Search in sources :

Example 6 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method internalVerifyClientOK.

private void internalVerifyClientOK(final RegisteredService service, final boolean basicAuth, final boolean refreshToken, final boolean json) throws Exception {
    final Principal principal = createPrincipal();
    final OAuthCode code = addCode(principal, service);
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
    if (basicAuth) {
        final String auth = CLIENT_ID + ':' + CLIENT_SECRET;
        final String value = Base64.encodeBase64String(auth.getBytes(StandardCharsets.UTF_8));
        mockRequest.addHeader(HttpConstants.AUTHORIZATION_HEADER, HttpConstants.BASIC_HEADER_PREFIX + value);
    } else {
        mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
        mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
    }
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertNull(oAuth20AccessTokenController.getTicketRegistry().getTicket(code.getId()));
    assertEquals(HttpStatus.SC_OK, mockResponse.getStatus());
    final String body = mockResponse.getContentAsString();
    final String accessTokenId;
    if (json) {
        assertEquals(MediaType.APPLICATION_JSON_VALUE, mockResponse.getContentType());
        assertTrue(body.contains('"' + OAuthConstants.ACCESS_TOKEN + "\":\"AT-"));
        if (refreshToken) {
            assertTrue(body.contains('"' + OAuthConstants.REFRESH_TOKEN + "\":\"RT-"));
        }
        assertTrue(body.contains('"' + OAuthConstants.EXPIRES_IN + "\":7"));
        accessTokenId = StringUtils.substringBetween(body, OAuthConstants.ACCESS_TOKEN + "\":\"", "\",\"");
    } else {
        assertEquals(MediaType.TEXT_PLAIN_VALUE, mockResponse.getContentType());
        assertTrue(body.contains(OAuthConstants.ACCESS_TOKEN + "=AT-"));
        if (refreshToken) {
            assertTrue(body.contains(OAuthConstants.REFRESH_TOKEN + "=RT-"));
        }
        assertTrue(body.contains(OAuthConstants.EXPIRES_IN + '='));
        accessTokenId = StringUtils.substringBetween(body, OAuthConstants.ACCESS_TOKEN + '=', "&");
    }
    final AccessToken accessToken = oAuth20AccessTokenController.getTicketRegistry().getTicket(accessTokenId, AccessToken.class);
    assertEquals(principal, accessToken.getAuthentication().getPrincipal());
    final int timeLeft = getTimeLeft(body, refreshToken, json);
    assertTrue(timeLeft >= TIMEOUT - 10 - DELTA);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AccessToken(org.apereo.cas.ticket.accesstoken.AccessToken) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)

Example 7 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientBadAuthorizationCode.

@Test
public void verifyClientBadAuthorizationCode() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
    mockRequest.setParameter(OAuthConstants.GRANT_TYPE, "badValue");
    final Principal principal = createPrincipal();
    final RegisteredService service = addRegisteredService();
    final OAuthCode code = addCode(principal, service);
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 8 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientNoClientId.

@Test
public void verifyClientNoClientId() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
    mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
    final Principal principal = createPrincipal();
    final RegisteredService service = addRegisteredService();
    final OAuthCode code = addCode(principal, service);
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_UNAUTHORIZED, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 9 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientNoRedirectUri.

@Test
public void verifyClientNoRedirectUri() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
    mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
    final Principal principal = createPrincipal();
    final RegisteredService service = addRegisteredService();
    final OAuthCode code = addCode(principal, service);
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 10 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientExpiredCode.

@Test
public void verifyClientExpiredCode() throws Exception {
    final RegisteredService registeredService = getRegisteredService(REDIRECT_URI, CLIENT_SECRET);
    servicesManager.save(registeredService);
    final Map<String, Object> map = new HashMap<>();
    map.put(NAME, VALUE);
    final List<String> list = Arrays.asList(VALUE, VALUE);
    map.put(NAME2, list);
    final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
    final Authentication authentication = getAuthentication(principal);
    final DefaultOAuthCodeFactory expiringOAuthCodeFactory = new DefaultOAuthCodeFactory(new AlwaysExpiresExpirationPolicy());
    final WebApplicationServiceFactory factory = new WebApplicationServiceFactory();
    final Service service = factory.createService(registeredService.getServiceId());
    final OAuthCode code = expiringOAuthCodeFactory.create(service, authentication);
    oAuth20AccessTokenController.getTicketRegistry().addTicket(code);
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
    servicesManager.save(getRegisteredService(REDIRECT_URI, CLIENT_SECRET));
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_GRANT, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) AlwaysExpiresExpirationPolicy(org.apereo.cas.ticket.support.AlwaysExpiresExpirationPolicy) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Authentication(org.apereo.cas.authentication.Authentication) WebApplicationServiceFactory(org.apereo.cas.authentication.principal.WebApplicationServiceFactory) DefaultOAuthCodeFactory(org.apereo.cas.ticket.code.DefaultOAuthCodeFactory) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

OAuthCode (org.apereo.cas.ticket.code.OAuthCode)16 Principal (org.apereo.cas.authentication.principal.Principal)13 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)13 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)13 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)13 Test (org.junit.Test)12 RegisteredService (org.apereo.cas.services.RegisteredService)10 HashMap (java.util.HashMap)4 CasProfile (org.pac4j.cas.profile.CasProfile)3 MockHttpSession (org.springframework.mock.web.MockHttpSession)3 ModelAndView (org.springframework.web.servlet.ModelAndView)3 View (org.springframework.web.servlet.View)3 RedirectView (org.springframework.web.servlet.view.RedirectView)3 Authentication (org.apereo.cas.authentication.Authentication)2 Service (org.apereo.cas.authentication.principal.Service)2 WebApplicationServiceFactory (org.apereo.cas.authentication.principal.WebApplicationServiceFactory)2 OAuthToken (org.apereo.cas.ticket.OAuthToken)1 AccessToken (org.apereo.cas.ticket.accesstoken.AccessToken)1 DefaultOAuthCodeFactory (org.apereo.cas.ticket.code.DefaultOAuthCodeFactory)1 RefreshToken (org.apereo.cas.ticket.refreshtoken.RefreshToken)1