Example 11 with AccessToken
use of org.apereo.cas.ticket.accesstoken.AccessToken in project cas by apereo.
the class OAuth20AuthorizeControllerTests method verifyTokenRedirectToClientApproved.
@Test
public void verifyTokenRedirectToClientApproved() throws Exception {
clearAllServices();
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.AUTHORIZE_URL);
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.RESPONSE_TYPE, OAuth20ResponseTypes.TOKEN.name().toLowerCase());
mockRequest.setServerName(CAS_SERVER);
mockRequest.setServerPort(CAS_PORT);
mockRequest.setScheme(CAS_SCHEME);
mockRequest.setParameter(OAuthConstants.BYPASS_APPROVAL_PROMPT, "true");
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
final OAuthRegisteredService service = getRegisteredService(REDIRECT_URI, SERVICE_NAME);
service.setBypassApprovalPrompt(false);
oAuth20AuthorizeEndpointController.getServicesManager().save(service);
final CasProfile profile = new CasProfile();
profile.setId(ID);
final Map<String, Object> attributes = new HashMap<>();
attributes.put(FIRST_NAME_ATTRIBUTE, FIRST_NAME);
attributes.put(LAST_NAME_ATTRIBUTE, LAST_NAME);
profile.addAttributes(attributes);
final MockHttpSession session = new MockHttpSession();
mockRequest.setSession(session);
session.putValue(Pac4jConstants.USER_PROFILES, profile);
final ModelAndView modelAndView = oAuth20AuthorizeEndpointController.handleRequestInternal(mockRequest, mockResponse);
final View view = modelAndView.getView();
assertTrue(view instanceof RedirectView);
final RedirectView redirectView = (RedirectView) view;
final String redirectUrl = redirectView.getUrl();
assertTrue(redirectUrl.startsWith(REDIRECT_URI + "#access_token="));
final String code = StringUtils.substringBetween(redirectUrl, "#access_token=", "&token_type=bearer");
final AccessToken accessToken = (AccessToken) oAuth20AuthorizeEndpointController.getTicketRegistry().getTicket(code);
assertNotNull(accessToken);
final Principal principal = accessToken.getAuthentication().getPrincipal();
assertEquals(ID, principal.getId());
final Map<String, Object> principalAttributes = principal.getAttributes();
assertEquals(attributes.size(), principalAttributes.size());
assertEquals(FIRST_NAME, principalAttributes.get(FIRST_NAME_ATTRIBUTE));
}
Also used :
CasProfile(org.pac4j.cas.profile.CasProfile)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService)
ModelAndView(org.springframework.web.servlet.ModelAndView)
RedirectView(org.springframework.web.servlet.view.RedirectView)
ModelAndView(org.springframework.web.servlet.ModelAndView)
View(org.springframework.web.servlet.View)
AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken)
RedirectView(org.springframework.web.servlet.view.RedirectView)
MockHttpSession(org.springframework.mock.web.MockHttpSession)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Principal(org.apereo.cas.authentication.principal.Principal)
Test(org.junit.Test)
Example 12 with AccessToken
use of org.apereo.cas.ticket.accesstoken.AccessToken in project cas by apereo.
the class OAuth20AuthorizeEndpointController method buildCallbackUrlForImplicitTokenResponseType.
private String buildCallbackUrlForImplicitTokenResponseType(final J2EContext context, final Authentication authentication, final Service service, final String redirectUri) throws Exception {
final AccessToken accessToken = generateAccessToken(service, authentication, context);
LOGGER.debug("Generated OAuth access token: [{}]", accessToken);
return buildCallbackUrlResponseType(authentication, service, redirectUri, accessToken, Collections.emptyList());
}
Also used :
AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken)
Aggregations
AccessToken (org.apereo.cas.ticket.accesstoken.AccessToken)12
Principal (org.apereo.cas.authentication.principal.Principal)6
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)6
OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)5
HashMap (java.util.HashMap)3
Test (org.junit.Test)3
CasProfile (org.pac4j.cas.profile.CasProfile)3
Authentication (org.apereo.cas.authentication.Authentication)2
OidcRegisteredService (org.apereo.cas.services.OidcRegisteredService)2
OAuth20ResponseTypes (org.apereo.cas.support.oauth.OAuth20ResponseTypes)2
RefreshToken (org.apereo.cas.ticket.refreshtoken.RefreshToken)2
J2EContext (org.pac4j.core.context.J2EContext)2
ProfileManager (org.pac4j.core.profile.ProfileManager)2
UserProfile (org.pac4j.core.profile.UserProfile)2
MockHttpSession (org.springframework.mock.web.MockHttpSession)2
ModelAndView (org.springframework.web.servlet.ModelAndView)2
View (org.springframework.web.servlet.View)2
RedirectView (org.springframework.web.servlet.view.RedirectView)2
ArrayList (java.util.ArrayList)1
