Examples with JWT io.gravitee.am.common.jwt.JWT used on opensource projects

Search in sources :

Example 16 with JWT

use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.

the class TokenServiceTest method shouldNotRefresh_notTheSameClient.

@Test
public void shouldNotRefresh_notTheSameClient() {
    String clientId = "client-id";
    TokenRequest tokenRequest = new TokenRequest();
    tokenRequest.setClientId("wrong-client-id");
    String token = "refresh-token";
    RefreshToken refreshToken = new RefreshToken();
    refreshToken.setId(token);
    refreshToken.setToken(token);
    refreshToken.setExpireAt(new Date(System.currentTimeMillis() + 10000));
    Client client = new Client();
    client.setClientId(clientId);
    JWT jwt = new JWT();
    jwt.setJti(token);
    jwt.setAud(clientId);
    jwt.setExp(refreshToken.getExpireAt().getTime() / 1000l);
    when(jwtService.decodeAndVerify(any(), any(Client.class))).thenReturn(Single.just(jwt));
    when(refreshTokenRepository.findByToken(any())).thenReturn(Maybe.just(refreshToken));
    TestObserver<Token> testObserver = tokenService.refresh(refreshToken.getToken(), tokenRequest, client).test();
    testObserver.assertNotComplete();
    testObserver.assertError(InvalidGrantException.class);
    verify(refreshTokenRepository, times(1)).findByToken(any());
    verify(refreshTokenRepository, never()).delete(anyString());
    verify(accessTokenRepository, never()).create(any());
}
Also used : RefreshToken(io.gravitee.am.repository.oauth2.model.RefreshToken) JWT(io.gravitee.am.common.jwt.JWT) TokenRequest(io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequest) RefreshToken(io.gravitee.am.repository.oauth2.model.RefreshToken) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Client(io.gravitee.am.model.oidc.Client) Date(java.util.Date) Test(org.junit.Test)

Example 17 with JWT

use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.

the class TokenServiceTest method shouldNotRefresh_refreshNotFound.

@Test
public void shouldNotRefresh_refreshNotFound() {
    String clientId = "client-id";
    TokenRequest tokenRequest = new TokenRequest();
    tokenRequest.setClientId(clientId);
    String token = "refresh-token";
    RefreshToken refreshToken = new RefreshToken();
    refreshToken.setId(token);
    refreshToken.setToken(token);
    refreshToken.setExpireAt(new Date(System.currentTimeMillis() + 10000));
    Client client = new Client();
    client.setClientId(clientId);
    JWT jwt = new JWT();
    jwt.setJti(token);
    jwt.setAud(clientId);
    jwt.setExp(refreshToken.getExpireAt().getTime() / 1000l);
    when(jwtService.decodeAndVerify(eq("encoded"), any(Client.class))).thenReturn(Single.just(jwt));
    when(refreshTokenRepository.findByToken(any())).thenReturn(Maybe.empty());
    TestObserver<Token> testObserver = tokenService.refresh("encoded", tokenRequest, client).test();
    testObserver.assertNotComplete();
    testObserver.assertError(InvalidGrantException.class);
    verify(refreshTokenRepository, times(1)).findByToken(any());
    verify(refreshTokenRepository, never()).delete(anyString());
    verify(accessTokenRepository, never()).create(any());
}
Also used : RefreshToken(io.gravitee.am.repository.oauth2.model.RefreshToken) JWT(io.gravitee.am.common.jwt.JWT) TokenRequest(io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequest) RefreshToken(io.gravitee.am.repository.oauth2.model.RefreshToken) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Client(io.gravitee.am.model.oidc.Client) Date(java.util.Date) Test(org.junit.Test)

Example 18 with JWT

use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.

the class UserInfoEndpointHandlerTest method shouldNotInvokeUserEndpoint_unknownToken.

@Test
public void shouldNotInvokeUserEndpoint_unknownToken() throws Exception {
    JWT jwt = new JWT();
    jwt.setAud("client-id");
    router.route().order(-1).handler(createOAuth2AuthHandler(oAuth2AuthProvider(new InvalidTokenException())));
    testRequest(HttpMethod.GET, "/userinfo", req -> req.putHeader(HttpHeaders.AUTHORIZATION, "Bearer test-token"), HttpStatusCode.UNAUTHORIZED_401, "Unauthorized", null);
}
Also used : InvalidTokenException(io.gravitee.am.common.exception.oauth2.InvalidTokenException) JWT(io.gravitee.am.common.jwt.JWT) Test(org.junit.Test)

Example 19 with JWT

use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.

the class UserInfoEndpointHandlerTest method shouldInvokeUserEndpoint_scopesRequest_roles_groups_full_profile.

@Test
public void shouldInvokeUserEndpoint_scopesRequest_roles_groups_full_profile() throws Exception {
    JWT jwt = new JWT();
    jwt.setJti("id-token");
    jwt.setAud("client-id");
    jwt.setSub("id-subject");
    jwt.setScope("openid full_profile roles groups");
    Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    Role role1 = new Role();
    role1.setId("role1");
    role1.setName("role-1");
    Role role2 = new Role();
    role2.setId("role2");
    role2.setName("role-2");
    router.route().order(-1).handler(createOAuth2AuthHandler(oAuth2AuthProvider(jwt, client)));
    User user = createUser();
    user.setRolesPermissions(new HashSet<>(Arrays.asList(role1, role2)));
    user.setGroups(Arrays.asList("group-1", "group-2"));
    when(userService.findById(anyString())).thenReturn(Maybe.just(user));
    when(userService.enhance(user)).thenReturn(Single.just(user));
    testRequest(HttpMethod.GET, "/userinfo", req -> req.putHeader(HttpHeaders.AUTHORIZATION, "Bearer test-token"), resp -> resp.bodyHandler(body -> {
        final Map<String, Object> claims = Json.decodeValue(body.toString(), Map.class);
        assertNotNull(claims);
        assertEquals(23, claims.size());
        assertTrue(claims.containsKey(CustomClaims.ROLES));
        assertTrue(((List) claims.get(CustomClaims.ROLES)).containsAll(Arrays.asList("role-1", "role-2")));
        assertTrue(claims.containsKey(CustomClaims.GROUPS));
        assertTrue(((List) claims.get(CustomClaims.GROUPS)).containsAll(Arrays.asList("group-1", "group-2")));
        assertTrue(claims.containsKey("custom-claim"));
        assertTrue("gravitee".equals(claims.get("custom-claim")));
        assertTrue("user-id".equals(claims.get("sub")));
    }), HttpStatusCode.OK_200, "OK", null);
}
Also used : Role(io.gravitee.am.model.Role) Json(io.vertx.core.json.Json) java.util(java.util) HttpHeaders(io.gravitee.common.http.HttpHeaders) Client(io.gravitee.am.model.oidc.Client) Mock(org.mockito.Mock) Role(io.gravitee.am.model.Role) UserService(io.gravitee.am.service.UserService) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) InvalidTokenException(io.gravitee.am.common.exception.oauth2.InvalidTokenException) Single(io.reactivex.Single) Matchers.anyString(org.mockito.Matchers.anyString) HttpStatusCode(io.gravitee.common.http.HttpStatusCode) JWTService(io.gravitee.am.gateway.handler.common.jwt.JWTService) ExceptionHandler(io.gravitee.am.gateway.handler.oauth2.resources.handler.ExceptionHandler) RxWebTestBase(io.gravitee.am.gateway.handler.common.vertx.RxWebTestBase) AsyncResult(io.vertx.core.AsyncResult) OAuth2AuthHandler(io.gravitee.am.gateway.handler.common.vertx.web.auth.handler.OAuth2AuthHandler) User(io.gravitee.am.model.User) ServerErrorException(io.gravitee.am.gateway.handler.oauth2.exception.ServerErrorException) InjectMocks(org.mockito.InjectMocks) StandardClaims(io.gravitee.am.common.oidc.StandardClaims) OAuth2AuthResponse(io.gravitee.am.gateway.handler.common.vertx.web.auth.handler.OAuth2AuthResponse) JWT(io.gravitee.am.common.jwt.JWT) JWEService(io.gravitee.am.gateway.handler.oidc.service.jwe.JWEService) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Scope(io.gravitee.am.common.oidc.Scope) Future(io.vertx.core.Future) InvalidClientException(io.gravitee.am.gateway.handler.oauth2.exception.InvalidClientException) BodyHandler(io.vertx.reactivex.ext.web.handler.BodyHandler) Matchers.any(org.mockito.Matchers.any) MediaType(io.gravitee.common.http.MediaType) HttpMethod(io.vertx.core.http.HttpMethod) CustomClaims(io.gravitee.am.common.oidc.CustomClaims) OAuth2AuthProvider(io.gravitee.am.gateway.handler.common.vertx.web.auth.provider.OAuth2AuthProvider) Handler(io.vertx.core.Handler) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) OpenIDDiscoveryService(io.gravitee.am.gateway.handler.oidc.service.discovery.OpenIDDiscoveryService) Buffer(io.vertx.reactivex.core.buffer.Buffer) User(io.gravitee.am.model.User) JWT(io.gravitee.am.common.jwt.JWT) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 20 with JWT

use of io.gravitee.am.common.jwt.JWT in project gravitee-access-management by gravitee-io.

the class UserInfoEndpointHandlerTest method shouldInvokeUserEndpoint_scopesRequest_email.

@Test
public void shouldInvokeUserEndpoint_scopesRequest_email() throws Exception {
    JWT jwt = new JWT();
    jwt.setJti("id-token");
    jwt.setAud("client-id");
    jwt.setSub("id-subject");
    jwt.setScope("openid email");
    Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    router.route().order(-1).handler(createOAuth2AuthHandler(oAuth2AuthProvider(jwt, client)));
    User user = createUser();
    when(userService.findById(anyString())).thenReturn(Maybe.just(user));
    testRequest(HttpMethod.GET, "/userinfo", req -> req.putHeader(HttpHeaders.AUTHORIZATION, "Bearer test-token"), resp -> resp.bodyHandler(body -> {
        final Map<String, Object> claims = Json.decodeValue(body.toString(), Map.class);
        assertNotNull(claims);
        assertEquals(3, claims.size());
        assertTrue(claims.containsKey(StandardClaims.EMAIL));
        assertTrue(claims.containsKey(StandardClaims.EMAIL_VERIFIED));
    }), HttpStatusCode.OK_200, "OK", null);
}
Also used : Json(io.vertx.core.json.Json) java.util(java.util) HttpHeaders(io.gravitee.common.http.HttpHeaders) Client(io.gravitee.am.model.oidc.Client) Mock(org.mockito.Mock) Role(io.gravitee.am.model.Role) UserService(io.gravitee.am.service.UserService) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) InvalidTokenException(io.gravitee.am.common.exception.oauth2.InvalidTokenException) Single(io.reactivex.Single) Matchers.anyString(org.mockito.Matchers.anyString) HttpStatusCode(io.gravitee.common.http.HttpStatusCode) JWTService(io.gravitee.am.gateway.handler.common.jwt.JWTService) ExceptionHandler(io.gravitee.am.gateway.handler.oauth2.resources.handler.ExceptionHandler) RxWebTestBase(io.gravitee.am.gateway.handler.common.vertx.RxWebTestBase) AsyncResult(io.vertx.core.AsyncResult) OAuth2AuthHandler(io.gravitee.am.gateway.handler.common.vertx.web.auth.handler.OAuth2AuthHandler) User(io.gravitee.am.model.User) ServerErrorException(io.gravitee.am.gateway.handler.oauth2.exception.ServerErrorException) InjectMocks(org.mockito.InjectMocks) StandardClaims(io.gravitee.am.common.oidc.StandardClaims) OAuth2AuthResponse(io.gravitee.am.gateway.handler.common.vertx.web.auth.handler.OAuth2AuthResponse) JWT(io.gravitee.am.common.jwt.JWT) JWEService(io.gravitee.am.gateway.handler.oidc.service.jwe.JWEService) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Scope(io.gravitee.am.common.oidc.Scope) Future(io.vertx.core.Future) InvalidClientException(io.gravitee.am.gateway.handler.oauth2.exception.InvalidClientException) BodyHandler(io.vertx.reactivex.ext.web.handler.BodyHandler) Matchers.any(org.mockito.Matchers.any) MediaType(io.gravitee.common.http.MediaType) HttpMethod(io.vertx.core.http.HttpMethod) CustomClaims(io.gravitee.am.common.oidc.CustomClaims) OAuth2AuthProvider(io.gravitee.am.gateway.handler.common.vertx.web.auth.provider.OAuth2AuthProvider) Handler(io.vertx.core.Handler) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) OpenIDDiscoveryService(io.gravitee.am.gateway.handler.oidc.service.discovery.OpenIDDiscoveryService) Buffer(io.vertx.reactivex.core.buffer.Buffer) User(io.gravitee.am.model.User) JWT(io.gravitee.am.common.jwt.JWT) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Aggregations

JWT (io.gravitee.am.common.jwt.JWT)130 Test (org.junit.Test)76 Client (io.gravitee.am.model.oidc.Client)72 User (io.gravitee.am.model.User)35 Maybe (io.reactivex.Maybe)27 Json (io.vertx.core.json.Json)26 HttpHeaders (io.gravitee.common.http.HttpHeaders)23 MediaType (io.gravitee.common.http.MediaType)23 Single (io.reactivex.Single)22 ConstantKeys (io.gravitee.am.common.utils.ConstantKeys)19 InvalidTokenException (io.gravitee.am.common.exception.oauth2.InvalidTokenException)17 JWTService (io.gravitee.am.gateway.handler.common.jwt.JWTService)17 Handler (io.vertx.core.Handler)16 RxWebTestBase (io.gravitee.am.gateway.handler.common.vertx.RxWebTestBase)14 HttpMethod (io.vertx.core.http.HttpMethod)14 BodyHandler (io.vertx.reactivex.ext.web.handler.BodyHandler)14 RunWith (org.junit.runner.RunWith)14 InjectMocks (org.mockito.InjectMocks)14 Mock (org.mockito.Mock)14 OAuth2Request (io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request)11
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial