Examples with QueryParam com.gw2auth.oauth2.server.util.QueryParam used on opensource projects

Search in sources :

Example 6 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class Gw2AuthLoginExtension method loginInternal.

private ResultActions loginInternal(ExtensionContext context, String loginURL, String issuer, String idAtIssuer) throws Exception {
    final MockHttpSession session = context.getStore(NAMESPACE).getOrComputeIfAbsent("session", (k) -> new MockHttpSession(), MockHttpSession.class);
    this.testClientRegistrationRepository.prepareRegistrationId(issuer);
    final MvcResult result = this.mockMvc.perform(get(loginURL).session(session)).andReturn();
    final String location = Objects.requireNonNull(result.getResponse().getHeader("Location"));
    final String state = Utils.parseQuery(new URL(location).getQuery()).filter(QueryParam::hasValue).filter((queryParam) -> queryParam.name().equals(OAuth2ParameterNames.STATE)).map(QueryParam::value).findFirst().orElseThrow();
    return this.mockMvc.perform(get("/login/oauth2/code/{issuer}", issuer).session(session).queryParam("code", idAtIssuer).queryParam("state", state));
}
Also used : OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) IsNot(org.hamcrest.core.IsNot) URL(java.net.URL) Autowired(org.springframework.beans.factory.annotation.Autowired) ResultMatcher(org.springframework.test.web.servlet.ResultMatcher) ExtensionContext(org.junit.jupiter.api.extension.ExtensionContext) QueryParam(com.gw2auth.oauth2.server.util.QueryParam) MockMvc(org.springframework.test.web.servlet.MockMvc) ResultActions(org.springframework.test.web.servlet.ResultActions) AfterEachCallback(org.junit.jupiter.api.extension.AfterEachCallback) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) MockMvcRequestBuilders.post(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post) MvcResult(org.springframework.test.web.servlet.MvcResult) Utils(com.gw2auth.oauth2.server.util.Utils) OAuth2ClientConfiguration(com.gw2auth.oauth2.server.configuration.OAuth2ClientConfiguration) StringEndsWith(org.hamcrest.core.StringEndsWith) Method(java.lang.reflect.Method) MockMvcResultMatchers.header(org.springframework.test.web.servlet.result.MockMvcResultMatchers.header) MockHttpSession(org.springframework.mock.web.MockHttpSession) StandardCharsets(java.nio.charset.StandardCharsets) Objects(java.util.Objects) Component(org.springframework.stereotype.Component) URLEncoder(java.net.URLEncoder) BeforeEachCallback(org.junit.jupiter.api.extension.BeforeEachCallback) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) SecurityMockMvcRequestPostProcessors.csrf(org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf) QueryParam(com.gw2auth.oauth2.server.util.QueryParam) MockHttpSession(org.springframework.mock.web.MockHttpSession) MvcResult(org.springframework.test.web.servlet.MvcResult) URL(java.net.URL)

Example 7 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class VerificationControllerTest method startAndSubmitApiTokenNameChallengeLaterFulfilled.

@WithGw2AuthLogin
public void startAndSubmitApiTokenNameChallengeLaterFulfilled(MockHttpSession session) throws Exception {
    final UUID gw2AccountId = UUID.randomUUID();
    // insert an api token for another account but for the same gw2 account id
    final long otherUserAccountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    this.testHelper.createApiToken(otherUserAccountId, gw2AccountId, Set.of(), "Name");
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    // prepare the testing clock
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.verificationService.setClock(testingClock);
    final String gw2ApiToken = TestHelper.randomRootToken();
    final String gw2ApiSubtoken = TestHelper.createSubtokenJWT(UUID.randomUUID(), Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(90L));
    // prepare the gw2 api
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant().plus(Duration.ofMinutes(90L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, "Not the name that was requested", Set.of(Gw2ApiPermission.ACCOUNT));
    // start the challenge
    final VerificationChallengeStart challengeStart = this.verificationService.startChallenge(accountId, 1L);
    // submit the challenge
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isOk()).andExpect(jsonPath("$.isSuccess").value("false")).andExpect(jsonPath("$.pending").isMap());
    // started challenge should be removed
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, "").isEmpty());
    // pending challenge should be inserted
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).isPresent());
    // let 15 minutes pass
    testingClock = Clock.offset(testingClock, Duration.ofMinutes(15L));
    this.verificationService.setClock(testingClock);
    // prepare the api again and now set the name to the requested one
    this.gw2RestServer.reset();
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, challengeStart.message().get("apiTokenName").toString(), Set.of(Gw2ApiPermission.ACCOUNT));
    // simulate scheduled check
    this.verificationService.tryVerifyAllPending();
    // pending challenge should be removed
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).isEmpty());
    // account should now be verified
    final Gw2AccountVerificationEntity accountVerification = this.gw2AccountVerificationRepository.findById(gw2AccountId).orElse(null);
    assertNotNull(accountVerification);
    assertEquals(accountId, accountVerification.accountId());
    // the other users api token should be removed
    assertTrue(this.apiTokenRepository.findByAccountIdAndGw2AccountId(otherUserAccountId, gw2AccountId).isEmpty());
}
Also used : VerificationChallengeStart(com.gw2auth.oauth2.server.service.verification.VerificationChallengeStart) UUID(java.util.UUID) Clock(java.time.Clock) Gw2AccountVerificationEntity(com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity) AccountEntity(com.gw2auth.oauth2.server.repository.account.AccountEntity)

Example 8 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class VerificationControllerTest method startAndSubmitApiTokenNameChallengeDirectlyFulfilled.

@WithGw2AuthLogin
public void startAndSubmitApiTokenNameChallengeDirectlyFulfilled(MockHttpSession session) throws Exception {
    final UUID gw2AccountId = UUID.randomUUID();
    // insert an api token for another account but for the same gw2 account id
    final long otherUserAccountId = this.accountRepository.save(new AccountEntity(null, Instant.now())).id();
    this.testHelper.createApiToken(otherUserAccountId, gw2AccountId, Set.of(), "Name");
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    // prepare the testing clock
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.verificationService.setClock(testingClock);
    final String gw2ApiToken = TestHelper.randomRootToken();
    final String gw2ApiSubtoken = TestHelper.createSubtokenJWT(UUID.randomUUID(), Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(90L));
    // start the challenge
    final VerificationChallengeStart challengeStart = this.verificationService.startChallenge(accountId, 1L);
    // prepare the gw2 api
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant().plus(Duration.ofMinutes(90L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, challengeStart.message().get("apiTokenName").toString(), Set.of(Gw2ApiPermission.ACCOUNT));
    // submit the challenge
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isOk()).andExpect(jsonPath("$.isSuccess").value("true"));
    // started challenge should be removed
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, "").isEmpty());
    // pending challenge should not be present (either removed or never inserted)
    assertTrue(this.gw2AccountVerificationChallengeRepository.findByAccountIdAndGw2AccountId(accountId, gw2AccountId.toString()).isEmpty());
    // account should now be verified
    final Gw2AccountVerificationEntity accountVerification = this.gw2AccountVerificationRepository.findById(gw2AccountId).orElse(null);
    assertNotNull(accountVerification);
    assertEquals(accountId, accountVerification.accountId());
    // the other users api token should be removed
    assertTrue(this.apiTokenRepository.findByAccountIdAndGw2AccountId(otherUserAccountId, gw2AccountId).isEmpty());
}
Also used : VerificationChallengeStart(com.gw2auth.oauth2.server.service.verification.VerificationChallengeStart) UUID(java.util.UUID) Clock(java.time.Clock) Gw2AccountVerificationEntity(com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity) AccountEntity(com.gw2auth.oauth2.server.repository.account.AccountEntity)

Example 9 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class VerificationControllerTest method startAndSubmitChallengeForGw2AccountAlreadyVerified.

@WithGw2AuthLogin
public void startAndSubmitChallengeForGw2AccountAlreadyVerified(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    // prepare the testing clock
    Clock testingClock = Clock.fixed(Instant.now(), ZoneId.systemDefault());
    this.verificationService.setClock(testingClock);
    final UUID gw2AccountId = UUID.randomUUID();
    final String gw2ApiToken = UUID.randomUUID().toString();
    final String gw2ApiSubtoken = TestHelper.createSubtokenJWT(UUID.randomUUID(), Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant(), Duration.ofMinutes(90L));
    // insert the verification
    this.gw2AccountVerificationRepository.save(new Gw2AccountVerificationEntity(gw2AccountId, accountId));
    // prepare the gw2 api
    this.gw2RestServer.reset();
    preparedGw2RestServerForCreateSubtoken(gw2ApiToken, gw2ApiSubtoken, Set.of(Gw2ApiPermission.ACCOUNT), testingClock.instant().plus(Duration.ofMinutes(90L)));
    preparedGw2RestServerForAccountRequest(gw2AccountId, gw2ApiSubtoken);
    prepareGw2RestServerForTokenInfoRequest(gw2ApiSubtoken, "Not the name that was requested", Set.of(Gw2ApiPermission.ACCOUNT));
    // start the challenge
    this.verificationService.startChallenge(accountId, 1L);
    // submit the challenge
    this.mockMvc.perform(post("/api/verification/pending").session(session).with(csrf()).queryParam("token", gw2ApiToken)).andExpect(status().isBadRequest());
}
Also used : Clock(java.time.Clock) UUID(java.util.UUID) Gw2AccountVerificationEntity(com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity)

Example 10 with QueryParam

use of com.gw2auth.oauth2.server.util.QueryParam in project oauth2-server by gw2auth.

the class AccountControllerTest method deleteAccountFederation.

@WithGw2AuthLogin(issuer = "issuer", idAtIssuer = "idAtIssuer")
public void deleteAccountFederation(MockHttpSession session) throws Exception {
    final long accountId = AuthenticationHelper.getUser(session).orElseThrow().getAccountId();
    this.accountFederationRepository.save(new AccountFederationEntity("issuer2", "idAtIssuer2", accountId));
    this.mockMvc.perform(delete("/api/account/federation").session(session).queryParam("issuer", "issuer2").queryParam("idAtIssuer", "idAtIssuer2").with(csrf())).andExpect(status().isOk());
    final List<AccountFederationEntity> result = this.accountFederationRepository.findAllByAccountId(accountId);
    assertEquals(1, result.size());
    assertEquals(new AccountFederationEntity("issuer", "idAtIssuer", accountId), result.get(0));
}
Also used : AccountFederationEntity(com.gw2auth.oauth2.server.repository.account.AccountFederationEntity)

Aggregations

Clock (java.time.Clock)14 JsonNode (com.fasterxml.jackson.databind.JsonNode)8 MvcResult (org.springframework.test.web.servlet.MvcResult)7 Gw2AccountVerificationEntity (com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationEntity)6 ClientRegistration (com.gw2auth.oauth2.server.service.client.registration.ClientRegistration)6 ClientRegistrationCreation (com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationCreation)6 UUID (java.util.UUID)6 ClientAuthorizationEntity (com.gw2auth.oauth2.server.repository.client.authorization.ClientAuthorizationEntity)5 Gw2AccountVerificationChallengeEntity (com.gw2auth.oauth2.server.repository.verification.Gw2AccountVerificationChallengeEntity)5 JSONObject (org.json.JSONObject)5 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)4 AccountEntity (com.gw2auth.oauth2.server.repository.account.AccountEntity)4 ClientConsentEntity (com.gw2auth.oauth2.server.repository.client.consent.ClientConsentEntity)4 VerificationChallengeStart (com.gw2auth.oauth2.server.service.verification.VerificationChallengeStart)3 ApiTokenEntity (com.gw2auth.oauth2.server.repository.apitoken.ApiTokenEntity)2 ClientRegistrationEntity (com.gw2auth.oauth2.server.repository.client.registration.ClientRegistrationEntity)2 QueryParam (com.gw2auth.oauth2.server.util.QueryParam)2 Utils (com.gw2auth.oauth2.server.util.Utils)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 com.gw2auth.oauth2.server (com.gw2auth.oauth2.server)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial