use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class AuthorizationCodeProviderTest method generateToken.
@Test
void generateToken() {
final AccountTokensRepository accountTokensRepository = Mockito.mock(AccountTokensRepository.class);
final AuthorizationCodeProvider authorizationCodeProvider = new AuthorizationCodeProvider(accountTokensRepository, new ServiceMapperImpl(), config());
final AccountBO account = AccountBO.builder().id("account-id").build();
final AuthResponseBO tokens = authorizationCodeProvider.generateToken(account);
assertThat(tokens.getType()).isEqualTo("authorizationCode");
assertThat(tokens.getToken()).isNotNull();
assertThat(tokens.getRefreshToken()).isNull();
final ArgumentCaptor<AccountTokenDO> argCaptor = ArgumentCaptor.forClass(AccountTokenDO.class);
Mockito.verify(accountTokensRepository, Mockito.times(1)).save(argCaptor.capture());
assertThat(argCaptor.getValue().getToken()).isEqualTo(tokens.getToken());
assertThat(argCaptor.getValue().getAssociatedAccountId()).isEqualTo(account.getId());
assertThat(argCaptor.getValue().getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
}
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class AuthorizationCodeVerifierTest method verifyAccountToken.
@Test
void verifyAccountToken() {
final AccountTokensRepository accountTokensRepository = Mockito.mock(AccountTokensRepository.class);
final AuthorizationCodeVerifier authorizationCodeVerifier = new AuthorizationCodeVerifier(accountTokensRepository);
final String accountId = "account-id";
final String authorizationCode = "authorization-code";
final AccountTokenDO accountToken = AccountTokenDO.builder().expiresAt(OffsetDateTime.now().plus(Duration.ofMinutes(5))).associatedAccountId(accountId).token(authorizationCode).build();
Mockito.when(accountTokensRepository.getByToken(authorizationCode)).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
assertThat(authorizationCodeVerifier.verifyAccountToken(authorizationCode)).contains(accountId);
}
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchangeWithRestrictions.
@Test
void exchangeWithRestrictions() {
// data
final String accountId = "account";
final String refreshToken = "refresh_token";
final String restrictionPermission = "permission.read";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).tokenRestrictions(TokenRestrictionsDO.builder().permissions(Collections.singleton(restrictionPermission)).scopes(Collections.emptySet()).build()).build();
final AccountBO account = AccountBO.builder().id(accountId).build();
final AuthResponseBO newTokens = AuthResponseBO.builder().token("new_token").refreshToken("new_refresh_token").build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.of(account));
Mockito.when(accessTokenProvider.generateToken(account, TokenRestrictionsBO.builder().addPermissions(restrictionPermission).build())).thenReturn(newTokens);
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isRight()).isTrue();
assertThat(actual.right().get()).isEqualTo(newTokens);
Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchangeNoAccount.
@Test
void exchangeNoAccount() {
// data
final String accountId = "account";
final String refreshToken = "refresh_token";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.empty());
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isLeft()).isTrue();
assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.
the class ActionTokenServiceImplTest method verifyToken.
@Test
void verifyToken() {
final AccountTokenDO accountToken = AccountTokenDO.builder().expiresAt(OffsetDateTime.now().plusMinutes(1)).additionalInformation(ImmutableMap.of("action", "something")).build();
Mockito.when(accountTokensRepository.getByToken("action-token")).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
final Try<ActionTokenBO> actual = actionTokenService.verifyToken("action-token", "something");
assertThat(actual.isSuccess());
}
Aggregations