Example 1 with IntrospectionResponse
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceImpl method convert.
private IntrospectionResponse convert(AccessToken accessToken, User user) {
IntrospectionResponse introspectionResponse = new IntrospectionResponse();
introspectionResponse.setActive(true);
introspectionResponse.setClientId(accessToken.getClientId());
introspectionResponse.setExp(accessToken.getExpireAt().getTime() / 1000);
introspectionResponse.setIat(accessToken.getCreatedAt().getTime() / 1000);
introspectionResponse.setTokenType(accessToken.getTokenType());
introspectionResponse.setSub(accessToken.getSubject());
if (user != null) {
introspectionResponse.setUsername(user.getUsername());
}
if (accessToken.getScope() != null && !accessToken.getScope().isEmpty()) {
introspectionResponse.setScope(accessToken.getScope());
}
if (accessToken.getAdditionalInformation() != null && !accessToken.getAdditionalInformation().isEmpty()) {
accessToken.getAdditionalInformation().forEach((k, v) -> introspectionResponse.putIfAbsent(k, v));
}
final Map<String, Object> cnf = accessToken.getConfirmationMethod();
if (cnf != null) {
introspectionResponse.setConfirmationMethod(cnf);
}
// remove "aud" claim due to some backend APIs unable to verify the "aud" value
// see <a href="https://github.com/gravitee-io/issues/issues/3111"></a>
introspectionResponse.remove(Claims.aud);
return introspectionResponse;
}
Also used :
IntrospectionResponse(io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse)
Example 2 with IntrospectionResponse
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldNotReturnAudClaim.
@Test
public void shouldNotReturnAudClaim() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
accessToken.setCreatedAt(new Date());
accessToken.setExpireAt(new Date());
accessToken.setAdditionalInformation(Collections.singletonMap(Claims.aud, "test-aud"));
when(tokenService.introspect(token)).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
testObserver.assertValue(introspectionResponse -> !introspectionResponse.containsKey(Claims.aud));
}
Also used :
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Date(java.util.Date)
Test(org.junit.Test)
Example 3 with IntrospectionResponse
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldReturnCustomClaims.
@Test
public void shouldReturnCustomClaims() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
accessToken.setCreatedAt(new Date());
accessToken.setExpireAt(new Date());
accessToken.setAdditionalInformation(Collections.singletonMap("custom-claim", "test"));
when(tokenService.introspect(token)).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
testObserver.assertValue(introspectionResponse -> introspectionResponse.get("custom-claim").equals("test"));
}
Also used :
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Date(java.util.Date)
Test(org.junit.Test)
Example 4 with IntrospectionResponse
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldNotSearchForAUser_clientCredentials.
@Test
public void shouldNotSearchForAUser_clientCredentials() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
when(tokenService.introspect("token")).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(userService, never()).findById(anyString());
}
Also used :
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Test(org.junit.Test)
Example 5 with IntrospectionResponse
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldSearchForAUser.
@Test
public void shouldSearchForAUser() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("user");
accessToken.setClientId("client-id");
when(tokenService.introspect("token")).thenReturn(Single.just(accessToken));
when(userService.findById("user")).thenReturn(Maybe.just(new User()));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(userService, times(1)).findById("user");
}
Also used :
User(io.gravitee.am.model.User)
AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)
Test(org.junit.Test)
Aggregations
AccessToken (io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)4
Test (org.junit.Test)4
Date (java.util.Date)2
InvalidRequestException (io.gravitee.am.common.exception.oauth2.InvalidRequestException)1
TokenTypeHint (io.gravitee.am.common.oauth2.TokenTypeHint)1
ConstantKeys (io.gravitee.am.common.utils.ConstantKeys)1
InvalidClientException (io.gravitee.am.gateway.handler.oauth2.exception.InvalidClientException)1
UnsupportedTokenType (io.gravitee.am.gateway.handler.oauth2.exception.UnsupportedTokenType)1
IntrospectionRequest (io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionRequest)1
IntrospectionResponse (io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse)1
IntrospectionService (io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionService)1
User (io.gravitee.am.model.User)1
Client (io.gravitee.am.model.oidc.Client)1
HttpHeaders (io.gravitee.common.http.HttpHeaders)1
MediaType (io.gravitee.common.http.MediaType)1
Handler (io.vertx.core.Handler)1
Json (io.vertx.core.json.Json)1
RoutingContext (io.vertx.reactivex.ext.web.RoutingContext)1
