Search in sources :

Example 1 with OAuth2Options

use of io.vertx.ext.auth.oauth2.OAuth2Options in project vertx-web by vert-x3.

the class WebClientOauth2Examples method create.

public void create(Vertx vertx) {
    WebClient client = WebClient.create(vertx);
    OAuth2WebClient oauth2 = OAuth2WebClient.create(client, OAuth2Auth.create(vertx, new OAuth2Options())).withCredentials(new TokenCredentials("some.jwt.token"));
}
Also used : WebClient(io.vertx.ext.web.client.WebClient) OAuth2WebClient(io.vertx.ext.web.client.OAuth2WebClient) OAuth2WebClient(io.vertx.ext.web.client.OAuth2WebClient) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) TokenCredentials(io.vertx.ext.auth.authentication.TokenCredentials)

Example 2 with OAuth2Options

use of io.vertx.ext.auth.oauth2.OAuth2Options in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method tokenInvalidatedByProviderAlways401.

@Test
public void tokenInvalidatedByProviderAlways401() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    final AtomicBoolean retry = new AtomicBoolean();
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && !retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(loggedOutFixture.encode());
        } else if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(fixture.encode());
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path())) {
            retry.set(true);
            req.response().setStatusCode(401).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(WebClientSession.create(webClient), oauth2, new OAuth2WebClientOptions().setRenewTokenOnForbidden(true));
    final CountDownLatch latchClient = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig).get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            // this one will fail as we fail to refresh request after request
            assertEquals(401, result.result().statusCode());
            latchClient.countDown();
        }
    });
    awaitLatch(latchClient);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Example 3 with OAuth2Options

use of io.vertx.ext.auth.oauth2.OAuth2Options in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method testWithoutAuthenticationWithoutSession.

@Test
public void testWithoutAuthenticationWithoutSession() throws Exception {
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(webClient, oauth2);
    final CountDownLatch latchClient = new CountDownLatch(1);
    oauth2WebClient.get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            latchClient.countDown();
        } else {
            fail("Should require credentials");
        }
    });
    awaitLatch(latchClient);
}
Also used : CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Example 4 with OAuth2Options

use of io.vertx.ext.auth.oauth2.OAuth2Options in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method tokenInvalidatedByProvider.

@Test
public void tokenInvalidatedByProvider() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    final AtomicBoolean retry = new AtomicBoolean();
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && !retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(loggedOutFixture.encode());
        } else if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path()) && retry.get()) {
            assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
            req.response().putHeader("Content-Type", "application/json").end(fixture.encode());
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path()) && retry.get()) {
            assertEquals("Bearer " + fixture.getString("access_token"), req.getHeader("Authorization"));
            req.response().end();
        } else {
            retry.set(true);
            req.response().setStatusCode(401).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(WebClientSession.create(webClient), oauth2, new OAuth2WebClientOptions().setRenewTokenOnForbidden(true));
    final CountDownLatch latchClient = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig).get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient.countDown();
        }
    });
    awaitLatch(latchClient);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Example 5 with OAuth2Options

use of io.vertx.ext.auth.oauth2.OAuth2Options in project vertx-web by vert-x3.

the class WebClientSessionOauth2Test method testWithAuthenticationWithoutSessionExpiredFailsRefreshForceReauthentication.

@Test
public void testWithAuthenticationWithoutSessionExpiredFailsRefreshForceReauthentication() throws Exception {
    final CountDownLatch latch = new CountDownLatch(1);
    // variation
    final AtomicInteger counter = new AtomicInteger(0);
    server = vertx.createHttpServer().requestHandler(req -> {
        if (req.method() == HttpMethod.POST && "/oauth/token".equals(req.path())) {
            if (counter.incrementAndGet() == 4) {
                fail("Should only request a token 3 times");
            } else {
                assertEquals("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=", req.getHeader("Authorization"));
                if (counter.get() == 2) {
                    // fake a bad refresh response
                    req.response().setStatusCode(401).end();
                } else {
                    req.response().putHeader("Content-Type", "application/json").end(fixtureExpires.copy().put("calls", counter).encode());
                }
            }
        } else if (req.method() == HttpMethod.GET && "/protected/path".equals(req.path())) {
            assertEquals("Bearer " + fixtureExpires.getString("access_token"), req.getHeader("Authorization"));
            req.response().end();
        } else {
            req.response().setStatusCode(400).end();
        }
    }).listen(8080, ready -> {
        if (ready.failed()) {
            throw new RuntimeException(ready.cause());
        }
        // ready
        latch.countDown();
    });
    awaitLatch(latch);
    OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options().setFlow(OAuth2FlowType.CLIENT).setClientId("client-id").setClientSecret("client-secret").setSite("http://localhost:8080"));
    OAuth2WebClient oauth2WebClient = OAuth2WebClient.create(webClient, oauth2);
    final CountDownLatch latchClient1 = new CountDownLatch(1);
    oauth2WebClient.withCredentials(oauthConfig);
    oauth2WebClient.get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient1.countDown();
        }
    });
    // sleep so the user expires
    Thread.sleep(2000L);
    awaitLatch(latchClient1);
    final CountDownLatch latchClient2 = new CountDownLatch(1);
    // again, but this time we should not get a token
    oauth2WebClient.get(8080, "localhost", "/protected/path").send(result -> {
        if (result.failed()) {
            fail(result.cause());
        } else {
            assertEquals(200, result.result().statusCode());
            latchClient2.countDown();
        }
    });
    awaitLatch(latchClient2);
}
Also used : Oauth2Credentials(io.vertx.ext.auth.oauth2.Oauth2Credentials) Future.succeededFuture(io.vertx.core.Future.succeededFuture) AUTHORIZATION(io.vertx.core.http.HttpHeaders.AUTHORIZATION) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) Test(org.junit.Test) Future.failedFuture(io.vertx.core.Future.failedFuture) OAuth2FlowType(io.vertx.ext.auth.oauth2.OAuth2FlowType) Future(io.vertx.core.Future) Supplier(java.util.function.Supplier) TimeUnit(java.util.concurrent.TimeUnit) CountDownLatch(java.util.concurrent.CountDownLatch) Buffer(io.vertx.core.buffer.Buffer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HttpMethod(io.vertx.core.http.HttpMethod) JsonObject(io.vertx.core.json.JsonObject) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) CountDownLatch(java.util.concurrent.CountDownLatch) OAuth2Auth(io.vertx.ext.auth.oauth2.OAuth2Auth) OAuth2Options(io.vertx.ext.auth.oauth2.OAuth2Options) Test(org.junit.Test)

Aggregations

OAuth2Options (io.vertx.ext.auth.oauth2.OAuth2Options)22 OAuth2Auth (io.vertx.ext.auth.oauth2.OAuth2Auth)21 Test (org.junit.Test)19 JsonObject (io.vertx.core.json.JsonObject)18 OAuth2FlowType (io.vertx.ext.auth.oauth2.OAuth2FlowType)17 CountDownLatch (java.util.concurrent.CountDownLatch)17 HttpMethod (io.vertx.core.http.HttpMethod)16 JWTOptions (io.vertx.ext.auth.JWTOptions)10 Future (io.vertx.core.Future)9 Buffer (io.vertx.core.buffer.Buffer)9 PubSecKeyOptions (io.vertx.ext.auth.PubSecKeyOptions)9 JWK (io.vertx.ext.auth.impl.jose.JWK)9 JWT (io.vertx.ext.auth.impl.jose.JWT)9 SessionStore (io.vertx.ext.web.sstore.SessionStore)9 Future.failedFuture (io.vertx.core.Future.failedFuture)8 Future.succeededFuture (io.vertx.core.Future.succeededFuture)8 AUTHORIZATION (io.vertx.core.http.HttpHeaders.AUTHORIZATION)8 HttpServer (io.vertx.core.http.HttpServer)8 Oauth2Credentials (io.vertx.ext.auth.oauth2.Oauth2Credentials)8 Router (io.vertx.ext.web.Router)8