use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceImpl method convert.
private IntrospectionResponse convert(AccessToken accessToken, User user) {
IntrospectionResponse introspectionResponse = new IntrospectionResponse();
introspectionResponse.setActive(true);
introspectionResponse.setClientId(accessToken.getClientId());
introspectionResponse.setExp(accessToken.getExpireAt().getTime() / 1000);
introspectionResponse.setIat(accessToken.getCreatedAt().getTime() / 1000);
introspectionResponse.setTokenType(accessToken.getTokenType());
introspectionResponse.setSub(accessToken.getSubject());
if (user != null) {
introspectionResponse.setUsername(user.getUsername());
}
if (accessToken.getScope() != null && !accessToken.getScope().isEmpty()) {
introspectionResponse.setScope(accessToken.getScope());
}
if (accessToken.getAdditionalInformation() != null && !accessToken.getAdditionalInformation().isEmpty()) {
accessToken.getAdditionalInformation().forEach((k, v) -> introspectionResponse.putIfAbsent(k, v));
}
final Map<String, Object> cnf = accessToken.getConfirmationMethod();
if (cnf != null) {
introspectionResponse.setConfirmationMethod(cnf);
}
// remove "aud" claim due to some backend APIs unable to verify the "aud" value
// see <a href="https://github.com/gravitee-io/issues/issues/3111"></a>
introspectionResponse.remove(Claims.aud);
return introspectionResponse;
}
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldNotReturnAudClaim.
@Test
public void shouldNotReturnAudClaim() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
accessToken.setCreatedAt(new Date());
accessToken.setExpireAt(new Date());
accessToken.setAdditionalInformation(Collections.singletonMap(Claims.aud, "test-aud"));
when(tokenService.introspect(token)).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
testObserver.assertValue(introspectionResponse -> !introspectionResponse.containsKey(Claims.aud));
}
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldReturnCustomClaims.
@Test
public void shouldReturnCustomClaims() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
accessToken.setCreatedAt(new Date());
accessToken.setExpireAt(new Date());
accessToken.setAdditionalInformation(Collections.singletonMap("custom-claim", "test"));
when(tokenService.introspect(token)).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
testObserver.assertValue(introspectionResponse -> introspectionResponse.get("custom-claim").equals("test"));
}
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldNotSearchForAUser_clientCredentials.
@Test
public void shouldNotSearchForAUser_clientCredentials() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("client-id");
accessToken.setClientId("client-id");
when(tokenService.introspect("token")).thenReturn(Single.just(accessToken));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(userService, never()).findById(anyString());
}
use of io.gravitee.am.gateway.handler.oauth2.service.introspection.IntrospectionResponse in project gravitee-access-management by gravitee-io.
the class IntrospectionServiceTest method shouldSearchForAUser.
@Test
public void shouldSearchForAUser() {
final String token = "token";
AccessToken accessToken = new AccessToken(token);
accessToken.setSubject("user");
accessToken.setClientId("client-id");
when(tokenService.introspect("token")).thenReturn(Single.just(accessToken));
when(userService.findById("user")).thenReturn(Maybe.just(new User()));
IntrospectionRequest introspectionRequest = new IntrospectionRequest(token);
TestObserver<IntrospectionResponse> testObserver = introspectionService.introspect(introspectionRequest).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(userService, times(1)).findById("user");
}
Aggregations