use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AuthorizeControllerTests method verifyCodeRedirectToClient.
@Test
public void verifyCodeRedirectToClient() throws Exception {
clearAllServices();
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.AUTHORIZE_URL);
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.RESPONSE_TYPE, OAuth20ResponseTypes.CODE.name().toLowerCase());
mockRequest.setServerName(CAS_SERVER);
mockRequest.setServerPort(CAS_PORT);
mockRequest.setScheme(CAS_SCHEME);
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
final OAuthRegisteredService service = getRegisteredService(REDIRECT_URI, SERVICE_NAME);
service.setBypassApprovalPrompt(true);
oAuth20AuthorizeEndpointController.getServicesManager().save(service);
final CasProfile profile = new CasProfile();
profile.setId(ID);
final Map<String, Object> attributes = new HashMap<>();
attributes.put(FIRST_NAME_ATTRIBUTE, FIRST_NAME);
attributes.put(LAST_NAME_ATTRIBUTE, LAST_NAME);
profile.addAttributes(attributes);
final MockHttpSession session = new MockHttpSession();
session.putValue(Pac4jConstants.USER_PROFILES, profile);
mockRequest.setSession(session);
final ModelAndView modelAndView = oAuth20AuthorizeEndpointController.handleRequestInternal(mockRequest, mockResponse);
final View view = modelAndView.getView();
assertTrue(view instanceof RedirectView);
final RedirectView redirectView = (RedirectView) view;
final String redirectUrl = redirectView.getUrl();
assertTrue(redirectUrl.startsWith(REDIRECT_URI + "?code=OC-"));
final String code = StringUtils.substringAfter(redirectUrl, "?code=");
final OAuthCode oAuthCode = (OAuthCode) oAuth20AuthorizeEndpointController.getTicketRegistry().getTicket(code);
assertNotNull(oAuthCode);
final Principal principal = oAuthCode.getAuthentication().getPrincipal();
assertEquals(ID, principal.getId());
final Map<String, Object> principalAttributes = principal.getAttributes();
assertEquals(attributes.size(), principalAttributes.size());
assertEquals(FIRST_NAME, principalAttributes.get(FIRST_NAME_ATTRIBUTE));
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method addCode.
private OAuthCode addCode(final Principal principal, final RegisteredService registeredService) {
final Authentication authentication = getAuthentication(principal);
final WebApplicationServiceFactory factory = new WebApplicationServiceFactory();
final Service service = factory.createService(registeredService.getServiceId());
final OAuthCode code = oAuthCodeFactory.create(service, authentication);
oAuth20AccessTokenController.getTicketRegistry().addTicket(code);
return code;
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method verifyClientNoAuthorizationCode.
@Test
public void verifyClientNoAuthorizationCode() throws Exception {
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
final Principal principal = createPrincipal();
final RegisteredService service = addRegisteredService();
final OAuthCode code = addCode(principal, service);
mockRequest.setParameter(OAuthConstants.CODE, code.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenControllerTests method verifyClientRedirectUriDoesNotStartWithServiceId.
@Test
public void verifyClientRedirectUriDoesNotStartWithServiceId() throws Exception {
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.REDIRECT_URI, OTHER_REDIRECT_URI);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
final Principal principal = createPrincipal();
final RegisteredService service = addRegisteredService();
final OAuthCode code = addCode(principal, service);
mockRequest.setParameter(OAuthConstants.CODE, code.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.
the class OAuth20AccessTokenEndpointController method getToken.
/**
* Return the OAuth token (a code or a refresh token).
*
* @param request the HTTP request
* @param parameterName the parameter name
* @return the OAuth token
*/
private OAuthToken getToken(final HttpServletRequest request, final String parameterName) {
final String codeParameter = request.getParameter(parameterName);
final OAuthToken token = getTicketRegistry().getTicket(codeParameter, OAuthToken.class);
// token should not be expired
if (token == null || token.isExpired()) {
LOGGER.error("Code or refresh token expired: [{}]", token);
if (token != null) {
getTicketRegistry().deleteTicket(token.getId());
}
return null;
}
if (token instanceof OAuthCode && !(token instanceof RefreshToken)) {
getTicketRegistry().deleteTicket(token.getId());
}
return token;
}
Aggregations