Example 1 with AuthResponseBO
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class JwtTokenVerifierTest method validateWithAlgNone.
@Test
void validateWithAlgNone() {
final StrategyConfig strategyConfig = strategyConfig(false);
final JwtConfig jwtConfig = jwtConfig();
final JwtTokenVerifier jwtTokenVerifier = newVerifierInstance(strategyConfig);
final AccountBO account = RANDOM.nextObject(AccountBO.class);
final AuthResponseBO tokens = generateToken(jwtConfig, account, null);
final String payload = tokens.getToken().toString().split("\\.")[1];
final String maliciousToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9." + payload + ".signature";
assertThat(jwtTokenVerifier.verify(maliciousToken)).isEmpty();
}
Also used :
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
JwtConfig(com.nexblocks.authguard.service.config.JwtConfig)
StrategyConfig(com.nexblocks.authguard.service.config.StrategyConfig)
AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO)
Test(org.junit.jupiter.api.Test)
Example 2 with AuthResponseBO
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class JwtTokenVerifierTest method validateWithJtiBlacklisted.
@Test
void validateWithJtiBlacklisted() {
final StrategyConfig strategyConfig = strategyConfig(true);
final JwtConfig jwtConfig = jwtConfig();
final JwtTokenVerifier jwtTokenVerifier = newVerifierInstance(strategyConfig);
final String jti = UUID.randomUUID().toString();
Mockito.when(jtiProvider.next()).thenReturn(jti);
Mockito.when(jtiProvider.validate(jti)).thenReturn(false);
final AccountBO account = RANDOM.nextObject(AccountBO.class);
final AuthResponseBO tokens = generateToken(jwtConfig, account, jti);
final Either<Exception, DecodedJWT> validatedToken = jwtTokenVerifier.verify(tokens.getToken().toString());
assertThat(validatedToken.isLeft());
}
Also used :
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
JwtConfig(com.nexblocks.authguard.service.config.JwtConfig)
StrategyConfig(com.nexblocks.authguard.service.config.StrategyConfig)
AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)
Test(org.junit.jupiter.api.Test)
Example 3 with AuthResponseBO
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class AuthorizationCodeToOidcTest method exchangeWithRestrictions.
@Test
void exchangeWithRestrictions() {
final AuthRequestBO authRequest = AuthRequestBO.builder().token("auth code").build();
final AccountTokenDO accountToken = AccountTokenDO.builder().associatedAccountId("account").tokenRestrictions(TokenRestrictionsDO.builder().scopes(Collections.emptySet()).permissions(new HashSet<>(Arrays.asList("perm-1", "perm-2"))).build()).build();
final AccountBO account = AccountBO.builder().id("account").build();
final AuthResponseBO authResponse = AuthResponseBO.builder().token("OIDC").build();
Mockito.when(authorizationCodeVerifier.verifyAndGetAccountToken(authRequest.getToken())).thenReturn(Either.right(accountToken));
Mockito.when(accountsService.getById(accountToken.getAssociatedAccountId())).thenReturn(Optional.of(account));
Mockito.when(openIdConnectTokenProvider.generateToken(account, serviceMapper.toBO(accountToken.getTokenRestrictions()))).thenReturn(authResponse);
final Either<Exception, AuthResponseBO> actual = authorizationCodeToOidc.exchange(authRequest);
assertThat(actual.isRight());
assertThat(actual.get()).isEqualTo(authResponse);
}
Also used :
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO)
AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO)
HashSet(java.util.HashSet)
Test(org.junit.jupiter.api.Test)
Example 4 with AuthResponseBO
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class AuthorizationCodeToOidcTest method exchange.
@Test
void exchange() {
final AuthRequestBO authRequest = AuthRequestBO.builder().token("auth code").build();
final AccountTokenDO accountToken = AccountTokenDO.builder().associatedAccountId("account").build();
final AccountBO account = AccountBO.builder().id("account").build();
final AuthResponseBO authResponse = AuthResponseBO.builder().token("OIDC").build();
Mockito.when(authorizationCodeVerifier.verifyAndGetAccountToken(authRequest.getToken())).thenReturn(Either.right(accountToken));
Mockito.when(accountsService.getById(accountToken.getAssociatedAccountId())).thenReturn(Optional.of(account));
Mockito.when(openIdConnectTokenProvider.generateToken(account, (TokenRestrictionsBO) null)).thenReturn(authResponse);
final Either<Exception, AuthResponseBO> actual = authorizationCodeToOidc.exchange(authRequest);
assertThat(actual.isRight());
assertThat(actual.get()).isEqualTo(authResponse);
}
Also used :
AccountBO(com.nexblocks.authguard.service.model.AccountBO)
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO)
AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO)
Test(org.junit.jupiter.api.Test)
Example 5 with AuthResponseBO
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchangeExpiredToken.
@Test
void exchangeExpiredToken() {
// data
final String accountId = "account";
final String refreshToken = "refresh_token";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().minusMinutes(1)).build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isLeft()).isTrue();
assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Also used :
AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO)
AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO)
AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO)
ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)
Test(org.junit.jupiter.api.Test)
Aggregations
AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)29
Test (org.junit.jupiter.api.Test)24
AccountBO (com.nexblocks.authguard.service.model.AccountBO)15
AuthRequestBO (com.nexblocks.authguard.service.model.AuthRequestBO)11
ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)10
AccountTokenDO (com.nexblocks.authguard.dal.model.AccountTokenDO)7
RequestContextBO (com.nexblocks.authguard.service.model.RequestContextBO)5
OtpConfig (com.nexblocks.authguard.basic.config.OtpConfig)4
OneTimePasswordDO (com.nexblocks.authguard.dal.model.OneTimePasswordDO)4
JwtConfig (com.nexblocks.authguard.service.config.JwtConfig)4
StrategyConfig (com.nexblocks.authguard.service.config.StrategyConfig)4
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)3
AuthRequestDTO (com.nexblocks.authguard.api.dto.requests.AuthRequestDTO)3
AppBO (com.nexblocks.authguard.service.model.AppBO)2
AuthResponseDTO (com.nexblocks.authguard.api.dto.entities.AuthResponseDTO)1
Error (com.nexblocks.authguard.api.dto.entities.Error)1
PasswordlessRequestDTO (com.nexblocks.authguard.api.dto.requests.PasswordlessRequestDTO)1
AccountTokensRepository (com.nexblocks.authguard.dal.cache.AccountTokensRepository)1
ServiceMapperImpl (com.nexblocks.authguard.service.mappers.ServiceMapperImpl)1
AccountLockBO (com.nexblocks.authguard.service.model.AccountLockBO)1
