Search in sources :

Example 1 with AuthorizationCode

use of io.gravitee.am.repository.oauth2.model.AuthorizationCode in project gravitee-access-management by gravitee-io.

the class AuthorizationCodeServiceImpl method create.

@Override
public Single<AuthorizationCode> create(AuthorizationRequest authorizationRequest, User user) {
    AuthorizationCode authorizationCode = new AuthorizationCode();
    authorizationCode.setId(RandomString.generate());
    authorizationCode.setTransactionId(authorizationRequest.transactionId());
    authorizationCode.setContextVersion(authorizationRequest.getContextVersion());
    authorizationCode.setCode(SecureRandomString.generate());
    authorizationCode.setClientId(authorizationRequest.getClientId());
    authorizationCode.setSubject(user.getId());
    authorizationCode.setScopes(authorizationRequest.getScopes());
    authorizationCode.setRequestParameters(authorizationRequest.parameters());
    authorizationCode.setExpireAt(new Date(System.currentTimeMillis() + authorizationCodeValidity));
    authorizationCode.setCreatedAt(new Date());
    return authorizationCodeRepository.create(authorizationCode);
}
Also used : AuthorizationCode(io.gravitee.am.repository.oauth2.model.AuthorizationCode) Date(java.util.Date)

Example 2 with AuthorizationCode

use of io.gravitee.am.repository.oauth2.model.AuthorizationCode in project gravitee-access-management by gravitee-io.

the class AuthorizationCodeServiceTest method shouldRemove_invalidCode_existingTokens_noRefreshToken.

@Test
public void shouldRemove_invalidCode_existingTokens_noRefreshToken() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setClientId("my-client-id");
    Client client = new Client();
    client.setClientId("my-client-id");
    AuthorizationCode authorizationCode = new AuthorizationCode();
    authorizationCode.setCode("my-code");
    authorizationCode.setClientId("my-client-id");
    AccessToken accessToken = new AccessToken();
    accessToken.setToken("my-access-token-1");
    accessToken.setAuthorizationCode("my-code");
    AccessToken accessToken2 = new AccessToken();
    accessToken2.setToken("my-access-token-2");
    accessToken2.setAuthorizationCode("my-code");
    List<AccessToken> tokens = Arrays.asList(accessToken, accessToken2);
    when(authorizationCodeRepository.findByCode(any())).thenReturn(Maybe.empty());
    when(accessTokenRepository.findByAuthorizationCode(anyString())).thenReturn(Observable.fromIterable(tokens));
    when(accessTokenRepository.delete(anyString())).thenReturn(Completable.complete());
    TestObserver<AuthorizationCode> testObserver = authorizationCodeService.remove(authorizationCode.getCode(), client).test();
    testObserver.assertError(InvalidGrantException.class);
    verify(authorizationCodeRepository, times(1)).findByCode(any());
    verify(accessTokenRepository, times(1)).findByAuthorizationCode(anyString());
    verify(accessTokenRepository, times(2)).delete(anyString());
    verify(authorizationCodeRepository, never()).delete(any());
    verify(refreshTokenRepository, never()).delete(anyString());
}
Also used : AuthorizationCode(io.gravitee.am.repository.oauth2.model.AuthorizationCode) AuthorizationRequest(io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest) AccessToken(io.gravitee.am.repository.oauth2.model.AccessToken) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 3 with AuthorizationCode

use of io.gravitee.am.repository.oauth2.model.AuthorizationCode in project gravitee-access-management by gravitee-io.

the class AuthorizationCodeServiceTest method shouldCreate_noExistingCode.

@Test
public void shouldCreate_noExistingCode() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setClientId("my-client-id");
    User user = new User();
    user.setUsername("my-username-id");
    when(authorizationCodeRepository.create(any())).thenReturn(Single.just(new AuthorizationCode()));
    TestObserver<AuthorizationCode> testObserver = authorizationCodeService.create(authorizationRequest, user).test();
    testObserver.assertComplete();
    testObserver.assertNoErrors();
    verify(authorizationCodeRepository, times(1)).create(any());
}
Also used : AuthorizationCode(io.gravitee.am.repository.oauth2.model.AuthorizationCode) AuthorizationRequest(io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest) User(io.gravitee.am.model.User) Test(org.junit.Test)

Example 4 with AuthorizationCode

use of io.gravitee.am.repository.oauth2.model.AuthorizationCode in project gravitee-access-management by gravitee-io.

the class MongoAuthorizationCodeRepository method convert.

private AuthorizationCode convert(AuthorizationCodeMongo authorizationCodeMongo) {
    if (authorizationCodeMongo == null) {
        return null;
    }
    AuthorizationCode authorizationCode = new AuthorizationCode();
    authorizationCode.setId(authorizationCodeMongo.getId());
    authorizationCode.setTransactionId(authorizationCodeMongo.getTransactionId());
    authorizationCode.setContextVersion(authorizationCodeMongo.getContextVersion());
    authorizationCode.setCode(authorizationCodeMongo.getCode());
    authorizationCode.setClientId(authorizationCodeMongo.getClientId());
    authorizationCode.setCreatedAt(authorizationCodeMongo.getCreatedAt());
    authorizationCode.setExpireAt(authorizationCodeMongo.getExpireAt());
    authorizationCode.setSubject(authorizationCodeMongo.getSubject());
    authorizationCode.setScopes(authorizationCodeMongo.getScopes());
    if (authorizationCodeMongo.getRequestParameters() != null) {
        MultiValueMap<String, String> requestParameters = new LinkedMultiValueMap<>();
        authorizationCodeMongo.getRequestParameters().forEach((key, value) -> requestParameters.put(key, (List<String>) value));
        authorizationCode.setRequestParameters(requestParameters);
    }
    return authorizationCode;
}
Also used : AuthorizationCode(io.gravitee.am.repository.oauth2.model.AuthorizationCode) LinkedMultiValueMap(io.gravitee.common.util.LinkedMultiValueMap) List(java.util.List) RandomString(io.gravitee.am.common.utils.RandomString)

Example 5 with AuthorizationCode

use of io.gravitee.am.repository.oauth2.model.AuthorizationCode in project gravitee-access-management by gravitee-io.

the class AuthorizationCodeRepositoryPurgeTest method shouldRemoveCode.

@Test
public void shouldRemoveCode() {
    Instant now = Instant.now();
    String code = "testCode";
    AuthorizationCode authorizationCode = new AuthorizationCode();
    authorizationCode.setId(code);
    authorizationCode.setCode(code);
    authorizationCode.setExpireAt(new Date(now.plus(1, ChronoUnit.MINUTES).toEpochMilli()));
    String codeExpired = "testCodeExpired";
    AuthorizationCode authorizationCodeExpired = new AuthorizationCode();
    authorizationCodeExpired.setId(codeExpired);
    authorizationCodeExpired.setCode(codeExpired);
    authorizationCodeExpired.setExpireAt(new Date(now.minus(1, ChronoUnit.MINUTES).toEpochMilli()));
    TestObserver<AuthorizationCode> testObserver = authorizationCodeRepository.create(authorizationCode).test();
    testObserver.awaitTerminalEvent();
    testObserver.assertNoErrors();
    testObserver = authorizationCodeRepository.create(authorizationCodeExpired).test();
    testObserver.awaitTerminalEvent();
    testObserver.assertNoErrors();
    assertNotNull(authorizationCodeRepository.findByCode(code).blockingGet());
    assertNull(authorizationCodeRepository.findByCode(codeExpired).blockingGet());
    TestObserver<Void> testPurge = authorizationCodeRepository.purgeExpiredData().test();
    testPurge.awaitTerminalEvent();
    testPurge.assertNoErrors();
    assertNotNull(authorizationCodeRepository.findByCode(code).blockingGet());
    assertNull(authorizationCodeRepository.findByCode(codeExpired).blockingGet());
}
Also used : AuthorizationCode(io.gravitee.am.repository.oauth2.model.AuthorizationCode) Instant(java.time.Instant) Date(java.util.Date) AbstractOAuthTest(io.gravitee.am.repository.oauth2.AbstractOAuthTest) Test(org.junit.Test)

Aggregations

AuthorizationCode (io.gravitee.am.repository.oauth2.model.AuthorizationCode)10 Test (org.junit.Test)7 AuthorizationRequest (io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest)4 Client (io.gravitee.am.model.oidc.Client)4 AbstractOAuthTest (io.gravitee.am.repository.oauth2.AbstractOAuthTest)3 User (io.gravitee.am.model.User)2 AccessToken (io.gravitee.am.repository.oauth2.model.AccessToken)2 Date (java.util.Date)2 InvalidRequestException (io.gravitee.am.common.exception.oauth2.InvalidRequestException)1 CodeChallengeMethod (io.gravitee.am.common.oauth2.CodeChallengeMethod)1 GrantType (io.gravitee.am.common.oauth2.GrantType)1 Parameters (io.gravitee.am.common.oauth2.Parameters)1 ConstantKeys (io.gravitee.am.common.utils.ConstantKeys)1 RandomString (io.gravitee.am.common.utils.RandomString)1 UserAuthenticationManager (io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager)1 InvalidGrantException (io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException)1 AuthorizationCodeService (io.gravitee.am.gateway.handler.oauth2.service.code.AuthorizationCodeService)1 AbstractTokenGranter (io.gravitee.am.gateway.handler.oauth2.service.granter.AbstractTokenGranter)1 PKCEUtils (io.gravitee.am.gateway.handler.oauth2.service.pkce.PKCEUtils)1 TokenRequest (io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequest)1