use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class JCacheOAuthDataProviderTest method testAddGetDeleteRefreshToken.
@Ignore
@Test
public void testAddGetDeleteRefreshToken() {
Client c = addClient("101", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(c);
atr.setApprovedScope(Arrays.asList("a", "refreshToken"));
atr.setSubject(c.getResourceOwnerSubject());
ServerAccessToken at = provider.createAccessToken(atr);
ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
assertEquals(at.getTokenKey(), at2.getTokenKey());
List<OAuthPermission> scopes = at2.getScopes();
assertNotNull(scopes);
assertEquals(2, scopes.size());
OAuthPermission perm = scopes.get(0);
assertEquals("a", perm.getPermission());
OAuthPermission perm2 = scopes.get(1);
assertEquals("refreshToken", perm2.getPermission());
RefreshToken rt = provider.getRefreshToken(at2.getRefreshToken());
assertNotNull(rt);
assertEquals(at2.getTokenKey(), rt.getAccessTokens().get(0));
List<RefreshToken> tokens = provider.getRefreshTokens(c, c.getResourceOwnerSubject());
assertNotNull(tokens);
assertEquals(1, tokens.size());
assertEquals(rt.getTokenKey(), tokens.get(0).getTokenKey());
provider.revokeToken(c, rt.getTokenKey(), OAuthConstants.REFRESH_TOKEN);
assertNull(provider.getRefreshToken(rt.getTokenKey()));
}
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class JPAOAuthDataProviderTest method testAddGetDeleteAccessToken2.
@Test
public void testAddGetDeleteAccessToken2() {
Client c = addClient("102", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(c);
atr.setApprovedScope(Collections.singletonList("a"));
atr.setSubject(c.getResourceOwnerSubject());
getProvider().createAccessToken(atr);
List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, null);
assertNotNull(tokens);
assertEquals(1, tokens.size());
getProvider().removeClient(c.getClientId());
tokens = getProvider().getAccessTokens(c, null);
assertNotNull(tokens);
assertEquals(0, tokens.size());
}
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class CryptoUtilsTest method testBearerTokenJSON.
@Test
public void testBearerTokenJSON() throws Exception {
AccessTokenRegistration atr = prepareTokenRegistration();
BearerAccessToken token = p.createAccessTokenInternal(atr);
JSONProvider<BearerAccessToken> jsonp = new JSONProvider<BearerAccessToken>();
jsonp.setMarshallAsJaxbElement(true);
jsonp.setUnmarshallAsJaxbElement(true);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
jsonp.writeTo(token, BearerAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, Object>(), bos);
String encrypted = CryptoUtils.encryptSequence(bos.toString(), p.key);
String decrypted = CryptoUtils.decryptSequence(encrypted, p.key);
ServerAccessToken token2 = jsonp.readFrom(BearerAccessToken.class, BearerAccessToken.class, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MetadataMap<String, String>(), new ByteArrayInputStream(decrypted.getBytes()));
// compare tokens
compareAccessTokens(token, token2);
}
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class CustomGrantHandler method createAccessToken.
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params) throws OAuthServiceException {
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(client);
return dataProvider.createAccessToken(atr);
}
use of org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration in project cxf by apache.
the class JPACMTOAuthDataProviderTest method testRefreshAccessTokenConcurrently.
@Test
public void testRefreshAccessTokenConcurrently() throws Exception {
getProvider().setRecycleRefreshTokens(false);
Client c = addClient("101", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
atr.setClient(c);
atr.setApprovedScope(Arrays.asList("a", "refreshToken"));
atr.setSubject(null);
final ServerAccessToken at = getProvider().createAccessToken(atr);
Runnable task = new Runnable() {
@Override
public void run() {
getProvider().refreshAccessToken(c, at.getRefreshToken(), Collections.emptyList());
}
};
Thread th1 = new Thread(task);
Thread th2 = new Thread(task);
Thread th3 = new Thread(task);
th1.start();
th2.start();
th3.start();
th1.join();
th2.join();
th3.join();
assertNotNull(getProvider().getAccessToken(at.getTokenKey()));
List<RefreshToken> rtl = getProvider().getRefreshTokens(c, null);
assertNotNull(rtl);
assertEquals(1, rtl.size());
List<String> atl = rtl.get(0).getAccessTokens();
assertNotNull(atl);
assertEquals(4, atl.size());
}
Aggregations