Example 1 with IntrospectionRequest
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldNotReturnAudClaim.
@Test
public void shouldNotReturnAudClaim() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
accessToken.setCreatedAt(new Date());
accessToken.setExpireAt(new Date());
accessToken.setAdditionalInformation(Collections.singletonMap(Claims.aud, "test-aud"));
when(tokenService.introspect(token)).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
testObserver.assertValue(introspectionResponse -> !introspectionResponse.containsKey(Claims.aud));
}
Also used :
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Date(java.util.Date)
Test(org.junit.Test)
Example 2 with IntrospectionRequest
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldReturnCustomClaims.
@Test
public void shouldReturnCustomClaims() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
accessToken.setCreatedAt(new Date());
accessToken.setExpireAt(new Date());
accessToken.setAdditionalInformation(Collections.singletonMap("custom-claim", "test"));
when(tokenService.introspect(token)).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
testObserver.assertValue(introspectionResponse -> introspectionResponse.get("custom-claim").equals("test"));
}
Also used :
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Date(java.util.Date)
Test(org.junit.Test)
Example 3 with IntrospectionRequest
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldNotSearchForAUser_clientCredentials.
@Test
public void shouldNotSearchForAUser_clientCredentials() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
when(tokenService.introspect("token")).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(userService, never()).findById(anyString());
}
Also used :
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Test(org.junit.Test)
Example 4 with IntrospectionRequest
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldSearchForAUser.
@Test
public void shouldSearchForAUser() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("user");
accessToken.setClientId("client-id");
when(tokenService.introspect("token")).thenReturn(Single.just(accessToken));
when(userService.findById("user")).thenReturn(Maybe.just(new User()));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(userService, times(1)).findById("user");
}
Also used :
User(io.gravitee.am.model.User)
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Test(org.junit.Test)
Example 5 with IntrospectionRequest
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest in project gravitee-access-management by gravitee-io.
the class IntrospectionEndpoint method createRequest.
private static IntrospectionRequest createRequest(RoutingContext context) {
String token = context.request().getParam(ConstantKeys.TOKEN_PARAM_KEY);
String tokenTypeHint = context.request().getParam(ConstantKeys.TOKEN_TYPE_HINT_PARAM_KEY);
if (token == null) {
throw new InvalidRequestException();
}
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
if (tokenTypeHint != null) {
try {
introspectionRequest.setHint(TokenTypeHint.from(tokenTypeHint));
} catch (IllegalArgumentException iae) {
throw new UnsupportedTokenType(tokenTypeHint);
}
}
return introspectionRequest;
}
Also used :
UnsupportedTokenType(io.gravitee.am.gateway.handler.oauth2.exception.UnsupportedTokenType)
IntrospectionRequest(io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest)
InvalidRequestException(io.gravitee.am.common.exception.oauth2.InvalidRequestException)
Aggregations
AccessToken (io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)4
Test (org.junit.Test)4
Date (java.util.Date)2
InvalidRequestException (io.gravitee.am.common.exception.oauth2.InvalidRequestException)1
UnsupportedTokenType (io.gravitee.am.gateway.handler.oauth2.exception.UnsupportedTokenType)1
IntrospectionRequest (io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest)1
User (io.gravitee.am.model.User)1
