Search in sources :

Example 11 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AuthorizeControllerTests method verifyCodeRedirectToClient.

@Test
public void verifyCodeRedirectToClient() throws Exception {
    clearAllServices();
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.AUTHORIZE_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.RESPONSE_TYPE, OAuth20ResponseTypes.CODE.name().toLowerCase());
    mockRequest.setServerName(CAS_SERVER);
    mockRequest.setServerPort(CAS_PORT);
    mockRequest.setScheme(CAS_SCHEME);
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    final OAuthRegisteredService service = getRegisteredService(REDIRECT_URI, SERVICE_NAME);
    service.setBypassApprovalPrompt(true);
    oAuth20AuthorizeEndpointController.getServicesManager().save(service);
    final CasProfile profile = new CasProfile();
    profile.setId(ID);
    final Map<String, Object> attributes = new HashMap<>();
    attributes.put(FIRST_NAME_ATTRIBUTE, FIRST_NAME);
    attributes.put(LAST_NAME_ATTRIBUTE, LAST_NAME);
    profile.addAttributes(attributes);
    final MockHttpSession session = new MockHttpSession();
    session.putValue(Pac4jConstants.USER_PROFILES, profile);
    mockRequest.setSession(session);
    final ModelAndView modelAndView = oAuth20AuthorizeEndpointController.handleRequestInternal(mockRequest, mockResponse);
    final View view = modelAndView.getView();
    assertTrue(view instanceof RedirectView);
    final RedirectView redirectView = (RedirectView) view;
    final String redirectUrl = redirectView.getUrl();
    assertTrue(redirectUrl.startsWith(REDIRECT_URI + "?code=OC-"));
    final String code = StringUtils.substringAfter(redirectUrl, "?code=");
    final OAuthCode oAuthCode = (OAuthCode) oAuth20AuthorizeEndpointController.getTicketRegistry().getTicket(code);
    assertNotNull(oAuthCode);
    final Principal principal = oAuthCode.getAuthentication().getPrincipal();
    assertEquals(ID, principal.getId());
    final Map<String, Object> principalAttributes = principal.getAttributes();
    assertEquals(attributes.size(), principalAttributes.size());
    assertEquals(FIRST_NAME, principalAttributes.get(FIRST_NAME_ATTRIBUTE));
}
Also used : CasProfile(org.pac4j.cas.profile.CasProfile) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) ModelAndView(org.springframework.web.servlet.ModelAndView) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) RedirectView(org.springframework.web.servlet.view.RedirectView) ModelAndView(org.springframework.web.servlet.ModelAndView) View(org.springframework.web.servlet.View) RedirectView(org.springframework.web.servlet.view.RedirectView) MockHttpSession(org.springframework.mock.web.MockHttpSession) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Principal(org.apereo.cas.authentication.principal.Principal) Test(org.junit.Test)

Example 12 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method addCode.

private OAuthCode addCode(final Principal principal, final RegisteredService registeredService) {
    final Authentication authentication = getAuthentication(principal);
    final WebApplicationServiceFactory factory = new WebApplicationServiceFactory();
    final Service service = factory.createService(registeredService.getServiceId());
    final OAuthCode code = oAuthCodeFactory.create(service, authentication);
    oAuth20AccessTokenController.getTicketRegistry().addTicket(code);
    return code;
}
Also used : Authentication(org.apereo.cas.authentication.Authentication) WebApplicationServiceFactory(org.apereo.cas.authentication.principal.WebApplicationServiceFactory) OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) Service(org.apereo.cas.authentication.principal.Service) OAuthCode(org.apereo.cas.ticket.code.OAuthCode)

Example 13 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientNoAuthorizationCode.

@Test
public void verifyClientNoAuthorizationCode() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
    final Principal principal = createPrincipal();
    final RegisteredService service = addRegisteredService();
    final OAuthCode code = addCode(principal, service);
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 14 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientRedirectUriDoesNotStartWithServiceId.

@Test
public void verifyClientRedirectUriDoesNotStartWithServiceId() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, OTHER_REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
    mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
    final Principal principal = createPrincipal();
    final RegisteredService service = addRegisteredService();
    final OAuthCode code = addCode(principal, service);
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 15 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenEndpointController method getToken.

/**
     * Return the OAuth token (a code or a refresh token).
     *
     * @param request       the HTTP request
     * @param parameterName the parameter name
     * @return the OAuth token
     */
private OAuthToken getToken(final HttpServletRequest request, final String parameterName) {
    final String codeParameter = request.getParameter(parameterName);
    final OAuthToken token = getTicketRegistry().getTicket(codeParameter, OAuthToken.class);
    // token should not be expired
    if (token == null || token.isExpired()) {
        LOGGER.error("Code or refresh token expired: [{}]", token);
        if (token != null) {
            getTicketRegistry().deleteTicket(token.getId());
        }
        return null;
    }
    if (token instanceof OAuthCode && !(token instanceof RefreshToken)) {
        getTicketRegistry().deleteTicket(token.getId());
    }
    return token;
}
Also used : OAuthToken(org.apereo.cas.ticket.OAuthToken) RefreshToken(org.apereo.cas.ticket.refreshtoken.RefreshToken) OAuthCode(org.apereo.cas.ticket.code.OAuthCode)

Aggregations

OAuthCode (org.apereo.cas.ticket.code.OAuthCode)16 Principal (org.apereo.cas.authentication.principal.Principal)13 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)13 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)13 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)13 Test (org.junit.Test)12 RegisteredService (org.apereo.cas.services.RegisteredService)10 HashMap (java.util.HashMap)4 CasProfile (org.pac4j.cas.profile.CasProfile)3 MockHttpSession (org.springframework.mock.web.MockHttpSession)3 ModelAndView (org.springframework.web.servlet.ModelAndView)3 View (org.springframework.web.servlet.View)3 RedirectView (org.springframework.web.servlet.view.RedirectView)3 Authentication (org.apereo.cas.authentication.Authentication)2 Service (org.apereo.cas.authentication.principal.Service)2 WebApplicationServiceFactory (org.apereo.cas.authentication.principal.WebApplicationServiceFactory)2 OAuthToken (org.apereo.cas.ticket.OAuthToken)1 AccessToken (org.apereo.cas.ticket.accesstoken.AccessToken)1 DefaultOAuthCodeFactory (org.apereo.cas.ticket.code.DefaultOAuthCodeFactory)1 RefreshToken (org.apereo.cas.ticket.refreshtoken.RefreshToken)1