpl method createClientRegistration.

@Override
@Transactional
public ClientRegistrationCreation createClientRegistration(long accountId, String displayName, Set<String> _authorizationGrantTypes, Set<String> redirectUris) {
    if (redirectUris.isEmpty()) {
        throw new ClientRegistrationServiceException(ClientRegistrationServiceException.NOT_ENOUGH_REDIRECT_URIS, HttpStatus.BAD_REQUEST);
    } else if (!redirectUris.stream().allMatch(this.redirectUriValidator::validate)) {
        throw new ClientRegistrationServiceException(ClientRegistrationServiceException.INVALID_REDIRECT_URI, HttpStatus.BAD_REQUEST);
    }
    final Set<AuthorizationGrantType> authorizationGrantTypes = _authorizationGrantTypes.stream().map(AuthorizationGrantType::new).collect(Collectors.toSet());
    final String clientSecret = generateClientSecret();
    final String encodedClientSecret = this.passwordEncoder.encode(clientSecret);
    final ClientRegistrationEntity clientRegistrationEntity = this.clientRegistrationRepository.save(new ClientRegistrationEntity(null, accountId, Instant.now(), displayName, generateClientId(), encodedClientSecret, authorizationGrantTypes.stream().map(AuthorizationGrantType::getValue).collect(Collectors.toSet()), redirectUris));
    return ClientRegistrationCreation.fromEntity(clientRegistrationEntity, clientSecret);
}