Search in sources :

Example 26 with AccountTokenDO

use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.

the class AuthorizationCodeProviderTest method generateToken.

@Test
void generateToken() {
    final AccountTokensRepository accountTokensRepository = Mockito.mock(AccountTokensRepository.class);
    final AuthorizationCodeProvider authorizationCodeProvider = new AuthorizationCodeProvider(accountTokensRepository, new ServiceMapperImpl(), config());
    final AccountBO account = AccountBO.builder().id("account-id").build();
    final AuthResponseBO tokens = authorizationCodeProvider.generateToken(account);
    assertThat(tokens.getType()).isEqualTo("authorizationCode");
    assertThat(tokens.getToken()).isNotNull();
    assertThat(tokens.getRefreshToken()).isNull();
    final ArgumentCaptor<AccountTokenDO> argCaptor = ArgumentCaptor.forClass(AccountTokenDO.class);
    Mockito.verify(accountTokensRepository, Mockito.times(1)).save(argCaptor.capture());
    assertThat(argCaptor.getValue().getToken()).isEqualTo(tokens.getToken());
    assertThat(argCaptor.getValue().getAssociatedAccountId()).isEqualTo(account.getId());
    assertThat(argCaptor.getValue().getExpiresAt()).isAfter(OffsetDateTime.now()).isBefore(OffsetDateTime.now().plus(Duration.ofMinutes(6)));
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) AccountTokensRepository(com.nexblocks.authguard.dal.cache.AccountTokensRepository) ServiceMapperImpl(com.nexblocks.authguard.service.mappers.ServiceMapperImpl) AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) Test(org.junit.jupiter.api.Test)

Example 27 with AccountTokenDO

use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.

the class AuthorizationCodeVerifierTest method verifyAccountToken.

@Test
void verifyAccountToken() {
    final AccountTokensRepository accountTokensRepository = Mockito.mock(AccountTokensRepository.class);
    final AuthorizationCodeVerifier authorizationCodeVerifier = new AuthorizationCodeVerifier(accountTokensRepository);
    final String accountId = "account-id";
    final String authorizationCode = "authorization-code";
    final AccountTokenDO accountToken = AccountTokenDO.builder().expiresAt(OffsetDateTime.now().plus(Duration.ofMinutes(5))).associatedAccountId(accountId).token(authorizationCode).build();
    Mockito.when(accountTokensRepository.getByToken(authorizationCode)).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    assertThat(authorizationCodeVerifier.verifyAccountToken(authorizationCode)).contains(accountId);
}
Also used : AccountTokensRepository(com.nexblocks.authguard.dal.cache.AccountTokensRepository) AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) Test(org.junit.jupiter.api.Test)

Example 28 with AccountTokenDO

use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.

the class RefreshToAccessTokenTest method exchangeWithRestrictions.

@Test
void exchangeWithRestrictions() {
    // data
    final String accountId = "account";
    final String refreshToken = "refresh_token";
    final String restrictionPermission = "permission.read";
    final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
    final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).tokenRestrictions(TokenRestrictionsDO.builder().permissions(Collections.singleton(restrictionPermission)).scopes(Collections.emptySet()).build()).build();
    final AccountBO account = AccountBO.builder().id(accountId).build();
    final AuthResponseBO newTokens = AuthResponseBO.builder().token("new_token").refreshToken("new_refresh_token").build();
    // mock
    Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.of(account));
    Mockito.when(accessTokenProvider.generateToken(account, TokenRestrictionsBO.builder().addPermissions(restrictionPermission).build())).thenReturn(newTokens);
    // do
    final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
    // assert
    assertThat(actual.isRight()).isTrue();
    assertThat(actual.right().get()).isEqualTo(newTokens);
    Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Example 29 with AccountTokenDO

use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.

the class RefreshToAccessTokenTest method exchangeNoAccount.

@Test
void exchangeNoAccount() {
    // data
    final String accountId = "account";
    final String refreshToken = "refresh_token";
    final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
    final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).build();
    // mock
    Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.empty());
    // do
    final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
    // assert
    assertThat(actual.isLeft()).isTrue();
    assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
    Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Also used : AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Example 30 with AccountTokenDO

use of com.nexblocks.authguard.dal.model.AccountTokenDO in project AuthGuard by AuthGuard.

the class ActionTokenServiceImplTest method verifyToken.

@Test
void verifyToken() {
    final AccountTokenDO accountToken = AccountTokenDO.builder().expiresAt(OffsetDateTime.now().plusMinutes(1)).additionalInformation(ImmutableMap.of("action", "something")).build();
    Mockito.when(accountTokensRepository.getByToken("action-token")).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    final Try<ActionTokenBO> actual = actionTokenService.verifyToken("action-token", "something");
    assertThat(actual.isSuccess());
}
Also used : AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) ActionTokenBO(com.nexblocks.authguard.service.model.ActionTokenBO) Test(org.junit.jupiter.api.Test)

Aggregations

AccountTokenDO (com.nexblocks.authguard.dal.model.AccountTokenDO)36 Test (org.junit.jupiter.api.Test)22 AccountBO (com.nexblocks.authguard.service.model.AccountBO)21 Message (com.nexblocks.authguard.emb.model.Message)9 PasswordlessMessageBody (com.nexblocks.authguard.basic.passwordless.PasswordlessMessageBody)8 ServiceException (com.nexblocks.authguard.service.exceptions.ServiceException)8 AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)7 AccountTokensRepository (com.nexblocks.authguard.dal.cache.AccountTokensRepository)6 AuthRequestBO (com.nexblocks.authguard.service.model.AuthRequestBO)6 ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)5 ResetTokenMessage (com.nexblocks.authguard.service.messaging.ResetTokenMessage)5 OffsetDateTime (java.time.OffsetDateTime)5 ImmutableEmail (com.nexblocks.authguard.external.email.ImmutableEmail)4 ImmutableTextMessage (com.nexblocks.authguard.external.sms.ImmutableTextMessage)3 ServiceNotFoundException (com.nexblocks.authguard.service.exceptions.ServiceNotFoundException)3 ActionTokenBO (com.nexblocks.authguard.service.model.ActionTokenBO)3 Optional (java.util.Optional)3 Inject (com.google.inject.Inject)2 AccountsService (com.nexblocks.authguard.service.AccountsService)2 ErrorCode (com.nexblocks.authguard.service.exceptions.codes.ErrorCode)2