Search in sources :

Example 1 with OAuth20DefaultAccessTokenFactory

use of org.apereo.cas.ticket.accesstoken.OAuth20DefaultAccessTokenFactory in project cas by apereo.

the class OAuth20UserProfileEndpointControllerTests method verifyExpiredAccessToken.

@Test
public void verifyExpiredAccessToken() throws Exception {
    val principal = CoreAuthenticationTestUtils.getPrincipal(ID, new HashMap<>());
    val authentication = getAuthentication(principal);
    val jwtBuilder = new JwtBuilder(new OAuth20JwtAccessTokenCipherExecutor(), servicesManager, new OAuth20RegisteredServiceJwtAccessTokenCipherExecutor());
    val expiringAccessTokenFactory = new OAuth20DefaultAccessTokenFactory(alwaysExpiresExpirationPolicyBuilder(), jwtBuilder, servicesManager);
    val code = addCode(principal, addRegisteredService());
    val accessToken = expiringAccessTokenFactory.create(RegisteredServiceTestUtils.getService(), authentication, new MockTicketGrantingTicket("casuser"), new ArrayList<>(), code.getId(), code.getClientId(), new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
    this.ticketRegistry.addTicket(accessToken);
    val mockRequest = new MockHttpServletRequest(HttpMethod.GET.name(), CONTEXT + OAuth20Constants.PROFILE_URL);
    mockRequest.setParameter(OAuth20Constants.ACCESS_TOKEN, accessToken.getId());
    val mockResponse = new MockHttpServletResponse();
    val entity = oAuth20ProfileController.handleGetRequest(mockRequest, mockResponse);
    assertEquals(HttpStatus.UNAUTHORIZED, entity.getStatusCode());
    assertEquals(MediaType.APPLICATION_JSON_VALUE, mockResponse.getContentType());
    assertNotNull(entity.getBody());
    assertTrue(entity.getBody().toString().contains(OAuth20Constants.EXPIRED_ACCESS_TOKEN));
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) OAuth20JwtAccessTokenCipherExecutor(org.apereo.cas.support.oauth.web.response.accesstoken.response.OAuth20JwtAccessTokenCipherExecutor) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth20RegisteredServiceJwtAccessTokenCipherExecutor(org.apereo.cas.support.oauth.web.response.accesstoken.response.OAuth20RegisteredServiceJwtAccessTokenCipherExecutor) JwtBuilder(org.apereo.cas.token.JwtBuilder) OAuth20DefaultAccessTokenFactory(org.apereo.cas.ticket.accesstoken.OAuth20DefaultAccessTokenFactory) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 2 with OAuth20DefaultAccessTokenFactory

use of org.apereo.cas.ticket.accesstoken.OAuth20DefaultAccessTokenFactory in project cas by apereo.

the class DynamoDbTicketRegistryTests method verifyAccessTokenCanBeAdded.

@RepeatedTest(2)
public void verifyAccessTokenCanBeAdded() throws Exception {
    val code = createOAuthCode();
    val jwtBuilder = new JwtBuilder(CipherExecutor.noOpOfSerializableToString(), servicesManager, RegisteredServiceCipherExecutor.noOp());
    val token = new OAuth20DefaultAccessTokenFactory(neverExpiresExpirationPolicyBuilder(), jwtBuilder, servicesManager).create(RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new MockTicketGrantingTicket("casuser"), CollectionUtils.wrapSet("1", "2"), code.getId(), "clientId1234567", new HashMap<>(), OAuth20ResponseTypes.CODE, OAuth20GrantTypes.AUTHORIZATION_CODE);
    newTicketRegistry.addTicket(token);
    assertSame(1, newTicketRegistry.deleteTicket(token.getId()), "Wrong ticket count");
    assertNull(newTicketRegistry.getTicket(token.getId()));
}
Also used : lombok.val(lombok.val) MockTicketGrantingTicket(org.apereo.cas.mock.MockTicketGrantingTicket) JwtBuilder(org.apereo.cas.token.JwtBuilder) OAuth20DefaultAccessTokenFactory(org.apereo.cas.ticket.accesstoken.OAuth20DefaultAccessTokenFactory) RepeatedTest(org.junit.jupiter.api.RepeatedTest)

Aggregations

lombok.val (lombok.val)2 MockTicketGrantingTicket (org.apereo.cas.mock.MockTicketGrantingTicket)2 OAuth20DefaultAccessTokenFactory (org.apereo.cas.ticket.accesstoken.OAuth20DefaultAccessTokenFactory)2 JwtBuilder (org.apereo.cas.token.JwtBuilder)2 OAuth20JwtAccessTokenCipherExecutor (org.apereo.cas.support.oauth.web.response.accesstoken.response.OAuth20JwtAccessTokenCipherExecutor)1 OAuth20RegisteredServiceJwtAccessTokenCipherExecutor (org.apereo.cas.support.oauth.web.response.accesstoken.response.OAuth20RegisteredServiceJwtAccessTokenCipherExecutor)1 RepeatedTest (org.junit.jupiter.api.RepeatedTest)1 Test (org.junit.jupiter.api.Test)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1