use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class IntrospectionTokenServiceTest method shouldIntrospect_invalidValidToken_token_expired.
@Test
public void shouldIntrospect_invalidValidToken_token_expired() {
final String token = "token";
final JWT jwt = new JWT();
jwt.setJti("jti");
jwt.setDomain("domain");
jwt.setAud("client");
jwt.setIat(Instant.now().minus(1, ChronoUnit.DAYS).getEpochSecond());
final Client client = new Client();
client.setClientId("client-id");
final AccessToken accessToken = new AccessToken();
accessToken.setExpireAt(new Date(Instant.now().minus(1, ChronoUnit.DAYS).toEpochMilli()));
when(jwtService.decode(token)).thenReturn(Single.just(jwt));
when(clientService.findByDomainAndClientId(jwt.getDomain(), jwt.getAud())).thenReturn(Maybe.just(client));
when(jwtService.decodeAndVerify(token, client)).thenReturn(Single.just(jwt));
when(accessTokenRepository.findByToken(jwt.getJti())).thenReturn(Maybe.just(accessToken));
TestObserver testObserver = introspectionTokenService.introspect(token, false).test();
testObserver.assertError(InvalidTokenException.class);
verify(accessTokenRepository, times(1)).findByToken(jwt.getJti());
}
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AuthorizationCodeServiceTest method shouldRemove_invalidCode_existingTokens_noRefreshToken.
@Test
public void shouldRemove_invalidCode_existingTokens_noRefreshToken() {
AuthorizationRequest authorizationRequest = new AuthorizationRequest();
authorizationRequest.setClientId("my-client-id");
Client client = new Client();
client.setClientId("my-client-id");
AuthorizationCode authorizationCode = new AuthorizationCode();
authorizationCode.setCode("my-code");
authorizationCode.setClientId("my-client-id");
AccessToken accessToken = new AccessToken();
accessToken.setToken("my-access-token-1");
accessToken.setAuthorizationCode("my-code");
AccessToken accessToken2 = new AccessToken();
accessToken2.setToken("my-access-token-2");
accessToken2.setAuthorizationCode("my-code");
List<AccessToken> tokens = Arrays.asList(accessToken, accessToken2);
when(authorizationCodeRepository.findByCode(any())).thenReturn(Maybe.empty());
when(accessTokenRepository.findByAuthorizationCode(anyString())).thenReturn(Observable.fromIterable(tokens));
when(accessTokenRepository.delete(anyString())).thenReturn(Completable.complete());
TestObserver<AuthorizationCode> testObserver = authorizationCodeService.remove(authorizationCode.getCode(), client).test();
testObserver.assertError(InvalidGrantException.class);
verify(authorizationCodeRepository, times(1)).findByCode(any());
verify(accessTokenRepository, times(1)).findByAuthorizationCode(anyString());
verify(accessTokenRepository, times(2)).delete(anyString());
verify(authorizationCodeRepository, never()).delete(any());
verify(refreshTokenRepository, never()).delete(anyString());
}
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AccessTokenRepositoryTest method shouldFindToken.
@Test
public void shouldFindToken() {
AccessToken token = new AccessToken();
token.setId(RandomString.generate());
token.setToken("my-token");
TestObserver<AccessToken> observer = accessTokenRepository.create(token).toCompletable().andThen(accessTokenRepository.findByToken("my-token")).test();
observer.awaitTerminalEvent();
observer.assertComplete();
observer.assertValueCount(1);
observer.assertNoErrors();
}
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AccessTokenRepositoryTest method shouldFindAuthorizationCode.
@Test
public void shouldFindAuthorizationCode() {
AccessToken token = new AccessToken();
token.setId(RandomString.generate());
token.setToken("my-token");
token.setAuthorizationCode("some-auth-code");
TestObserver<AccessToken> observer = accessTokenRepository.create(token).toCompletable().andThen(accessTokenRepository.findByAuthorizationCode(token.getAuthorizationCode())).test();
observer.awaitTerminalEvent();
observer.assertComplete();
observer.assertValueCount(1);
observer.assertNoErrors();
}
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AccessTokenRepositoryTest method shouldNotFindByUnknownAuthorizationCode.
@Test
public void shouldNotFindByUnknownAuthorizationCode() {
AccessToken token = new AccessToken();
token.setId(RandomString.generate());
token.setToken("my-token");
token.setAuthorizationCode("some-auth-code");
TestObserver<AccessToken> observer = accessTokenRepository.create(token).toCompletable().andThen(accessTokenRepository.findByAuthorizationCode("unknown")).test();
observer.awaitTerminalEvent();
observer.assertComplete();
observer.assertNoValues();
observer.assertNoErrors();
}
Aggregations