use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithAccessTokenValid.
@Test
void testProxyWithAccessTokenValid() {
val expiration = now().plus(10, ChronoUnit.SECONDS).getEpochSecond();
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_access_token", expiration);
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isOk().expectBody().json(content.toJSONString());
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithRefreshTokenValidAndAccessWithoutExpiration.
@Test
void testProxyWithRefreshTokenValidAndAccessWithoutExpiration() throws ExecutionException, InterruptedException {
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_an_expired_access_token");
val expirationRefresh = now().plus(10, ChronoUnit.SECONDS).getEpochSecond();
createSecret("fence_gen3_refresh", userIdAndToken.getUserId(), "this_is_refresh_token", expirationRefresh);
JSONObject refreshContent = new JSONObject();
refreshContent.put("access_token", "this_is_a_fresh_access_token");
refreshContent.put("refresh_token", "this_is_a_fresh_refresh_token");
refreshContent.put("token_type", "BEARER");
refreshContent.put("expires_in", 1200);
gen3VM.stubFor(post("/").willReturn(ok(refreshContent.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isOk().expectBody().json(content.toJSONString());
// Verify than access token has been refreshed
val accessSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_access", null, null)).get();
assertThat(accessSecret).isNotNull();
assertThat(accessSecret.getSecret()).isEqualTo("encrypted_this_is_a_fresh_access_token");
assertThat(accessSecret.notExpired()).isTrue();
// Verify than refresh token has been refreshed, except for expiration date
val refreshSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_refresh", null, null)).get();
assertThat(refreshSecret).isNotNull();
assertThat(refreshSecret.getSecret()).isEqualTo("encrypted_this_is_a_fresh_refresh_token");
assertThat(refreshSecret.getExpiration()).isEqualTo(expirationRefresh);
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithoutAccessToken.
@Test
void testProxyWithoutAccessToken() {
val userIdAndToken = createUserAndSecretAndObtainAccessToken("OTHER", "this_is_access_token");
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isUnauthorized();
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithBothTokenAndRefreshValid.
@Test
void testProxyWithBothTokenAndRefreshValid() throws ExecutionException, InterruptedException {
val expirationAccess = now().minus(10, ChronoUnit.SECONDS).getEpochSecond();
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_an_expired_access_token", expirationAccess);
val expirationRefresh = now().plus(10, ChronoUnit.SECONDS).getEpochSecond();
createSecret("fence_gen3_refresh", userIdAndToken.getUserId(), "this_is_refresh_token", expirationRefresh);
JSONObject refreshContent = new JSONObject();
refreshContent.put("access_token", "this_is_a_fresh_access_token");
refreshContent.put("refresh_token", "this_is_a_fresh_refresh_token");
refreshContent.put("token_type", "BEARER");
refreshContent.put("expires_in", 1200);
gen3VM.stubFor(post("/").willReturn(ok(refreshContent.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isOk().expectBody().json(content.toJSONString());
// Verify than access token has been refreshed
val accessSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_access", null, null)).get();
assertThat(accessSecret).isNotNull();
assertThat(accessSecret.getSecret()).isEqualTo("encrypted_this_is_a_fresh_access_token");
assertThat(accessSecret.notExpired()).isTrue();
// Verify than refresh token has been refreshed, except for expiration date
val refreshSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_refresh", null, null)).get();
assertThat(refreshSecret).isNotNull();
assertThat(refreshSecret.getSecret()).isEqualTo("encrypted_this_is_a_fresh_refresh_token");
assertThat(refreshSecret.getExpiration()).isEqualTo(expirationRefresh);
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithAccessTokenExpired.
@Test
void testProxyWithAccessTokenExpired() {
val expiration = now().minus(10, ChronoUnit.SECONDS).getEpochSecond();
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_access_token", expiration);
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isUnauthorized();
}
Aggregations