Search in sources :

Example 1 with AccessTokenRegistration

use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.

the class JCacheOAuthDataProviderTest method testAddGetDeleteAccessToken.

@Ignore
@Test
public void testAddGetDeleteAccessToken() {
    Client c = addClient("101", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Collections.singletonList("a"));
    atr.setSubject(c.getResourceOwnerSubject());
    ServerAccessToken at = provider.createAccessToken(atr);
    ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
    assertEquals(at.getTokenKey(), at2.getTokenKey());
    List<OAuthPermission> scopes = at2.getScopes();
    assertNotNull(scopes);
    assertEquals(1, scopes.size());
    OAuthPermission perm = scopes.get(0);
    assertEquals("a", perm.getPermission());
    List<ServerAccessToken> tokens = provider.getAccessTokens(c, c.getResourceOwnerSubject());
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    tokens = provider.getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    tokens = provider.getAccessTokens(null, c.getResourceOwnerSubject());
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    tokens = provider.getAccessTokens(null, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey());
    provider.revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
    assertNull(provider.getAccessToken(at.getTokenKey()));
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 2 with AccessTokenRegistration

use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.

the class JCacheOAuthDataProviderTest method testAddGetDeleteAccessToken2.

@Ignore
@Test
public void testAddGetDeleteAccessToken2() {
    Client c = addClient("102", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Collections.singletonList("a"));
    atr.setSubject(c.getResourceOwnerSubject());
    provider.createAccessToken(atr);
    List<ServerAccessToken> tokens = provider.getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    provider.removeClient(c.getClientId());
    tokens = provider.getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(0, tokens.size());
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 3 with AccessTokenRegistration

use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.

the class JCacheOAuthDataProviderTest method testAddGetDeleteRefreshToken.

@Ignore
@Test
public void testAddGetDeleteRefreshToken() {
    Client c = addClient("101", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Arrays.asList("a", "refreshToken"));
    atr.setSubject(c.getResourceOwnerSubject());
    ServerAccessToken at = provider.createAccessToken(atr);
    ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
    assertEquals(at.getTokenKey(), at2.getTokenKey());
    List<OAuthPermission> scopes = at2.getScopes();
    assertNotNull(scopes);
    assertEquals(2, scopes.size());
    OAuthPermission perm = scopes.get(0);
    assertEquals("a", perm.getPermission());
    OAuthPermission perm2 = scopes.get(1);
    assertEquals("refreshToken", perm2.getPermission());
    RefreshToken rt = provider.getRefreshToken(at2.getRefreshToken());
    assertNotNull(rt);
    assertEquals(at2.getTokenKey(), rt.getAccessTokens().get(0));
    List<RefreshToken> tokens = provider.getRefreshTokens(c, c.getResourceOwnerSubject());
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    assertEquals(rt.getTokenKey(), tokens.get(0).getTokenKey());
    provider.revokeToken(c, rt.getTokenKey(), OAuthConstants.REFRESH_TOKEN);
    assertNull(provider.getRefreshToken(rt.getTokenKey()));
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth2.common.OAuthPermission) ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) RefreshToken(org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 4 with AccessTokenRegistration

use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.

the class JPAOAuthDataProviderTest method testAddGetDeleteAccessToken2.

@Test
public void testAddGetDeleteAccessToken2() {
    Client c = addClient("102", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Collections.singletonList("a"));
    atr.setSubject(c.getResourceOwnerSubject());
    getProvider().createAccessToken(atr);
    List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    getProvider().removeClient(c.getClientId());
    tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(0, tokens.size());
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Example 5 with AccessTokenRegistration

use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.

the class AbstractOAuthDataProviderTest method testAddGetDeleteAccessToken2.

@Test
public void testAddGetDeleteAccessToken2() {
    Client c = addClient("102", "bob");
    AccessTokenRegistration atr = new AccessTokenRegistration();
    atr.setClient(c);
    atr.setApprovedScope(Collections.singletonList("a"));
    atr.setSubject(c.getResourceOwnerSubject());
    getProvider().createAccessToken(atr);
    List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(1, tokens.size());
    validateAccessToken(tokens.get(0));
    getProvider().removeClient(c.getClientId());
    tokens = getProvider().getAccessTokens(c, null);
    assertNotNull(tokens);
    assertEquals(0, tokens.size());
}
Also used : ServerAccessToken(org.apache.cxf.rs.security.oauth2.common.ServerAccessToken) Client(org.apache.cxf.rs.security.oauth2.common.Client) AccessTokenRegistration(org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration) Test(org.junit.Test)

Aggregations

ServerAccessToken (org.apache.cxf.rs.security.oauth2.common.ServerAccessToken)27 AccessTokenRegistration (org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration)26 Test (org.junit.Test)19 Client (org.apache.cxf.rs.security.oauth2.common.Client)17 OAuthPermission (org.apache.cxf.rs.security.oauth2.common.OAuthPermission)8 BearerAccessToken (org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken)5 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)4 RefreshToken (org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken)4 Ignore (org.junit.Ignore)4 ByteArrayInputStream (java.io.ByteArrayInputStream)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 PrivateKey (java.security.PrivateKey)2 PublicKey (java.security.PublicKey)2 JSONProvider (org.apache.cxf.jaxrs.provider.json.JSONProvider)2 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)2 SecretKey (javax.crypto.SecretKey)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1