use of org.apereo.cas.ticket.refreshtoken.RefreshToken in project cas by apereo.
the class OAuth20AccessTokenControllerTests method verifyRefreshTokenExpiredToken.
@Test
public void verifyRefreshTokenExpiredToken() throws Exception {
final Principal principal = createPrincipal();
final RegisteredService registeredService = addRegisteredService();
final Authentication authentication = getAuthentication(principal);
final WebApplicationServiceFactory factory = new WebApplicationServiceFactory();
final Service service = factory.createService(registeredService.getServiceId());
final DefaultRefreshTokenFactory expiringRefreshTokenFactory = new DefaultRefreshTokenFactory(new AlwaysExpiresExpirationPolicy());
final RefreshToken refreshToken = expiringRefreshTokenFactory.create(service, authentication);
oAuth20AccessTokenController.getTicketRegistry().addTicket(refreshToken);
final MockHttpServletRequest mockRequest = new MockHttpServletRequest(GET, CONTEXT + OAuthConstants.ACCESS_TOKEN_URL);
mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuth20GrantTypes.REFRESH_TOKEN.name().toLowerCase());
mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID);
mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET);
mockRequest.setParameter(OAuthConstants.REFRESH_TOKEN, refreshToken.getId());
final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
requiresAuthenticationInterceptor.preHandle(mockRequest, mockResponse, null);
oAuth20AccessTokenController.handleRequestInternal(mockRequest, mockResponse);
assertEquals(HttpStatus.SC_BAD_REQUEST, mockResponse.getStatus());
assertEquals(ERROR_EQUALS + OAuthConstants.INVALID_GRANT, mockResponse.getContentAsString());
}
Aggregations