Search in sources :

Example 1 with AUTHORIZATION

use of io.vertx.core.http.HttpHeaders.AUTHORIZATION in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method tokenInvalidatedByProviderAlways401.

@Test
public void tokenInvalidatedByProviderAlways401() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    final AtomicBoolean retry = new AtomicBoolean();
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && !retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(loggedOutFixture.encode());
        } else if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(fixture.encode());
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path())) {
            retry.set(true);
            req.response().setStatusCode(401).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(WebClientSession.create(webClient), oauth2, new OAuth2WebClientOptions().setRenewTokenOnForbidden(true));
    final CountDownLatch latchClient = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig).get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            // this one will fail as we fail to refresh request after request
            assertEquals(401, result.result().statusCode());
            latchClient.countDown();
        }
    });
    awaitLatch(latchClient);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Example 2 with AUTHORIZATION

use of io.vertx.core.http.HttpHeaders.AUTHORIZATION in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method tokenInvalidatedByProvider.

@Test
public void tokenInvalidatedByProvider() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    final AtomicBoolean retry = new AtomicBoolean();
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && !retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(loggedOutFixture.encode());
        } else if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(fixture.encode());
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path()) && retry.get()) {
            assertEquals("Bearer " + fixture.getString("access_token"), req.getHeader("Authorization"));
            req.response().end();
        } else {
            retry.set(true);
            req.response().setStatusCode(401).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(WebClientSession.create(webClient), oauth2, new OAuth2WebClientOptions().setRenewTokenOnForbidden(true));
    final CountDownLatch latchClient = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig).get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient.countDown();
        }
    });
    awaitLatch(latchClient);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Example 3 with AUTHORIZATION

use of io.vertx.core.http.HttpHeaders.AUTHORIZATION in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method testWithAuthenticationWithoutSessionExpiredFailsRefreshForceReauthentication.

@Test
public void testWithAuthenticationWithoutSessionExpiredFailsRefreshForceReauthentication() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    // variation
    final AtomicInteger counter = new AtomicInteger(0);
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path())) {
            if (counter.incrementAndGet() == 4) {
                fail("Should only request a token 3 times");
            } else {
                assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
                if (counter.get() == 2) {
                    // fake a bad refresh response
                    req.response().setStatusCode(401).end();
                } else {
                    req.response().putHeader("Content-Type", "application/json").end(fixtureExpires.copy().put("calls", counter).encode());
                }
            }
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path())) {
            assertEquals("Bearer " + fixtureExpires.getString("access_token"), req.getHeader("Authorization"));
            req.response().end();
        } else {
            req.response().setStatusCode(400).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(webClient, oauth2);
    final CountDownLatch latchClient1 = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig);
    oauth2WebClient.get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient1.countDown();
        }
    });
    // sleep so the user expires
    Thread.sleep(2000L);
    awaitLatch(latchClient1);
    final CountDownLatch latchClient2 = new CountDownLatch(1);
    // again, but this time we should not get a token
    oauth2WebClient.get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient2.countDown();
        }
    });
    awaitLatch(latchClient2);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Example 4 with AUTHORIZATION

use of io.vertx.core.http.HttpHeaders.AUTHORIZATION in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method testWithAuthenticationWithoutSessionExpired.

@Test
public void testWithAuthenticationWithoutSessionExpired() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    // variation
    final AtomicInteger counter = new AtomicInteger(0);
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path())) {
            if (counter.incrementAndGet() == 3) {
                fail("Should only request a token 2 times");
            } else {
                assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
                req.response().putHeader("Content-Type", "application/json").end(fixtureExpires.copy().put("calls", counter).encode());
            }
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path())) {
            assertEquals("Bearer " + fixtureExpires.getString("access_token"), req.getHeader("Authorization"));
            req.response().end();
        } else {
            req.response().setStatusCode(400).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(webClient, oauth2);
    final CountDownLatch latchClient1 = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig);
    oauth2WebClient.get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient1.countDown();
        }
    });
    // sleep so the user expires
    Thread.sleep(2000L);
    awaitLatch(latchClient1);
    final CountDownLatch latchClient2 = new CountDownLatch(1);
    // again, but this time we should not get a token
    oauth2WebClient.get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient2.countDown();
        }
    });
    awaitLatch(latchClient2);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Example 5 with AUTHORIZATION

use of io.vertx.core.http.HttpHeaders.AUTHORIZATION in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method testWithAuthentication.

@Test
public void testWithAuthentication() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path())) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(fixture.encode());
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path())) {
            assertEquals("Bearer " + fixture.getString("access_token"), req.getHeader("Authorization"));
            req.response().end();
        } else {
            req.response().setStatusCode(400).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(WebClientSession.create(webClient), oauth2);
    final CountDownLatch latchClient = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig).get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient.countDown();
        }
    });
    awaitLatch(latchClient);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Aggregations

Future (io.vertx.core.Future)8 Future.failedFuture (io.vertx.core.Future.failedFuture)8 Future.succeededFuture (io.vertx.core.Future.succeededFuture)8 Buffer (io.vertx.core.buffer.Buffer)8 AUTHORIZATION (io.vertx.core.http.HttpHeaders.AUTHORIZATION)8 HttpMethod (io.vertx.core.http.HttpMethod)8 JsonObject (io.vertx.core.json.JsonObject)8 OAuth2Auth (io.vertx.ext.auth.oauth2.OAuth2Auth)8 OAuth2FlowType (io.vertx.ext.auth.oauth2.OAuth2FlowType)8 OAuth2Options (io.vertx.ext.auth.oauth2.OAuth2Options)8 Oauth2Credentials (io.vertx.ext.auth.oauth2.Oauth2Credentials)8 CountDownLatch (java.util.concurrent.CountDownLatch)8 TimeUnit (java.util.concurrent.TimeUnit)8 AtomicBoolean (java.util.concurrent.atomic.AtomicBoolean)8 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)8 Supplier (java.util.function.Supplier)8 Test (org.junit.Test)8