Examples with OAuthFederatedSource - ddf.catalog.source.OAuthFederatedSource

Example 6 with OAuthFederatedSource

use of ddf.catalog.source.OAuthFederatedSource in project ddf by codice.

the class OAuthPluginTest method testDifferentDiscoveryUrl.

@Test(expected = OAuthPluginException.class)
public void testDifferentDiscoveryUrl() throws Exception {
    OAuthFederatedSource source = oauthPlugin.oauthSource;
    Subject subject = getSubject();
    QueryRequest input = mock(QueryRequest.class);
    when(input.getProperties()).thenReturn(ImmutableMap.of(SECURITY_SUBJECT, subject));
    Map<String, Map<String, Object>> stateMap = mock(Map.class);
    String accessToken = getAccessTokenBuilder().sign(validAlgorithm);
    TokenInformation.TokenEntry tokenEntry = new TokenInformationImpl.TokenEntryImpl(accessToken, "refresh_token", "http://example.com");
    when(tokenStorage.read(SESSION, CSW_SOURCE)).thenReturn(tokenEntry);
    when(tokenStorage.getStateMap()).thenReturn(stateMap);
    try {
        oauthPlugin.process(source, input);
    } catch (OAuthPluginException e) {
        verify(tokenStorage, times(1)).delete(SESSION, CSW_SOURCE);
        verify(tokenStorage, times(1)).getStateMap();
        ArgumentCaptor<Map<String, Object>> captor = ArgumentCaptor.forClass(Map.class);
        verify(stateMap, times(1)).put(anyString(), captor.capture());
        assertUrl(e, captor.getValue());
        throw e;
    }
}

Also used : OAuthFederatedSource(ddf.catalog.source.OAuthFederatedSource) OAuthPluginException(ddf.catalog.plugin.OAuthPluginException) ArgumentCaptor(org.mockito.ArgumentCaptor) QueryRequest(ddf.catalog.operation.QueryRequest) TokenInformation(org.codice.ddf.security.token.storage.api.TokenInformation) JSONObject(net.minidev.json.JSONObject) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Map(java.util.Map) ImmutableMap(com.google.common.collect.ImmutableMap) Subject(ddf.security.Subject) Test(org.junit.Test)

Example 7 with OAuthFederatedSource

use of ddf.catalog.source.OAuthFederatedSource in project ddf by codice.

the class OAuthPluginTest method testNoStoredTokensButExistingUnderDifferentSource.

@Test(expected = OAuthPluginException.class)
public void testNoStoredTokensButExistingUnderDifferentSource() throws Exception {
    OAuthFederatedSource source = oauthPlugin.oauthSource;
    Subject subject = getSubject();
    QueryRequest input = mock(QueryRequest.class);
    when(input.getProperties()).thenReturn(ImmutableMap.of(SECURITY_SUBJECT, subject));
    String accessToken = getAccessTokenBuilder().withExpiresAt(new Date(Instant.now().plus(1, ChronoUnit.MINUTES).toEpochMilli())).sign(validAlgorithm);
    TokenInformation.TokenEntry tokenEntry = new TokenInformationImpl.TokenEntryImpl(accessToken, "myRefreshToken", METADATA_ENDPOINT);
    TokenInformation tokenInformation = mock(TokenInformation.class);
    when(tokenInformation.getDiscoveryUrls()).thenReturn(Collections.singleton(METADATA_ENDPOINT));
    when(tokenInformation.getTokenEntries()).thenReturn(Collections.singletonMap("OS", tokenEntry));
    when(tokenStorage.read(SESSION, SOURCE_ID)).thenReturn(null);
    when(tokenStorage.read(SESSION)).thenReturn(tokenInformation);
    try {
        oauthPlugin.process(source, input);
    } catch (OAuthPluginException e) {
        assertEquals(e.getSourceId(), CSW_SOURCE);
        assertEquals(e.getErrorType().getStatusCode(), 412);
        String url = e.getUrl();
        Map<String, String> urlParams = URLEncodedUtils.parse(new URI(url), StandardCharsets.UTF_8).stream().collect(Collectors.toMap(NameValuePair::getName, NameValuePair::getValue));
        assertEquals(urlParams.get(SOURCE_ID), CSW_SOURCE);
        assertEquals(urlParams.get(DISCOVERY_URL), METADATA_ENDPOINT);
        throw e;
    }
}

Also used : OAuthFederatedSource(ddf.catalog.source.OAuthFederatedSource) NameValuePair(org.apache.http.NameValuePair) OAuthPluginException(ddf.catalog.plugin.OAuthPluginException) QueryRequest(ddf.catalog.operation.QueryRequest) TokenInformation(org.codice.ddf.security.token.storage.api.TokenInformation) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Map(java.util.Map) ImmutableMap(com.google.common.collect.ImmutableMap) URI(java.net.URI) Subject(ddf.security.Subject) Date(java.util.Date) Test(org.junit.Test)

Example 8 with OAuthFederatedSource

use of ddf.catalog.source.OAuthFederatedSource in project ddf by codice.

the class OAuthPluginTest method testProcessExpiredAccessToken.

@Test
public void testProcessExpiredAccessToken() throws Exception {
    OAuthFederatedSource source = oauthPlugin.oauthSource;
    Subject subject = getSubject();
    QueryRequest input = mock(QueryRequest.class);
    when(input.getProperties()).thenReturn(ImmutableMap.of(SECURITY_SUBJECT, subject));
    String accessToken = getAccessTokenBuilder().withExpiresAt(new Date(Instant.now().minus(1, ChronoUnit.MINUTES).toEpochMilli())).sign(validAlgorithm);
    String refreshToken = getRefreshTokenBuilder().sign(validAlgorithm);
    TokenInformation.TokenEntry tokenEntry = new TokenInformationImpl.TokenEntryImpl(accessToken, refreshToken, METADATA_ENDPOINT);
    when(tokenStorage.read(SESSION, CSW_SOURCE)).thenReturn(tokenEntry);
    String validAccessToken = getAccessTokenBuilder().sign(validAlgorithm);
    Response response = mock(Response.class);
    when(response.getStatus()).thenReturn(200);
    when(response.getEntity()).thenReturn(getResponse(validAccessToken));
    when(oauthPlugin.webClient.form(any(Form.class))).thenReturn(response);
    QueryRequest output = oauthPlugin.process(source, input);
    assertEquals(input, output);
    verify(tokenStorage, times(1)).create(anyString(), anyString(), anyString(), anyString(), anyString());
}

Also used : OAuthFederatedSource(ddf.catalog.source.OAuthFederatedSource) Response(javax.ws.rs.core.Response) QueryRequest(ddf.catalog.operation.QueryRequest) Form(javax.ws.rs.core.Form) TokenInformation(org.codice.ddf.security.token.storage.api.TokenInformation) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Subject(ddf.security.Subject) Date(java.util.Date) Test(org.junit.Test)

Example 9 with OAuthFederatedSource

use of ddf.catalog.source.OAuthFederatedSource in project ddf by codice.

the class OAuthPluginTest method testInvalidRefreshedAccessToken.

@Test(expected = OAuthPluginException.class)
public void testInvalidRefreshedAccessToken() throws Exception {
    OAuthFederatedSource source = oauthPlugin.oauthSource;
    Subject subject = getSubject();
    QueryRequest input = mock(QueryRequest.class);
    when(input.getProperties()).thenReturn(ImmutableMap.of(SECURITY_SUBJECT, subject));
    String accessToken = getAccessTokenBuilder().withExpiresAt(new Date(Instant.now().minus(1, ChronoUnit.MINUTES).toEpochMilli())).sign(validAlgorithm);
    String refreshToken = getRefreshTokenBuilder().sign(validAlgorithm);
    Map<String, Map<String, Object>> stateMap = mock(Map.class);
    TokenInformation.TokenEntry tokenEntry = new TokenInformationImpl.TokenEntryImpl(accessToken, refreshToken, METADATA_ENDPOINT);
    when(tokenStorage.read(SESSION, CSW_SOURCE)).thenReturn(tokenEntry);
    when(tokenStorage.getStateMap()).thenReturn(stateMap);
    String invalidAccessToken = getAccessTokenBuilder().sign(invalidAlgorithm);
    Response response = mock(Response.class);
    when(response.getStatus()).thenReturn(200);
    when(response.getEntity()).thenReturn(getResponse(invalidAccessToken));
    when(oauthPlugin.webClient.form(any(Form.class))).thenReturn(response);
    try {
        oauthPlugin.process(source, input);
    } catch (OAuthPluginException e) {
        ArgumentCaptor<Map<String, Object>> captor = ArgumentCaptor.forClass(Map.class);
        verify(stateMap, times(1)).put(anyString(), captor.capture());
        verify(tokenStorage, times(0)).create(anyString(), anyString(), anyString(), anyString(), anyString());
        verify(tokenStorage, times(1)).getStateMap();
        assertUrl(e, captor.getValue());
        throw e;
    }
}

Also used : OAuthFederatedSource(ddf.catalog.source.OAuthFederatedSource) ArgumentCaptor(org.mockito.ArgumentCaptor) QueryRequest(ddf.catalog.operation.QueryRequest) Form(javax.ws.rs.core.Form) TokenInformation(org.codice.ddf.security.token.storage.api.TokenInformation) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Subject(ddf.security.Subject) Date(java.util.Date) Response(javax.ws.rs.core.Response) OAuthPluginException(ddf.catalog.plugin.OAuthPluginException) JSONObject(net.minidev.json.JSONObject) Map(java.util.Map) ImmutableMap(com.google.common.collect.ImmutableMap) Test(org.junit.Test)

Example 10 with OAuthFederatedSource

use of ddf.catalog.source.OAuthFederatedSource in project ddf by codice.

the class OAuthPluginTest method testInvalidRefreshError.

@Test(expected = OAuthPluginException.class)
public void testInvalidRefreshError() throws Exception {
    OAuthFederatedSource source = oauthPlugin.oauthSource;
    Subject subject = getSubject();
    QueryRequest input = mock(QueryRequest.class);
    when(input.getProperties()).thenReturn(ImmutableMap.of(SECURITY_SUBJECT, subject));
    String accessToken = getAccessTokenBuilder().withExpiresAt(new Date(Instant.now().minus(1, ChronoUnit.MINUTES).toEpochMilli())).sign(validAlgorithm);
    String refreshToken = getRefreshTokenBuilder().sign(validAlgorithm);
    Map<String, Map<String, Object>> stateMap = mock(Map.class);
    TokenInformation.TokenEntry tokenEntry = new TokenInformationImpl.TokenEntryImpl(accessToken, refreshToken, METADATA_ENDPOINT);
    when(tokenStorage.read(SESSION, CSW_SOURCE)).thenReturn(tokenEntry);
    when(tokenStorage.getStateMap()).thenReturn(stateMap);
    Response response = mock(Response.class);
    when(response.getStatus()).thenReturn(400);
    when(response.getEntity()).thenReturn(new ByteArrayInputStream("".getBytes()));
    when(oauthPlugin.webClient.form(any(Form.class))).thenReturn(response);
    try {
        oauthPlugin.process(source, input);
    } catch (OAuthPluginException e) {
        ArgumentCaptor<Map<String, Object>> captor = ArgumentCaptor.forClass(Map.class);
        verify(stateMap, times(1)).put(anyString(), captor.capture());
        verify(tokenStorage, times(1)).getStateMap();
        assertUrl(e, captor.getValue());
        throw e;
    }
}

Also used : OAuthFederatedSource(ddf.catalog.source.OAuthFederatedSource) ArgumentCaptor(org.mockito.ArgumentCaptor) QueryRequest(ddf.catalog.operation.QueryRequest) Form(javax.ws.rs.core.Form) TokenInformation(org.codice.ddf.security.token.storage.api.TokenInformation) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Subject(ddf.security.Subject) Date(java.util.Date) Response(javax.ws.rs.core.Response) OAuthPluginException(ddf.catalog.plugin.OAuthPluginException) ByteArrayInputStream(java.io.ByteArrayInputStream) JSONObject(net.minidev.json.JSONObject) Map(java.util.Map) ImmutableMap(com.google.common.collect.ImmutableMap) Test(org.junit.Test)

Aggregations

OAuthFederatedSource (ddf.catalog.source.OAuthFederatedSource)10 Subject (ddf.security.Subject)10 QueryRequest (ddf.catalog.operation.QueryRequest)9 TokenInformation (org.codice.ddf.security.token.storage.api.TokenInformation)9 OAuthPluginException (ddf.catalog.plugin.OAuthPluginException)7 Map (java.util.Map)7 Test (org.junit.Test)7 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)7 ImmutableMap (com.google.common.collect.ImmutableMap)5 Date (java.util.Date)5 ParseException (com.nimbusds.oauth2.sdk.ParseException)3 OIDCProviderMetadata (com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata)3 StopProcessingException (ddf.catalog.plugin.StopProcessingException)3 IOException (java.io.IOException)3 URL (java.net.URL)3 Form (javax.ws.rs.core.Form)3 Response (javax.ws.rs.core.Response)3 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)3 Session (org.apache.shiro.session.Session)3 TokenEntry (org.codice.ddf.security.token.storage.api.TokenInformation.TokenEntry)3