use of com.hw.helper.Client in project mt-auth by publicdevop2019.
the class ClientTest method create_client_then_replace_it_with_same_client_info_only_password_is_empty_N_times_then_client_version_should_not_increase.
@Test
public void create_client_then_replace_it_with_same_client_info_only_password_is_empty_N_times_then_client_version_should_not_increase() {
ResponseEntity<DefaultOAuth2AccessToken> tokenResponse = UserUtility.login(ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
String bearer = tokenResponse.getBody().getValue();
Client oldClient = ClientUtility.getClientAsNonResource(CLIENT_ID_RESOURCE_ID);
oldClient.setClientSecret(" ");
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setBearerAuth(bearer);
HttpEntity<Client> request = new HttpEntity<>(oldClient, headers);
ResponseEntity<String> client1 = ClientUtility.createClient(oldClient);
String url = UrlUtility.getAccessUrl(CLIENTS + "/" + client1.getHeaders().getLocation().toString());
ResponseEntity<String> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.PUT, request, String.class);
ResponseEntity<String> exchange2 = TestContext.getRestTemplate().exchange(url, HttpMethod.PUT, request, String.class);
Assert.assertEquals(HttpStatus.OK, exchange.getStatusCode());
Assert.assertEquals(HttpStatus.OK, exchange2.getStatusCode());
ResponseEntity<Client> exchange1 = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request, Client.class);
Assert.assertEquals(HttpStatus.OK, exchange1.getStatusCode());
Assert.assertEquals(0, (int) exchange1.getBody().getVersion());
}
use of com.hw.helper.Client in project mt-auth by publicdevop2019.
the class ClientTest method delete_client.
@Test
public void delete_client() {
ResponseEntity<DefaultOAuth2AccessToken> tokenResponse = UserUtility.login(ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
String bearer = tokenResponse.getBody().getValue();
Client oldClient = ClientUtility.getClientAsNonResource(CLIENT_ID_RESOURCE_ID);
ResponseEntity<String> client1 = ClientUtility.createClient(oldClient);
String url = UrlUtility.getAccessUrl(CLIENTS + "/" + client1.getHeaders().getLocation().toString());
HttpHeaders headers = new HttpHeaders();
headers.setBearerAuth(bearer);
HttpEntity<String> request = new HttpEntity<>(null, headers);
ResponseEntity<String> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.DELETE, request, String.class);
Assert.assertEquals(HttpStatus.OK, exchange.getStatusCode());
ResponseEntity<DefaultOAuth2AccessToken> tokenResponse1 = OAuth2Utility.getOAuth2PasswordToken(client1.getHeaders().getLocation().toString(), oldClient.getClientSecret(), ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
Assert.assertEquals(HttpStatus.UNAUTHORIZED, tokenResponse1.getStatusCode());
}
use of com.hw.helper.Client in project mt-auth by publicdevop2019.
the class ClientTest method create_client_then_update_it_tobe_resource.
@SuppressWarnings("checkstyle:ParenPad")
@Test
public void create_client_then_update_it_tobe_resource() {
ResponseEntity<DefaultOAuth2AccessToken> tokenResponse = UserUtility.login(ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
Client oldClient = ClientUtility.getClientAsResource(CLIENT_ID_RESOURCE_ID);
oldClient.setResourceIndicator(true);
oldClient.setClientSecret(" ");
oldClient.setVersion(0);
HttpHeaders headers = new HttpHeaders();
String bearer = tokenResponse.getBody().getValue();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setBearerAuth(bearer);
HttpEntity<Client> request = new HttpEntity<>(oldClient, headers);
ResponseEntity<String> client1 = ClientUtility.createClient(oldClient);
String url = UrlUtility.getAccessUrl(CLIENTS + "/" + client1.getHeaders().getLocation().toString());
ResponseEntity<String> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.PUT, request, String.class);
Assert.assertEquals(HttpStatus.OK, exchange.getStatusCode());
String clientSecret = oldClient.getClientSecret();
ResponseEntity<DefaultOAuth2AccessToken> tokenResponse1 = OAuth2Utility.getOAuth2PasswordToken(client1.getHeaders().getLocation().toString(), clientSecret, ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
Assert.assertEquals(HttpStatus.OK, tokenResponse1.getStatusCode());
Assert.assertNotNull(tokenResponse1.getBody().getValue());
}
use of com.hw.helper.Client in project mt-auth by publicdevop2019.
the class ClientTest method create_resource_client_and_client_which_access_it_then_resource_client_is_not_accessible.
@Test
public void create_resource_client_and_client_which_access_it_then_resource_client_is_not_accessible() throws InterruptedException {
Client clientAsResource = ClientUtility.getClientAsResource();
ResponseEntity<String> client = ClientUtility.createClient(clientAsResource);
Assert.assertEquals(HttpStatus.OK, client.getStatusCode());
String resourceClientId = client.getHeaders().getLocation().toString();
Client clientAsNonResource = ClientUtility.getClientAsNonResource(resourceClientId, CLIENT_ID_OAUTH2_ID);
HashSet<GrantTypeEnum> enums = new HashSet<>();
enums.add(GrantTypeEnum.PASSWORD);
enums.add(GrantTypeEnum.REFRESH_TOKEN);
clientAsNonResource.setGrantTypeEnums(enums);
clientAsNonResource.setRefreshTokenValiditySeconds(120);
ResponseEntity<String> client1 = ClientUtility.createClient(clientAsNonResource);
Assert.assertEquals(HttpStatus.OK, client1.getStatusCode());
String clientId = client1.getHeaders().getLocation().toString();
String clientSecret = clientAsNonResource.getClientSecret();
// get jwt
ResponseEntity<DefaultOAuth2AccessToken> jwtPasswordWithClient = OAuth2Utility.getOAuth2PasswordToken(clientId, clientSecret, ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
Assert.assertEquals(HttpStatus.OK, jwtPasswordWithClient.getStatusCode());
// clientAsNonResource can access endpoint
String url = UrlUtility.getAccessUrl(USER_MNGMT);
HttpHeaders headers = new HttpHeaders();
headers.setBearerAuth(jwtPasswordWithClient.getBody().getValue());
HttpEntity<String> request = new HttpEntity<>(null, headers);
ResponseEntity<SumTotal<User>> exchange = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request, new ParameterizedTypeReference<>() {
});
Assert.assertEquals(HttpStatus.OK, exchange.getStatusCode());
// update resource client to remove access
clientAsResource.setResourceIndicator(false);
ResponseEntity<DefaultOAuth2AccessToken> tokenResponse = UserUtility.login(ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
String bearer = tokenResponse.getBody().getValue();
String url4 = UrlUtility.getAccessUrl(CLIENTS + "/" + resourceClientId);
HttpHeaders headers4 = new HttpHeaders();
headers4.setBearerAuth(bearer);
HttpEntity<Client> request4 = new HttpEntity<>(clientAsResource, headers4);
ResponseEntity<String> exchange1 = TestContext.getRestTemplate().exchange(url4, HttpMethod.PUT, request4, String.class);
Assert.assertEquals(HttpStatus.OK, exchange1.getStatusCode());
Thread.sleep(10000);
// clientAsNonResource can not access endpoint both access token
ResponseEntity<SumTotal<User>> exchange2 = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request, new ParameterizedTypeReference<>() {
});
Assert.assertEquals(HttpStatus.UNAUTHORIZED, exchange2.getStatusCode());
// even refresh token will not work
MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
params.add("grant_type", "refresh_token");
params.add("refresh_token", jwtPasswordWithClient.getBody().getRefreshToken().getValue());
HttpHeaders headers2 = new HttpHeaders();
headers2.setBasicAuth(clientId, clientSecret);
HttpEntity<MultiValueMap<String, String>> request2 = new HttpEntity<>(params, headers2);
ResponseEntity<DefaultOAuth2AccessToken> exchange4 = TestContext.getRestTemplate().exchange(PROXY_URL_TOKEN, HttpMethod.POST, request2, DefaultOAuth2AccessToken.class);
Assert.assertEquals(HttpStatus.UNAUTHORIZED, exchange4.getStatusCode());
// get new jwt
ResponseEntity<DefaultOAuth2AccessToken> jwtPasswordWithClient3 = OAuth2Utility.getOAuth2PasswordToken(clientId, clientSecret, ACCOUNT_USERNAME_ADMIN, ACCOUNT_PASSWORD_ADMIN);
Assert.assertEquals(HttpStatus.OK, jwtPasswordWithClient3.getStatusCode());
// clientAsNonResource can access endpoint again
HttpHeaders headers5 = new HttpHeaders();
headers5.setBearerAuth(jwtPasswordWithClient3.getBody().getValue());
HttpEntity<String> request5 = new HttpEntity<>(null, headers5);
ResponseEntity<SumTotal<User>> exchange5 = TestContext.getRestTemplate().exchange(url, HttpMethod.GET, request5, new ParameterizedTypeReference<>() {
});
Assert.assertEquals(HttpStatus.OK, exchange5.getStatusCode());
}
use of com.hw.helper.Client in project mt-auth by publicdevop2019.
the class ClientTest method only_client_w_first_party_n_backend_role_can_be_create_as_resource.
@Test
public void only_client_w_first_party_n_backend_role_can_be_create_as_resource() {
TestContext.init();
Client client = ClientUtility.getInvalidClientAsResource();
ResponseEntity<String> exchange = ClientUtility.createClient(client);
Assert.assertEquals(HttpStatus.BAD_REQUEST, exchange.getStatusCode());
}
Aggregations