use of io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request in project gravitee-access-management by gravitee-io.
the class UMATokenGranter method createOAuth2Request.
private Single<OAuth2Request> createOAuth2Request(TokenRequest tokenRequest, Client client, User endUser) {
// Remove Token Request scopes as they are now injected into each permission requests.
tokenRequest.setScopes(null);
// Create Request
OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request();
// Set User
oAuth2Request.setSubject(endUser != null ? endUser.getId() : oAuth2Request.getSubject());
// Client may have refresh_token grant, but if request is not made for an end user, then we should not generate refresh.
oAuth2Request.setSupportRefreshToken(endUser != null && isSupportRefreshToken(client));
return Single.just(oAuth2Request);
}
use of io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request in project gravitee-access-management by gravitee-io.
the class UmaTokenGranterTest method grant_user_additionalScopeCase.
@Test
public void grant_user_additionalScopeCase() {
tokenRequest.setScopes(new HashSet<>(Arrays.asList("scopeB", "scopeC")));
TestObserver<Token> testObserver = umaTokenGranter.grant(tokenRequest, client).test();
testObserver.assertComplete().assertNoErrors().assertValue(token -> "success".equals(token.getValue()));
OAuth2Request result = oauth2RequestCaptor.getValue();
assertTrue(USER_ID.equals(result.getSubject()));
assertTrue(assertAdditionalScopePermissions(result.getPermissions()));
assertTrue(result.isSupportRefreshToken());
}
use of io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request in project gravitee-access-management by gravitee-io.
the class UmaTokenGranterTest method grant_user_RptWithoutPermissionCase.
@Test
public void grant_user_RptWithoutPermissionCase() {
parameters.add(RPT, RPT_OLD_TOKEN);
when(rpt.get("permissions")).thenReturn(null);
TestObserver<Token> testObserver = umaTokenGranter.grant(tokenRequest, client).test();
testObserver.assertComplete().assertNoErrors().assertValue(token -> "success".equals(token.getValue()));
OAuth2Request result = oauth2RequestCaptor.getValue();
assertTrue(USER_ID.equals(result.getSubject()));
assertTrue(assertNominalPermissions(result.getPermissions()));
assertTrue(result.isSupportRefreshToken());
}
use of io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request in project gravitee-access-management by gravitee-io.
the class UmaTokenGranterTest method grant_user_nominalCase.
@Test
public void grant_user_nominalCase() {
TestObserver<Token> testObserver = umaTokenGranter.grant(tokenRequest, client).test();
testObserver.assertComplete().assertNoErrors().assertValue(token -> "success".equals(token.getValue()));
OAuth2Request result = oauth2RequestCaptor.getValue();
assertTrue(USER_ID.equals(result.getSubject()));
assertTrue(assertNominalPermissions(result.getPermissions()));
assertTrue(result.isSupportRefreshToken());
}
use of io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request in project gravitee-access-management by gravitee-io.
the class UmaTokenGranterTest method grant_user_extendRptCase.
@Test
public void grant_user_extendRptCase() {
parameters.add(RPT, RPT_OLD_TOKEN);
tokenRequest.setScopes(new HashSet<>(Arrays.asList("scopeD")));
TestObserver<Token> testObserver = umaTokenGranter.grant(tokenRequest, client).test();
testObserver.assertComplete().assertNoErrors().assertValue(token -> "success".equals(token.getValue()) && token.isUpgraded());
OAuth2Request result = oauth2RequestCaptor.getValue();
assertTrue(USER_ID.equals(result.getSubject()));
assertTrue(assertExtendedRptPermissions(result.getPermissions()));
assertTrue(result.isSupportRefreshToken());
}
Aggregations