use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class IntrospectionTokenServiceTest method shouldIntrospect_validToken_offline_verification.
@Test
public void shouldIntrospect_validToken_offline_verification() {
final String token = "token";
final JWT jwt = new JWT();
jwt.setJti("jti");
jwt.setDomain("domain");
jwt.setAud("client");
final Client client = new Client();
client.setClientId("client-id");
when(jwtService.decode(token)).thenReturn(Single.just(jwt));
when(clientService.findByDomainAndClientId(jwt.getDomain(), jwt.getAud())).thenReturn(Maybe.just(client));
when(jwtService.decodeAndVerify(token, client)).thenReturn(Single.just(jwt));
TestObserver testObserver = introspectionTokenService.introspect(token, true).test();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(accessTokenRepository, never()).findByToken(jwt.getJti());
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class IntrospectionTokenServiceTest method shouldIntrospect_invalidValidToken_token_expired.
@Test
public void shouldIntrospect_invalidValidToken_token_expired() {
final String token = "token";
final JWT jwt = new JWT();
jwt.setJti("jti");
jwt.setDomain("domain");
jwt.setAud("client");
jwt.setIat(Instant.now().minus(1, ChronoUnit.DAYS).getEpochSecond());
final Client client = new Client();
client.setClientId("client-id");
final AccessToken accessToken = new AccessToken();
accessToken.setExpireAt(new Date(Instant.now().minus(1, ChronoUnit.DAYS).toEpochMilli()));
when(jwtService.decode(token)).thenReturn(Single.just(jwt));
when(clientService.findByDomainAndClientId(jwt.getDomain(), jwt.getAud())).thenReturn(Maybe.just(client));
when(jwtService.decodeAndVerify(token, client)).thenReturn(Single.just(jwt));
when(accessTokenRepository.findByToken(jwt.getJti())).thenReturn(Maybe.just(accessToken));
TestObserver testObserver = introspectionTokenService.introspect(token, false).test();
testObserver.assertError(InvalidTokenException.class);
verify(accessTokenRepository, times(1)).findByToken(jwt.getJti());
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class IntrospectionTokenServiceTest method shouldIntrospect_invalidValidToken_jwt_exception.
@Test
public void shouldIntrospect_invalidValidToken_jwt_exception() {
final String token = "token";
final JWT jwt = new JWT();
jwt.setJti("jti");
jwt.setDomain("domain");
jwt.setAud("client");
jwt.setIat(Instant.now().getEpochSecond());
final Client client = new Client();
client.setClientId("client-id");
when(jwtService.decode(token)).thenReturn(Single.just(jwt));
when(clientService.findByDomainAndClientId(jwt.getDomain(), jwt.getAud())).thenReturn(Maybe.just(client));
when(jwtService.decodeAndVerify(token, client)).thenReturn(Single.error(new JWTException("invalid token")));
TestObserver testObserver = introspectionTokenService.introspect(token, false).test();
testObserver.assertError(InvalidTokenException.class);
verify(accessTokenRepository, never()).findByToken(jwt.getJti());
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class IntrospectionTokenServiceTest method shouldIntrospect_invalidValidToken_token_revoked.
@Test
public void shouldIntrospect_invalidValidToken_token_revoked() {
final String token = "token";
final JWT jwt = new JWT();
jwt.setJti("jti");
jwt.setDomain("domain");
jwt.setAud("client");
jwt.setIat(Instant.now().minus(1, ChronoUnit.DAYS).getEpochSecond());
final Client client = new Client();
client.setClientId("client-id");
when(jwtService.decode(token)).thenReturn(Single.just(jwt));
when(clientService.findByDomainAndClientId(jwt.getDomain(), jwt.getAud())).thenReturn(Maybe.just(client));
when(jwtService.decodeAndVerify(token, client)).thenReturn(Single.just(jwt));
when(accessTokenRepository.findByToken(jwt.getJti())).thenReturn(Maybe.empty());
TestObserver testObserver = introspectionTokenService.introspect(token, false).test();
testObserver.assertError(InvalidTokenException.class);
verify(accessTokenRepository, times(1)).findByToken(jwt.getJti());
}
use of io.gravitee.am.model.oidc.Client in project gravitee-access-management by gravitee-io.
the class IntrospectionTokenServiceTest method shouldIntrospect_validToken_offline_verification_timer.
@Test
public void shouldIntrospect_validToken_offline_verification_timer() {
final String token = "token";
final JWT jwt = new JWT();
jwt.setJti("jti");
jwt.setDomain("domain");
jwt.setAud("client");
jwt.setIat(Instant.now().getEpochSecond());
final Client client = new Client();
client.setClientId("client-id");
when(jwtService.decode(token)).thenReturn(Single.just(jwt));
when(clientService.findByDomainAndClientId(jwt.getDomain(), jwt.getAud())).thenReturn(Maybe.just(client));
when(jwtService.decodeAndVerify(token, client)).thenReturn(Single.just(jwt));
TestObserver testObserver = introspectionTokenService.introspect(token, false).test();
testObserver.assertComplete();
testObserver.assertNoErrors();
// repository should not be call because the token is too recent
verify(accessTokenRepository, never()).findByToken(jwt.getJti());
}
Aggregations