use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.
the class AuthorizationCodeToOidcTest method exchangeWithRestrictions.
@Test
void exchangeWithRestrictions() {
final AuthRequestBO authRequest = AuthRequestBO.builder().token("auth code").build();
final AccountTokenDO accountToken = AccountTokenDO.builder().associatedAccountId("account").tokenRestrictions(TokenRestrictionsDO.builder().scopes(Collections.emptySet()).permissions(new HashSet<>(Arrays.asList("perm-1", "perm-2"))).build()).build();
final AccountBO account = AccountBO.builder().id("account").build();
final AuthResponseBO authResponse = AuthResponseBO.builder().token("OIDC").build();
Mockito.when(authorizationCodeVerifier.verifyAndGetAccountToken(authRequest.getToken())).thenReturn(Either.right(accountToken));
Mockito.when(accountsService.getById(accountToken.getAssociatedAccountId())).thenReturn(Optional.of(account));
Mockito.when(openIdConnectTokenProvider.generateToken(account, serviceMapper.toBO(accountToken.getTokenRestrictions()))).thenReturn(authResponse);
final Either<Exception, AuthResponseBO> actual = authorizationCodeToOidc.exchange(authRequest);
assertThat(actual.isRight());
assertThat(actual.get()).isEqualTo(authResponse);
}
use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.
the class AuthorizationCodeToOidcTest method exchange.
@Test
void exchange() {
final AuthRequestBO authRequest = AuthRequestBO.builder().token("auth code").build();
final AccountTokenDO accountToken = AccountTokenDO.builder().associatedAccountId("account").build();
final AccountBO account = AccountBO.builder().id("account").build();
final AuthResponseBO authResponse = AuthResponseBO.builder().token("OIDC").build();
Mockito.when(authorizationCodeVerifier.verifyAndGetAccountToken(authRequest.getToken())).thenReturn(Either.right(accountToken));
Mockito.when(accountsService.getById(accountToken.getAssociatedAccountId())).thenReturn(Optional.of(account));
Mockito.when(openIdConnectTokenProvider.generateToken(account, (TokenRestrictionsBO) null)).thenReturn(authResponse);
final Either<Exception, AuthResponseBO> actual = authorizationCodeToOidc.exchange(authRequest);
assertThat(actual.isRight());
assertThat(actual.get()).isEqualTo(authResponse);
}
use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchangeExpiredToken.
@Test
void exchangeExpiredToken() {
// data
final String accountId = "account";
final String refreshToken = "refresh_token";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().minusMinutes(1)).build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isLeft()).isTrue();
assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchangeInvalidToken.
@Test
void exchangeInvalidToken() {
// data
final String refreshToken = "refresh_token";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.empty()));
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isLeft()).isTrue();
assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
}
use of com.nexblocks.authguard.service.model.AuthRequestBO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchange.
@Test
void exchange() {
// data
final String accountId = "account";
final String refreshToken = "refresh_token";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).build();
final AccountBO account = AccountBO.builder().id(accountId).build();
final AuthResponseBO newTokens = AuthResponseBO.builder().token("new_token").refreshToken("new_refresh_token").build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.of(account));
Mockito.when(accessTokenProvider.generateToken(account, (TokenRestrictionsBO) null)).thenReturn(newTokens);
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isRight()).isTrue();
assertThat(actual.right().get()).isEqualTo(newTokens);
Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Aggregations