use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method internalVerifyClientOK.
private void internalVerifyClientOK(final RegisteredService service, final boolean basicAuth, final boolean refreshToken, final boolean json) throws Exception {
final Principal principal = createPrincipal();
final OAuthCode code = addCode(principal, service);
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
if (basicAuth) {
final String auth = CLIENT_ID + ':' + CLIENT_SECRET;
final String value = Base64.encodeBase64String(auth.getBytes(StandardCharsets.UTF_8));
mockRequest.addHeader(HttpConstants.AUTHORIZATION_HEADER, HttpConstants.BASIC_HEADER_PREFIX + value);
} else {
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
}
mockRequest.setParameter(OAuthConstants.CODE, code.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertNull(oAuth20AccessTokenController.getTicketRegistry().getTicket(code.getId()));
assertEquals(HttpStatus.SC_OK, mockResponse.getStatus());
final String body = mockResponse.getContentAsString();
final String accessTokenId;
if (json) {
assertEquals(MediaType.APPLICATION_JSON_VALUE, mockResponse.getContentType());
assertTrue(body.contains('"' + OAuthConstants.ACCESS_TOKEN + "\":\"AT-"));
if (refreshToken) {
assertTrue(body.contains('"' + OAuthConstants.REFRESH_TOKEN + "\":\"RT-"));
}
assertTrue(body.contains('"' + OAuthConstants.EXPIRES_IN + "\":7"));
accessTokenId = StringUtils.substringBetween(body, OAuthConstants.ACCESS_TOKEN + "\":\"", "\",\"");
} else {
assertEquals(MediaType.TEXT_PLAIN_VALUE, mockResponse.getContentType());
assertTrue(body.contains(OAuthConstants.ACCESS_TOKEN + "=AT-"));
if (refreshToken) {
assertTrue(body.contains(OAuthConstants.REFRESH_TOKEN + "=RT-"));
}
assertTrue(body.contains(OAuthConstants.EXPIRES_IN + '='));
accessTokenId = StringUtils.substringBetween(body, OAuthConstants.ACCESS_TOKEN + '=', "&");
}
final AccessToken accessToken = oAuth20AccessTokenController.getTicketRegistry().getTicket(accessTokenId, AccessToken.class);
assertEquals(principal, accessToken.getAuthentication().getPrincipal());
final int timeLeft = getTimeLeft(body, refreshToken, json);
assertTrue(timeLeft >= TIMEOUT - 10 - DELTA);
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method verifyClientBadAuthorizationCode.
@Test
public void verifyClientBadAuthorizationCode() throws Exception {
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
mockRequest.setParameter(OAuthConstants.GRANT_TYPE, "badValue");
final Principal principal = createPrincipal();
final RegisteredService service = addRegisteredService();
final OAuthCode code = addCode(principal, service);
mockRequest.setParameter(OAuthConstants.CODE, code.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method verifyClientNoClientId.
@Test
public void verifyClientNoClientId() throws Exception {
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
final Principal principal = createPrincipal();
final RegisteredService service = addRegisteredService();
final OAuthCode code = addCode(principal, service);
mockRequest.setParameter(OAuthConstants.CODE, code.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertEquals(HttpStatus.SC_UNAUTHORIZED, mockResponse.getStatus());
assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method verifyClientNoRedirectUri.
@Test
public void verifyClientNoRedirectUri() throws Exception {
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
final Principal principal = createPrincipal();
final RegisteredService service = addRegisteredService();
final OAuthCode code = addCode(principal, service);
mockRequest.setParameter(OAuthConstants.CODE, code.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method verifyClientExpiredCode.
@Test
public void verifyClientExpiredCode() throws Exception {
final RegisteredService registeredService = getRegisteredService(REDIRECT_URI, CLIENT_SECRET);
servicesManager.save(registeredService);
final Map<String, Object> map = new HashMap<>();
map.put(NAME, VALUE);
final List<String> list = Arrays.asList(VALUE, VALUE);
map.put(NAME2, list);
final Principal principal = CoreAuthenticationTestUtils.getPrincipal(ID, map);
final Authentication authentication = getAuthentication(principal);
final DefaultOAuthCodeFactory expiringOAuthCodeFactory = new DefaultOAuthCodeFactory(new AlwaysExpiresExpirationPolicy());
final WebApplicationServiceFactory factory = new WebApplicationServiceFactory();
final Service service = factory.createService(registeredService.getServiceId());
final OAuthCode code = expiringOAuthCodeFactory.create(service, authentication);
oAuth20AccessTokenController.getTicketRegistry().addTicket(code);
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
mockRequest.setParameter(OAuthConstants.CODE, code.getId());
mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
servicesManager.save(getRegisteredService(REDIRECT_URI, CLIENT_SECRET));
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_GRANT, mockResponse.getContentAsString());
}
Aggregations