Examples with Client com.hw.helper.Client used on opensource projects

Search in sources :

Example 6 with Client

use of com.hw.helper.Client in project mt-auth by publicdevop2019.

the class RefreshTokenTest method refresh_token_should_work.

@Test
public void refresh_token_should_work() throws InterruptedException {
    // create client supports refresh token
    Client clientRaw = ClientUtility.getClientRaw();
    String clientSecret = clientRaw.getClientSecret();
    HashSet<GrantTypeEnum> enums = new HashSet<>();
    enums.add(GrantTypeEnum.PASSWORD);
    enums.add(GrantTypeEnum.REFRESH_TOKEN);
    clientRaw.setResourceIds(Collections.singleton(AppConstant.CLIENT_ID_OAUTH2_ID));
    clientRaw.setGrantTypeEnums(enums);
    clientRaw.setTypes(new HashSet<>(List.of(ClientType.BACKEND_APP)));
    clientRaw.setAccessTokenValiditySeconds(60);
    clientRaw.setRefreshTokenValiditySeconds(1000);
    ResponseEntity<String> client = ClientUtility.createClient(clientRaw);
    String clientId = client.getHeaders().getLocation().toString();
    Assert.assertEquals(HttpStatus.OK, client.getStatusCode());
    // get jwt
    ResponseEntity<DefaultOAuth2AccessToken> jwtPasswordWithClient = OAuth2Utility.getOAuth2PasswordToken(clientId, clientSecret, AppConstant.ACCOUNT_USERNAME_ADMIN, AppConstant.ACCOUNT_PASSWORD_ADMIN);
    Assert.assertEquals(HttpStatus.OK, jwtPasswordWithClient.getStatusCode());
    // access endpoint
    String url = UrlUtility.getAccessUrl(USER_MNGMT);
    HttpHeaders headers = new HttpHeaders();
    headers.setBearerAuth(jwtPasswordWithClient.getBody().getValue());
    HttpEntity<String> request = new HttpEntity<>(null, headers);
    ResponseEntity<SumTotal<User>> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request, new ParameterizedTypeReference<>() {
    });
    Assert.assertEquals(HttpStatus.OK, exchange.getStatusCode());
    // spring cloud gateway add 60S leeway
    Thread.sleep(60000 + 60000 + 2000);
    // access access token should expire
    ResponseEntity<SumTotal<User>> exchange2 = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request, new ParameterizedTypeReference<>() {
    });
    Assert.assertEquals(HttpStatus.UNAUTHORIZED, exchange2.getStatusCode());
    // get access token with refresh token
    MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
    params.add("grant_type", "refresh_token");
    params.add("scope", "not_used");
    params.add("refresh_token", jwtPasswordWithClient.getBody().getRefreshToken().getValue());
    HttpHeaders headers2 = new HttpHeaders();
    headers2.setBasicAuth(clientId, clientSecret);
    headers2.setContentType(MediaType.MULTIPART_FORM_DATA);
    HttpEntity<MultiValueMap<String, String>> request2 = new HttpEntity<>(params, headers2);
    ResponseEntity<DefaultOAuth2AccessToken> exchange1 = TestContext.getRestTemplate().exchange(PROXY_URL_TOKEN, HttpMethod.POST, request2, DefaultOAuth2AccessToken.class);
    Assert.assertEquals(HttpStatus.OK, exchange1.getStatusCode());
    // use new access token for api call
    HttpHeaders headers3 = new HttpHeaders();
    headers3.setBearerAuth(exchange1.getBody().getValue());
    HttpEntity<String> request3 = new HttpEntity<>(null, headers3);
    ResponseEntity<SumTotal<User>> exchange3 = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request3, new ParameterizedTypeReference<>() {
    });
    Assert.assertEquals(HttpStatus.OK, exchange3.getStatusCode());
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) SumTotal(com.hw.helper.SumTotal) GrantTypeEnum(com.hw.helper.GrantTypeEnum) Client(com.hw.helper.Client) MultiValueMap(org.springframework.util.MultiValueMap) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 7 with Client

use of com.hw.helper.Client in project mt-auth by publicdevop2019.

the class ClientApiSecurityTest method should_not_able_to_create_client_w_admin_account_when_going_through_proxy.

@Test
public void should_not_able_to_create_client_w_admin_account_when_going_through_proxy() throws JsonProcessingException {
    Client client = ClientUtility.getClientAsNonResource(AppConstant.CLIENT_ID_RESOURCE_ID);
    HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_JSON);
    headers.setBearerAuth(UserUtility.getJwtUser());
    String s = mapper.writeValueAsString(client);
    HttpEntity<String> request = new HttpEntity<>(s, headers);
    ResponseEntity<String> exchange = TestContext.getRestTemplate().exchange(CLIENT_MNGMT_URL, HttpMethod.POST, request, String.class);
    Assert.assertEquals(HttpStatus.FORBIDDEN, exchange.getStatusCode());
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) Client(com.hw.helper.Client) Test(org.junit.Test)

Example 8 with Client

use of com.hw.helper.Client in project mt-auth by publicdevop2019.

the class GatewayFilterTest method should_sanitize_response_json.

@Test
@Ignore
public void should_sanitize_response_json() {
    String url = UrlUtility.getAccessUrl(CLIENTS + "/" + AppConstant.CLIENT_ID_RIGHT_ROLE_NOT_SUFFICIENT_RESOURCE_ID);
    HttpHeaders headers = new HttpHeaders();
    headers.setBearerAuth(UserUtility.getJwtAdmin());
    HttpEntity<String> request = new HttpEntity<>(null, headers);
    ResponseEntity<Client> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request, Client.class);
    Assert.assertEquals("&lt;script&gt;test&lt;/script&gt;", exchange.getBody().getDescription());
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) Client(com.hw.helper.Client) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 9 with Client

use of com.hw.helper.Client in project mt-auth by publicdevop2019.

the class ClientIdempotentTest method create_client_then_update_w_same_changeId_two_times.

@Test
public void create_client_then_update_w_same_changeId_two_times() {
    ResponseEntity<DefaultOAuth2AccessToken> tokenResponse = UserUtility.login(AppConstant.ACCOUNT_USERNAME_ADMIN, AppConstant.ACCOUNT_PASSWORD_ADMIN);
    String bearer = tokenResponse.getBody().getValue();
    String s = UUID.randomUUID().toString();
    Client oldClient = ClientUtility.getClientAsResource(AppConstant.CLIENT_ID_RESOURCE_ID);
    ResponseEntity<String> client1 = ClientUtility.createClient(oldClient, s);
    Assert.assertEquals(HttpStatus.OK, client1.getStatusCode());
    oldClient.setAccessTokenValiditySeconds(120);
    HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_JSON);
    headers.setBearerAuth(bearer);
    String s2 = UUID.randomUUID().toString();
    headers.set("changeId", s2);
    headers.set("X-XSRF-TOKEN", "123");
    headers.add(HttpHeaders.COOKIE, "XSRF-TOKEN=123");
    String url = UrlUtility.getAccessUrl(CLIENTS + "/" + client1.getHeaders().getLocation().toString());
    oldClient.setVersion(0);
    HttpEntity<Client> request = new HttpEntity<>(oldClient, headers);
    ResponseEntity<String> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.PUT, request, String.class);
    Assert.assertEquals(HttpStatus.OK, exchange.getStatusCode());
    oldClient.setVersion(1);
    ResponseEntity<String> exchange2 = TestContext.getRestTemplate().exchange(url, HttpMethod.PUT, request, String.class);
    Assert.assertEquals(HttpStatus.OK, exchange2.getStatusCode());
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) Client(com.hw.helper.Client) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 10 with Client

use of com.hw.helper.Client in project mt-auth by publicdevop2019.

the class ClientIdempotentTest method create_client_then_delete_w_same_changeId_two_times.

@Test
public void create_client_then_delete_w_same_changeId_two_times() {
    ResponseEntity<DefaultOAuth2AccessToken> tokenResponse = UserUtility.login(AppConstant.ACCOUNT_USERNAME_ADMIN, AppConstant.ACCOUNT_PASSWORD_ADMIN);
    String bearer = tokenResponse.getBody().getValue();
    String s = UUID.randomUUID().toString();
    Client oldClient = ClientUtility.getClientAsResource(AppConstant.CLIENT_ID_RESOURCE_ID);
    ResponseEntity<String> client1 = ClientUtility.createClient(oldClient, s);
    Assert.assertEquals(HttpStatus.OK, client1.getStatusCode());
    oldClient.setAccessTokenValiditySeconds(120);
    String url = UrlUtility.getAccessUrl(CLIENTS + "/" + client1.getHeaders().getLocation().toString());
    HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_JSON);
    headers.setBearerAuth(bearer);
    String s2 = UUID.randomUUID().toString();
    headers.set("changeId", s2);
    headers.set("X-XSRF-TOKEN", "123");
    headers.add(HttpHeaders.COOKIE, "XSRF-TOKEN=123");
    HttpEntity<Client> request = new HttpEntity<>(oldClient, headers);
    ResponseEntity<String> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.DELETE, request, String.class);
    Assert.assertEquals(HttpStatus.OK, exchange.getStatusCode());
    ResponseEntity<String> exchange2 = TestContext.getRestTemplate().exchange(url, HttpMethod.DELETE, request, String.class);
    Assert.assertEquals(HttpStatus.OK, exchange2.getStatusCode());
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) Client(com.hw.helper.Client) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

Client (com.hw.helper.Client)36 Test (org.junit.Test)30 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)23 HttpEntity (org.springframework.http.HttpEntity)18 HttpHeaders (org.springframework.http.HttpHeaders)18 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)12 HashSet (java.util.HashSet)7 ArrayList (java.util.ArrayList)6 GrantTypeEnum (com.hw.helper.GrantTypeEnum)4 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)4 MultiValueMap (org.springframework.util.MultiValueMap)4 ClientType (com.hw.helper.ClientType)3 SumTotal (com.hw.helper.SumTotal)3 AtomicReference (java.util.concurrent.atomic.AtomicReference)3 ResponseEntity (org.springframework.http.ResponseEntity)3 IOException (java.io.IOException)1 Base64 (java.util.Base64)1 Map (java.util.Map)1 Ignore (org.junit.Ignore)1 OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial