Example 1 with AccessToken
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class IntrospectionTokenServiceTest method shouldIntrospect_invalidValidToken_token_expired.
@Test
public void shouldIntrospect_invalidValidToken_token_expired() {
final String token = "token";
final JWT jwt = new JWT();
jwt.setJti("jti");
jwt.setDomain("domain");
jwt.setAud("client");
jwt.setIat(Instant.now().minus(1, ChronoUnit.DAYS).getEpochSecond());
final Client client = new Client();
client.setClientId("client-id");
final AccessToken accessToken = new AccessToken();
accessToken.setExpireAt(new Date(Instant.now().minus(1, ChronoUnit.DAYS).toEpochMilli()));
when(jwtService.decode(token)).thenReturn(Single.just(jwt));
when(clientService.findByDomainAndClientId(jwt.getDomain(), jwt.getAud())).thenReturn(Maybe.just(client));
when(jwtService.decodeAndVerify(token, client)).thenReturn(Single.just(jwt));
when(accessTokenRepository.findByToken(jwt.getJti())).thenReturn(Maybe.just(accessToken));
TestObserver testObserver = introspectionTokenService.introspect(token, false).test();
testObserver.assertError(InvalidTokenException.class);
verify(accessTokenRepository, times(1)).findByToken(jwt.getJti());
}
Also used :
JWT(io.gravitee.am.common.jwt.JWT)
AccessToken(io.gravitee.am.repository.oauth2.model.AccessToken)
Client(io.gravitee.am.model.oidc.Client)
Date(java.util.Date)
TestObserver(io.reactivex.observers.TestObserver)
Test(org.junit.Test)
Example 2 with AccessToken
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AuthorizationCodeServiceTest method shouldRemove_invalidCode_existingTokens_noRefreshToken.
@Test
public void shouldRemove_invalidCode_existingTokens_noRefreshToken() {
AuthorizationRequest authorizationRequest = new AuthorizationRequest();
authorizationRequest.setClientId("my-client-id");
Client client = new Client();
client.setClientId("my-client-id");
AuthorizationCode authorizationCode = new AuthorizationCode();
authorizationCode.setCode("my-code");
authorizationCode.setClientId("my-client-id");
AccessToken accessToken = new AccessToken();
accessToken.setToken("my-access-token-1");
accessToken.setAuthorizationCode("my-code");
AccessToken accessToken2 = new AccessToken();
accessToken2.setToken("my-access-token-2");
accessToken2.setAuthorizationCode("my-code");
List<AccessToken> tokens = Arrays.asList(accessToken, accessToken2);
when(authorizationCodeRepository.findByCode(any())).thenReturn(Maybe.empty());
when(accessTokenRepository.findByAuthorizationCode(anyString())).thenReturn(Observable.fromIterable(tokens));
when(accessTokenRepository.delete(anyString())).thenReturn(Completable.complete());
TestObserver<AuthorizationCode> testObserver = authorizationCodeService.remove(authorizationCode.getCode(), client).test();
testObserver.assertError(InvalidGrantException.class);
verify(authorizationCodeRepository, times(1)).findByCode(any());
verify(accessTokenRepository, times(1)).findByAuthorizationCode(anyString());
verify(accessTokenRepository, times(2)).delete(anyString());
verify(authorizationCodeRepository, never()).delete(any());
verify(refreshTokenRepository, never()).delete(anyString());
}
Also used :
AuthorizationCode(io.gravitee.am.repository.oauth2.model.AuthorizationCode)
AuthorizationRequest(io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest)
AccessToken(io.gravitee.am.repository.oauth2.model.AccessToken)
Client(io.gravitee.am.model.oidc.Client)
Test(org.junit.Test)
Example 3 with AccessToken
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AccessTokenRepositoryTest method shouldFindToken.
@Test
public void shouldFindToken() {
AccessToken token = new AccessToken();
token.setId(RandomString.generate());
token.setToken("my-token");
TestObserver<AccessToken> observer = accessTokenRepository.create(token).toCompletable().andThen(accessTokenRepository.findByToken("my-token")).test();
observer.awaitTerminalEvent();
observer.assertComplete();
observer.assertValueCount(1);
observer.assertNoErrors();
}
Also used :
AccessToken(io.gravitee.am.repository.oauth2.model.AccessToken)
AbstractOAuthTest(io.gravitee.am.repository.oauth2.AbstractOAuthTest)
Test(org.junit.Test)
Example 4 with AccessToken
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AccessTokenRepositoryTest method shouldFindAuthorizationCode.
@Test
public void shouldFindAuthorizationCode() {
AccessToken token = new AccessToken();
token.setId(RandomString.generate());
token.setToken("my-token");
token.setAuthorizationCode("some-auth-code");
TestObserver<AccessToken> observer = accessTokenRepository.create(token).toCompletable().andThen(accessTokenRepository.findByAuthorizationCode(token.getAuthorizationCode())).test();
observer.awaitTerminalEvent();
observer.assertComplete();
observer.assertValueCount(1);
observer.assertNoErrors();
}
Also used :
AccessToken(io.gravitee.am.repository.oauth2.model.AccessToken)
AbstractOAuthTest(io.gravitee.am.repository.oauth2.AbstractOAuthTest)
Test(org.junit.Test)
Example 5 with AccessToken
use of io.gravitee.am.repository.oauth2.model.AccessToken in project gravitee-access-management by gravitee-io.
the class AccessTokenRepositoryTest method shouldNotFindByUnknownAuthorizationCode.
@Test
public void shouldNotFindByUnknownAuthorizationCode() {
AccessToken token = new AccessToken();
token.setId(RandomString.generate());
token.setToken("my-token");
token.setAuthorizationCode("some-auth-code");
TestObserver<AccessToken> observer = accessTokenRepository.create(token).toCompletable().andThen(accessTokenRepository.findByAuthorizationCode("unknown")).test();
observer.awaitTerminalEvent();
observer.assertComplete();
observer.assertNoValues();
observer.assertNoErrors();
}
Also used :
AccessToken(io.gravitee.am.repository.oauth2.model.AccessToken)
AbstractOAuthTest(io.gravitee.am.repository.oauth2.AbstractOAuthTest)
Test(org.junit.Test)
Aggregations
Test (org.junit.Test)17
AccessToken (io.gravitee.am.repository.oauth2.model.AccessToken)15
AbstractOAuthTest (io.gravitee.am.repository.oauth2.AbstractOAuthTest)10
Client (io.gravitee.am.model.oidc.Client)8
JWT (io.gravitee.am.common.jwt.JWT)6
OAuth2Request (io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request)4
Date (java.util.Date)4
ReactableExecutionContext (io.gravitee.am.gateway.handler.context.ReactableExecutionContext)3
AccessToken (io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)3
RefreshToken (io.gravitee.am.repository.oauth2.model.RefreshToken)3
ExecutionContext (io.gravitee.gateway.api.ExecutionContext)3
Instant (java.time.Instant)3
JWTException (io.gravitee.am.common.exception.jwt.JWTException)2
InvalidTokenException (io.gravitee.am.common.exception.oauth2.InvalidTokenException)2
JWTService (io.gravitee.am.gateway.handler.common.jwt.JWTService)2
IntrospectionTokenService (io.gravitee.am.gateway.handler.common.oauth2.IntrospectionTokenService)2
AuthorizationRequest (io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest)2
TokenClaim (io.gravitee.am.model.TokenClaim)2
PermissionRequest (io.gravitee.am.model.uma.PermissionRequest)2
AccessTokenRepository (io.gravitee.am.repository.oauth2.api.AccessTokenRepository)2
