Search in sources :

Example 16 with OAuthCode

use of org.apereo.cas.ticket.code.OAuthCode in project cas by apereo.

the class OAuth20AccessTokenControllerTests method verifyClientWrongSecret.

@Test
public void verifyClientWrongSecret() throws Exception {
    final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
    mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
    mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI);
    mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, WRONG_CLIENT_SECRET);
    mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.AUTHORIZATION_CODE.name().toLowerCase());
    final Principal principal = createPrincipal();
    final RegisteredService service = addRegisteredService();
    final OAuthCode code = addCode(principal, service);
    mockRequest.setParameter(OAuthConstants.CODE, code.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
    oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
    assertEquals(HttpStatus.SC_UNAUTHORIZED, mockResponse.getStatus());
    assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_REQUEST, mockResponse.getContentAsString());
}
Also used : OAuthRegisteredService(org.apereo.cas.support.oauth.services.OAuthRegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuthCode(org.apereo.cas.ticket.code.OAuthCode) Principal(org.apereo.cas.authentication.principal.Principal) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

OAuthCode (org.apereo.cas.ticket.code.OAuthCode)16 Principal (org.apereo.cas.authentication.principal.Principal)13 OAuthRegisteredService (org.apereo.cas.support.oauth.services.OAuthRegisteredService)13 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)13 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)13 Test (org.junit.Test)12 RegisteredService (org.apereo.cas.services.RegisteredService)10 HashMap (java.util.HashMap)4 CasProfile (org.pac4j.cas.profile.CasProfile)3 MockHttpSession (org.springframework.mock.web.MockHttpSession)3 ModelAndView (org.springframework.web.servlet.ModelAndView)3 View (org.springframework.web.servlet.View)3 RedirectView (org.springframework.web.servlet.view.RedirectView)3 Authentication (org.apereo.cas.authentication.Authentication)2 Service (org.apereo.cas.authentication.principal.Service)2 WebApplicationServiceFactory (org.apereo.cas.authentication.principal.WebApplicationServiceFactory)2 OAuthToken (org.apereo.cas.ticket.OAuthToken)1 AccessToken (org.apereo.cas.ticket.accesstoken.AccessToken)1 DefaultOAuthCodeFactory (org.apereo.cas.ticket.code.DefaultOAuthCodeFactory)1 RefreshToken (org.apereo.cas.ticket.refreshtoken.RefreshToken)1