use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class JwtTokenVerifierTest method validate.
@Test
void validate() {
final StrategyConfig strategyConfig = strategyConfig(false);
final JwtConfig jwtConfig = jwtConfig();
final JwtTokenVerifier jwtTokenVerifier = newVerifierInstance(strategyConfig);
final AccountBO account = RANDOM.nextObject(AccountBO.class);
final AuthResponseBO tokens = generateToken(jwtConfig, account, null);
final Either<Exception, DecodedJWT> validatedToken = jwtTokenVerifier.verify(tokens.getToken().toString());
assertThat(validatedToken.isRight()).isTrue();
verifyToken(validatedToken.get(), account.getId(), null, null, null);
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class JwtTokenVerifierTest method validateWithJti.
@Test
void validateWithJti() {
final StrategyConfig strategyConfig = strategyConfig(true);
final JwtConfig jwtConfig = jwtConfig();
final JwtTokenVerifier jwtTokenVerifier = newVerifierInstance(strategyConfig);
final String jti = UUID.randomUUID().toString();
Mockito.when(jtiProvider.next()).thenReturn(jti);
Mockito.when(jtiProvider.validate(jti)).thenReturn(true);
final AccountBO account = RANDOM.nextObject(AccountBO.class);
final AuthResponseBO tokens = generateToken(jwtConfig, account, jti);
final Either<Exception, DecodedJWT> validatedToken = jwtTokenVerifier.verify(tokens.getToken().toString());
assertThat(validatedToken.isRight()).isTrue();
verifyToken(validatedToken.get(), account.getId(), jti, null, null);
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchangeWithRestrictions.
@Test
void exchangeWithRestrictions() {
// data
final String accountId = "account";
final String refreshToken = "refresh_token";
final String restrictionPermission = "permission.read";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).tokenRestrictions(TokenRestrictionsDO.builder().permissions(Collections.singleton(restrictionPermission)).scopes(Collections.emptySet()).build()).build();
final AccountBO account = AccountBO.builder().id(accountId).build();
final AuthResponseBO newTokens = AuthResponseBO.builder().token("new_token").refreshToken("new_refresh_token").build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.of(account));
Mockito.when(accessTokenProvider.generateToken(account, TokenRestrictionsBO.builder().addPermissions(restrictionPermission).build())).thenReturn(newTokens);
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isRight()).isTrue();
assertThat(actual.right().get()).isEqualTo(newTokens);
Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class RefreshToAccessTokenTest method exchangeNoAccount.
@Test
void exchangeNoAccount() {
// data
final String accountId = "account";
final String refreshToken = "refresh_token";
final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).build();
// mock
Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.empty());
// do
final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
// assert
assertThat(actual.isLeft()).isTrue();
assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.
the class AuthRouteTest method authenticate.
@Test
void authenticate() {
final AuthRequestDTO requestDTO = randomObject(AuthRequestDTO.class);
final AuthRequestBO requestBO = restMapper.toBO(requestDTO);
final AuthResponseBO tokensBO = AuthResponseBO.builder().token("token").build();
final AuthResponseDTO tokensDTO = mapper().toDTO(tokensBO);
Mockito.when(authenticationService.authenticate(Mockito.eq(requestBO), Mockito.any())).thenReturn(Optional.of(tokensBO));
final ValidatableResponse httpResponse = given().body(requestDTO).post(url("authenticate")).then().statusCode(200).contentType(ContentType.JSON);
final AuthResponseDTO responseBody = httpResponse.extract().response().body().as(AuthResponseDTO.class);
assertThat(responseBody).isEqualTo(tokensDTO);
}
Aggregations