Examples with QueryParam com.gw2auth.oauth2.server.util.QueryParam used on opensource projects

Search in sources :

Example 1 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class ApiTokenControllerTest method updateApiToken.

@WithGw2AuthLogin
public void updateApiToken(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final UUID gw2AccountId = UUID.randomUUID();
    final ApiTokenEntity apiToken = this.testHelper.createApiToken(accountId, gw2AccountId, Set.of(Gw2ApiPermission.ACCOUNT, Gw2ApiPermission.GUILDS), "TokenA");
    // verified
    this.testHelper.createAccountVerification(accountId, gw2AccountId);
    // register 2 clients
    final ClientRegistrationEntity clientRegistrationA = this.testHelper.createClientRegistration(accountId, "ClientA");
    final ClientRegistrationEntity clientRegistrationB = this.testHelper.createClientRegistration(accountId, "ClientB");
    // authorize 2 clients
    final ClientConsentEntity clientConsentA = this.testHelper.createClientConsent(accountId, clientRegistrationA.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2()));
    final ClientConsentEntity clientConsentB = this.testHelper.createClientConsent(accountId, clientRegistrationB.id(), Set.of(Gw2ApiPermission.ACCOUNT.oauth2()));
    final String authorizationIdA = this.testHelper.createClientAuthorization(accountId, clientConsentA.clientRegistrationId(), clientConsentA.authorizedScopes()).id();
    final String authorizationIdB = this.testHelper.createClientAuthorization(accountId, clientConsentB.clientRegistrationId(), clientConsentB.authorizedScopes()).id();
    // use this token in both clients
    this.testHelper.createClientAuthorizationToken(accountId, authorizationIdA, gw2AccountId);
    this.testHelper.createClientAuthorizationToken(accountId, authorizationIdB, gw2AccountId);
    final String gw2ApiToken = TestHelper.randomRootToken();
    // prepare the gw2 rest server
    this.gw2RestServer.reset();
    prepareGw2RestServerForTokenInfoRequest(gw2ApiToken, "Token Name", Set.of(Gw2ApiPermission.ACCOUNT));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiToken, "Gw2AccountName.1234");
    final String responseJson = this.mockMvc.perform(patch("/api/token/{gw2AccountId}", gw2AccountId).session(session).with(csrf()).queryParam("gw2ApiToken", gw2ApiToken).queryParam("displayName", "New Display Name")).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
    final ObjectMapper mapper = new ObjectMapper();
    final JsonNode apiTokenNode = mapper.readTree(responseJson);
    assertExpectedApiToken(new ExpectedApiToken(apiToken, true, List.of(clientRegistrationA, clientRegistrationB)), // display name should be updated
    "New Display Name", // api token should be updated
    gw2ApiToken, // the new api token has less permissions than the original one
    Set.of(Gw2ApiPermission.ACCOUNT.gw2()), apiTokenNode);
}
Also used : ApiTokenEntity(com.gw2auth.oauth2.server.repository.apitoken.ApiTokenEntity) ClientRegistrationEntity(com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity) JsonNode(com.fasterxml.jackson.databind.JsonNode) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) ClientConsentEntity(com.gw2auth.oauth2.server.repository.client.consent.ClientConsentEntity)

Example 2 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class ApiTokenControllerTest method updateApiTokenThatHasBeenVerifiedByAnotherAccount.

@WithGw2AuthLogin
public void updateApiTokenThatHasBeenVerifiedByAnotherAccount(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final long otherUserAccountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    final UUID gw2AccountId = UUID.randomUUID();
    // save key for the same gw2 account id on both accounts
    this.testHelper.createApiToken(accountId, gw2AccountId, Set.of(), "Name A");
    this.testHelper.createApiToken(otherUserAccountId, gw2AccountId, Set.of(), "Name B");
    // save verification for the other account
    this.gw2AccountVerificationRepository.save(new Gw2AccountVerificationEntity(gw2AccountId, otherUserAccountId));
    this.mockMvc.perform(patch("/api/token/{gw2AccountId}", gw2AccountId).session(session).with(csrf()).queryParam("displayName", "Hello World")).andExpect(status().isNotAcceptable());
    // api token should be deleted now
    assertTrue(this.apiTokenRepository.findAllByAccountIdAndGw2AccountIds(accountId, Set.of(gw2AccountId)).isEmpty());
}
Also used : Gw2AccountVerificationEntity(com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity) AccountEntity(com.gw2auth.oauth2.server.repository.account.AccountEntity)

Example 3 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class OAuth2ServerTest method revokeAccessToken.

@WithGw2AuthLogin
public void revokeAccessToken(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final ClientRegistrationCreation clientRegistrationCreation = createClientRegistration();
    final ClientRegistration clientRegistration = clientRegistrationCreation.clientRegistration();
    // perform authorization request (which should redirect to the consent page)
    MvcResult result = performAuthorizeWithClient(session, clientRegistration, List.of(Gw2ApiPermission.ACCOUNT.oauth2())).andReturn();
    // submit the consent
    final String tokenA = TestHelper.randomRootToken();
    final String tokenB = TestHelper.randomRootToken();
    final String tokenC = TestHelper.randomRootToken();
    result = performSubmitConsent(session, clientRegistration, URI.create(Objects.requireNonNull(result.getResponse().getRedirectedUrl())), tokenA, tokenB, tokenC).andReturn();
    // set testing clock to token customizer
    final Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.oAuth2TokenCustomizerService.setClock(testingClock);
    // retrieve the initial access and refresh token
    final String dummySubtokenA = TestHelper.createSubtokenJWT(this.gw2AccountId1st, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(30L));
    final String dummySubtokenB = TestHelper.createSubtokenJWT(this.gw2AccountId2nd, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(30L));
    result = performRetrieveTokenByCodeAndExpectValid(clientRegistrationCreation, URI.create(Objects.requireNonNull(result.getResponse().getRedirectedUrl())), Map.of(tokenA, dummySubtokenA, tokenB, dummySubtokenB)).andReturn();
    // verify the access token
    JsonNode tokenResponse = assertTokenResponse(result, () -> Map.of(this.gw2AccountId1st, new com.nimbusds.jose.shaded.json.JSONObject(Map.of("name", "First", "token", dummySubtokenA)), this.gw2AccountId2nd, new com.nimbusds.jose.shaded.json.JSONObject(Map.of("name", "Second", "token", dummySubtokenB))));
    // revoke the access_token
    final String accessToken = tokenResponse.get("access_token").textValue();
    this.mockMvc.perform(post("/oauth2/revoke").queryParam(OAuth2ParameterNames.CLIENT_ID, clientRegistrationCreation.clientRegistration().clientId().toString()).queryParam(OAuth2ParameterNames.CLIENT_SECRET, clientRegistrationCreation.clientSecret()).queryParam(OAuth2ParameterNames.TOKEN_TYPE_HINT, OAuth2TokenType.ACCESS_TOKEN.getValue()).queryParam(OAuth2ParameterNames.TOKEN, accessToken)).andExpect(status().isOk());
    // database should still contain the authorization
    final List<ClientAuthorizationEntity> clientAuthorizationEntities = this.clientAuthorizationRepository.findAllByAccountIdAndClientRegistrationId(accountId, clientRegistration.id());
    assertEquals(1, clientAuthorizationEntities.size());
}
Also used : ClientAuthorizationEntity(com.gw2auth.oauth2.server.repository.client.authorization.ClientAuthorizationEntity) ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) JSONObject(org.json.JSONObject) JsonNode(com.fasterxml.jackson.databind.JsonNode) MvcResult(org.springframework.test.web.servlet.MvcResult) Clock(java.time.Clock) ClientRegistrationCreation(com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationCreation)

Example 4 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class OAuth2ServerTest method revokeRefreshTokenWithInvalidClientSecret.

@WithGw2AuthLogin
public void revokeRefreshTokenWithInvalidClientSecret(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final ClientRegistrationCreation clientRegistrationCreation = createClientRegistration();
    final ClientRegistration clientRegistration = clientRegistrationCreation.clientRegistration();
    // perform authorization request (which should redirect to the consent page)
    MvcResult result = performAuthorizeWithClient(session, clientRegistration, List.of(Gw2ApiPermission.ACCOUNT.oauth2())).andReturn();
    // submit the consent
    final String tokenA = TestHelper.randomRootToken();
    final String tokenB = TestHelper.randomRootToken();
    final String tokenC = TestHelper.randomRootToken();
    result = performSubmitConsent(session, clientRegistration, URI.create(Objects.requireNonNull(result.getResponse().getRedirectedUrl())), tokenA, tokenB, tokenC).andReturn();
    // set testing clock to token customizer
    final Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.oAuth2TokenCustomizerService.setClock(testingClock);
    // retrieve the initial access and refresh token
    final String dummySubtokenA = TestHelper.createSubtokenJWT(this.gw2AccountId1st, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(30L));
    final String dummySubtokenB = TestHelper.createSubtokenJWT(this.gw2AccountId2nd, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(30L));
    result = performRetrieveTokenByCodeAndExpectValid(clientRegistrationCreation, URI.create(Objects.requireNonNull(result.getResponse().getRedirectedUrl())), Map.of(tokenA, dummySubtokenA, tokenB, dummySubtokenB)).andReturn();
    // verify the access token
    JsonNode tokenResponse = assertTokenResponse(result, () -> Map.of(this.gw2AccountId1st, new com.nimbusds.jose.shaded.json.JSONObject(Map.of("name", "First", "token", dummySubtokenA)), this.gw2AccountId2nd, new com.nimbusds.jose.shaded.json.JSONObject(Map.of("name", "Second", "token", dummySubtokenB))));
    // revoke the refresh_token
    final String refreshToken = tokenResponse.get("refresh_token").textValue();
    this.mockMvc.perform(post("/oauth2/revoke").queryParam(OAuth2ParameterNames.CLIENT_ID, clientRegistrationCreation.clientRegistration().clientId().toString()).queryParam(OAuth2ParameterNames.CLIENT_SECRET, "Not the correct client secret").queryParam(OAuth2ParameterNames.TOKEN_TYPE_HINT, OAuth2TokenType.REFRESH_TOKEN.getValue()).queryParam(OAuth2ParameterNames.TOKEN, refreshToken)).andExpect(status().isUnauthorized());
    // database should still contain the authorization
    final List<ClientAuthorizationEntity> clientAuthorizationEntities = this.clientAuthorizationRepository.findAllByAccountIdAndClientRegistrationId(accountId, clientRegistration.id());
    assertEquals(1, clientAuthorizationEntities.size());
}
Also used : ClientAuthorizationEntity(com.gw2auth.oauth2.server.repository.client.authorization.ClientAuthorizationEntity) ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) JSONObject(org.json.JSONObject) JsonNode(com.fasterxml.jackson.databind.JsonNode) MvcResult(org.springframework.test.web.servlet.MvcResult) Clock(java.time.Clock) ClientRegistrationCreation(com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationCreation)

Example 5 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class OAuth2ServerTest method revokeRefreshToken.

@WithGw2AuthLogin
public void revokeRefreshToken(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    final ClientRegistrationCreation clientRegistrationCreation = createClientRegistration();
    final ClientRegistration clientRegistration = clientRegistrationCreation.clientRegistration();
    // perform authorization request (which should redirect to the consent page)
    MvcResult result = performAuthorizeWithClient(session, clientRegistration, List.of(Gw2ApiPermission.ACCOUNT.oauth2())).andReturn();
    // submit the consent
    final String tokenA = TestHelper.randomRootToken();
    final String tokenB = TestHelper.randomRootToken();
    final String tokenC = TestHelper.randomRootToken();
    result = performSubmitConsent(session, clientRegistration, URI.create(Objects.requireNonNull(result.getResponse().getRedirectedUrl())), tokenA, tokenB, tokenC).andReturn();
    // set testing clock to token customizer & authorization service
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.oAuth2TokenCustomizerService.setClock(testingClock);
    this.clientAuthorizationService.setClock(testingClock);
    // retrieve the initial access and refresh token
    final String dummySubtokenA = TestHelper.createSubtokenJWT(this.gw2AccountId1st, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(30L));
    final String dummySubtokenB = TestHelper.createSubtokenJWT(this.gw2AccountId2nd, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(30L));
    result = performRetrieveTokenByCodeAndExpectValid(clientRegistrationCreation, URI.create(Objects.requireNonNull(result.getResponse().getRedirectedUrl())), Map.of(tokenA, dummySubtokenA, tokenB, dummySubtokenB)).andReturn();
    // verify the access token
    JsonNode tokenResponse = assertTokenResponse(result, () -> Map.of(this.gw2AccountId1st, new com.nimbusds.jose.shaded.json.JSONObject(Map.of("name", "First", "token", dummySubtokenA)), this.gw2AccountId2nd, new com.nimbusds.jose.shaded.json.JSONObject(Map.of("name", "Second", "token", dummySubtokenB))));
    // revoke the refresh_token
    final String refreshToken = tokenResponse.get("refresh_token").textValue();
    this.mockMvc.perform(post("/oauth2/revoke").queryParam(OAuth2ParameterNames.CLIENT_ID, clientRegistrationCreation.clientRegistration().clientId().toString()).queryParam(OAuth2ParameterNames.CLIENT_SECRET, clientRegistrationCreation.clientSecret()).queryParam(OAuth2ParameterNames.TOKEN_TYPE_HINT, OAuth2TokenType.REFRESH_TOKEN.getValue()).queryParam(OAuth2ParameterNames.TOKEN, refreshToken)).andExpect(status().isOk());
    // trigger deletion
    this.clientAuthorizationService.deleteAllExpiredAuthorizations();
    // database should still contain the authorization (access token is still valid)
    List<ClientAuthorizationEntity> clientAuthorizationEntities = this.clientAuthorizationRepository.findAllByAccountIdAndClientRegistrationId(accountId, clientRegistration.id());
    assertEquals(1, clientAuthorizationEntities.size());
    // trigger deletion with current timestamp + 31min
    testingClock = Clock.offset(testingClock, Duration.ofMinutes(31L));
    this.clientAuthorizationService.setClock(testingClock);
    this.clientAuthorizationService.deleteAllExpiredAuthorizations();
    // database should not contain the authorization anymore
    clientAuthorizationEntities = this.clientAuthorizationRepository.findAllByAccountIdAndClientRegistrationId(accountId, clientRegistration.id());
    assertEquals(0, clientAuthorizationEntities.size());
}
Also used : ClientAuthorizationEntity(com.gw2auth.oauth2.server.repository.client.authorization.ClientAuthorizationEntity) ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) JSONObject(org.json.JSONObject) JsonNode(com.fasterxml.jackson.databind.JsonNode) MvcResult(org.springframework.test.web.servlet.MvcResult) Clock(java.time.Clock) ClientRegistrationCreation(com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationCreation)

Aggregations

Clock (java.time.Clock)14 JsonNode (com.fasterxml.jackson.databind.JsonNode)8 MvcResult (org.springframework.test.web.servlet.MvcResult)7 Gw2AccountVerificationEntity (com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity)6 ClientRegistration (com.gw2auth.oauth2.server.service.client.registration.ClientRegistration)6 ClientRegistrationCreation (com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationCreation)6 UUID (java.util.UUID)6 ClientAuthorizationEntity (com.gw2auth.oauth2.server.repository.client.authorization.ClientAuthorizationEntity)5 Gw2AccountVerificationChallengeEntity (com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationChallengeEntity)5 JSONObject (org.json.JSONObject)5 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)4 AccountEntity (com.gw2auth.oauth2.server.repository.account.AccountEntity)4 ClientConsentEntity (com.gw2auth.oauth2.server.repository.client.consent.ClientConsentEntity)4 VerificationChallengeStart (com.gw2auth.oauth2.server.service.verification.VerificationChallengeStart)3 ApiTokenEntity (com.gw2auth.oauth2.server.repository.apitoken.ApiTokenEntity)2 ClientRegistrationEntity (com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity)2 QueryParam (com.gw2auth.oauth2.server.util.QueryParam)2 Utils (com.gw2auth.oauth2.server.util.Utils)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 com.gw2auth.oauth2.server (com.gw2auth.oauth2.server)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial