Search in sources :

Example 21 with AuthResponseBO

use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.

the class JwtTokenVerifierTest method validate.

@Test
void validate() {
    final StrategyConfig strategyConfig = strategyConfig(false);
    final JwtConfig jwtConfig = jwtConfig();
    final JwtTokenVerifier jwtTokenVerifier = newVerifierInstance(strategyConfig);
    final AccountBO account = RANDOM.nextObject(AccountBO.class);
    final AuthResponseBO tokens = generateToken(jwtConfig, account, null);
    final Either<Exception, DecodedJWT> validatedToken = jwtTokenVerifier.verify(tokens.getToken().toString());
    assertThat(validatedToken.isRight()).isTrue();
    verifyToken(validatedToken.get(), account.getId(), null, null, null);
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) JwtConfig(com.nexblocks.authguard.service.config.JwtConfig) StrategyConfig(com.nexblocks.authguard.service.config.StrategyConfig) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Example 22 with AuthResponseBO

use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.

the class JwtTokenVerifierTest method validateWithJti.

@Test
void validateWithJti() {
    final StrategyConfig strategyConfig = strategyConfig(true);
    final JwtConfig jwtConfig = jwtConfig();
    final JwtTokenVerifier jwtTokenVerifier = newVerifierInstance(strategyConfig);
    final String jti = UUID.randomUUID().toString();
    Mockito.when(jtiProvider.next()).thenReturn(jti);
    Mockito.when(jtiProvider.validate(jti)).thenReturn(true);
    final AccountBO account = RANDOM.nextObject(AccountBO.class);
    final AuthResponseBO tokens = generateToken(jwtConfig, account, jti);
    final Either<Exception, DecodedJWT> validatedToken = jwtTokenVerifier.verify(tokens.getToken().toString());
    assertThat(validatedToken.isRight()).isTrue();
    verifyToken(validatedToken.get(), account.getId(), jti, null, null);
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) JwtConfig(com.nexblocks.authguard.service.config.JwtConfig) StrategyConfig(com.nexblocks.authguard.service.config.StrategyConfig) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Example 23 with AuthResponseBO

use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.

the class RefreshToAccessTokenTest method exchangeWithRestrictions.

@Test
void exchangeWithRestrictions() {
    // data
    final String accountId = "account";
    final String refreshToken = "refresh_token";
    final String restrictionPermission = "permission.read";
    final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
    final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).tokenRestrictions(TokenRestrictionsDO.builder().permissions(Collections.singleton(restrictionPermission)).scopes(Collections.emptySet()).build()).build();
    final AccountBO account = AccountBO.builder().id(accountId).build();
    final AuthResponseBO newTokens = AuthResponseBO.builder().token("new_token").refreshToken("new_refresh_token").build();
    // mock
    Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.of(account));
    Mockito.when(accessTokenProvider.generateToken(account, TokenRestrictionsBO.builder().addPermissions(restrictionPermission).build())).thenReturn(newTokens);
    // do
    final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
    // assert
    assertThat(actual.isRight()).isTrue();
    assertThat(actual.right().get()).isEqualTo(newTokens);
    Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Also used : AccountBO(com.nexblocks.authguard.service.model.AccountBO) AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Example 24 with AuthResponseBO

use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.

the class RefreshToAccessTokenTest method exchangeNoAccount.

@Test
void exchangeNoAccount() {
    // data
    final String accountId = "account";
    final String refreshToken = "refresh_token";
    final AuthRequestBO authRequest = AuthRequestBO.builder().token(refreshToken).build();
    final AccountTokenDO accountToken = AccountTokenDO.builder().token(refreshToken).associatedAccountId(accountId).expiresAt(OffsetDateTime.now().plusMinutes(1)).build();
    // mock
    Mockito.when(accountTokensRepository.getByToken(authRequest.getToken())).thenReturn(CompletableFuture.completedFuture(Optional.of(accountToken)));
    Mockito.when(accountsService.getById(accountId)).thenReturn(Optional.empty());
    // do
    final Either<Exception, AuthResponseBO> actual = refreshToAccessToken.exchange(authRequest);
    // assert
    assertThat(actual.isLeft()).isTrue();
    assertThat(actual.left().get()).isInstanceOf(ServiceAuthorizationException.class);
    Mockito.verify(accountTokensRepository).deleteToken(refreshToken);
}
Also used : AccountTokenDO(com.nexblocks.authguard.dal.model.AccountTokenDO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) Test(org.junit.jupiter.api.Test)

Example 25 with AuthResponseBO

use of com.nexblocks.authguard.service.model.AuthResponseBO in project AuthGuard by AuthGuard.

the class AuthRouteTest method authenticate.

@Test
void authenticate() {
    final AuthRequestDTO requestDTO = randomObject(AuthRequestDTO.class);
    final AuthRequestBO requestBO = restMapper.toBO(requestDTO);
    final AuthResponseBO tokensBO = AuthResponseBO.builder().token("token").build();
    final AuthResponseDTO tokensDTO = mapper().toDTO(tokensBO);
    Mockito.when(authenticationService.authenticate(Mockito.eq(requestBO), Mockito.any())).thenReturn(Optional.of(tokensBO));
    final ValidatableResponse httpResponse = given().body(requestDTO).post(url("authenticate")).then().statusCode(200).contentType(ContentType.JSON);
    final AuthResponseDTO responseBody = httpResponse.extract().response().body().as(AuthResponseDTO.class);
    assertThat(responseBody).isEqualTo(tokensDTO);
}
Also used : ValidatableResponse(io.restassured.response.ValidatableResponse) AuthResponseDTO(com.nexblocks.authguard.api.dto.entities.AuthResponseDTO) AuthResponseBO(com.nexblocks.authguard.service.model.AuthResponseBO) AuthRequestDTO(com.nexblocks.authguard.api.dto.requests.AuthRequestDTO) AuthRequestBO(com.nexblocks.authguard.service.model.AuthRequestBO) Test(org.junit.jupiter.api.Test)

Aggregations

AuthResponseBO (com.nexblocks.authguard.service.model.AuthResponseBO)29 Test (org.junit.jupiter.api.Test)24 AccountBO (com.nexblocks.authguard.service.model.AccountBO)15 AuthRequestBO (com.nexblocks.authguard.service.model.AuthRequestBO)11 ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)10 AccountTokenDO (com.nexblocks.authguard.dal.model.AccountTokenDO)7 RequestContextBO (com.nexblocks.authguard.service.model.RequestContextBO)5 OtpConfig (com.nexblocks.authguard.basic.config.OtpConfig)4 OneTimePasswordDO (com.nexblocks.authguard.dal.model.OneTimePasswordDO)4 JwtConfig (com.nexblocks.authguard.service.config.JwtConfig)4 StrategyConfig (com.nexblocks.authguard.service.config.StrategyConfig)4 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)3 AuthRequestDTO (com.nexblocks.authguard.api.dto.requests.AuthRequestDTO)3 AppBO (com.nexblocks.authguard.service.model.AppBO)2 AuthResponseDTO (com.nexblocks.authguard.api.dto.entities.AuthResponseDTO)1 Error (com.nexblocks.authguard.api.dto.entities.Error)1 PasswordlessRequestDTO (com.nexblocks.authguard.api.dto.requests.PasswordlessRequestDTO)1 AccountTokensRepository (com.nexblocks.authguard.dal.cache.AccountTokensRepository)1 ServiceMapperImpl (com.nexblocks.authguard.service.mappers.ServiceMapperImpl)1 AccountLockBO (com.nexblocks.authguard.service.model.AccountLockBO)1