use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.
the class ApprovalServiceTest method ensureRequiredApprovals_throwsWhenApprovalsMissing.
@Test
public void ensureRequiredApprovals_throwsWhenApprovalsMissing() {
expectedException.expect(InvalidTokenException.class);
expectedException.expectMessage("requested scopes are not approved");
long approvalExpiry = 10L;
Approval approval = new Approval();
approval.setScope("bar.read");
approval.setStatus(Approval.ApprovalStatus.APPROVED);
approval.setExpiresAt(new Date(approvalExpiry));
when(timeService.getCurrentTimeMillis()).thenReturn(approvalExpiry - 5L);
when(timeService.getCurrentDate()).thenCallRealMethod();
List<Approval> approvals = Lists.newArrayList(approval);
when(approvalStore.getApprovals(eq(USER_ID), eq(CLIENT_ID), anyString())).thenReturn(approvals);
approvalService.ensureRequiredApprovals(USER_ID, Lists.newArrayList("foo.read"), GRANT_TYPE_AUTHORIZATION_CODE, clientDetails);
}
use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.
the class ApprovalServiceTest method ensureRequiredApprovals_happyCase.
@Test
public void ensureRequiredApprovals_happyCase() {
long approvalExpiry = 10L;
Approval approval = new Approval();
approval.setScope("foo.read");
approval.setStatus(Approval.ApprovalStatus.APPROVED);
approval.setExpiresAt(new Date(approvalExpiry));
when(timeService.getCurrentTimeMillis()).thenReturn(approvalExpiry - 1L);
when(timeService.getCurrentDate()).thenCallRealMethod();
List<Approval> approvals = Lists.newArrayList(approval);
when(approvalStore.getApprovals(eq(USER_ID), eq(CLIENT_ID), anyString())).thenReturn(approvals);
approvalService.ensureRequiredApprovals(USER_ID, Lists.newArrayList("foo.read"), GRANT_TYPE_AUTHORIZATION_CODE, clientDetails);
}
use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.
the class ApprovalServiceTest method ensureRequiredApprovals_iteratesThroughAllApprovalsAndScopes.
@Test
public void ensureRequiredApprovals_iteratesThroughAllApprovalsAndScopes() {
long approvalExpiry = 10L;
Approval approval1 = new Approval();
approval1.setScope("foo.read");
approval1.setStatus(Approval.ApprovalStatus.APPROVED);
approval1.setExpiresAt(new Date(approvalExpiry));
Approval approval2 = new Approval();
approval2.setScope("bar.read");
approval2.setStatus(Approval.ApprovalStatus.APPROVED);
approval2.setExpiresAt(new Date(approvalExpiry));
Approval approval3 = new Approval();
approval3.setScope("baz.read");
approval3.setStatus(Approval.ApprovalStatus.APPROVED);
approval3.setExpiresAt(new Date(approvalExpiry));
when(timeService.getCurrentTimeMillis()).thenReturn(approvalExpiry - 1L);
when(timeService.getCurrentDate()).thenCallRealMethod();
List<Approval> approvals = Lists.newArrayList(approval1, approval2, approval3);
when(approvalStore.getApprovals(eq(USER_ID), eq(CLIENT_ID), anyString())).thenReturn(approvals);
approvalService.ensureRequiredApprovals(USER_ID, Lists.newArrayList("foo.read", "bar.read"), GRANT_TYPE_AUTHORIZATION_CODE, clientDetails);
}
use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.
the class CheckTokenEndpointTests method testDeniedApprovals.
@Test(expected = InvalidTokenException.class)
public void testDeniedApprovals() throws Exception {
OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);
Date oneSecondAgo = new Date(nowMillis - 1000);
Date thirtySecondsAhead = new Date(nowMillis + 30000);
approvalStore.revokeApproval(new Approval().setUserId(userId).setClientId("client").setScope("read").setExpiresAt(thirtySecondsAhead).setStatus(ApprovalStatus.APPROVED).setLastUpdatedAt(oneSecondAgo), IdentityZoneHolder.get().getId());
approvalStore.addApproval(new Approval().setUserId(userId).setClientId("client").setScope("read").setExpiresAt(thirtySecondsAhead).setStatus(ApprovalStatus.DENIED).setLastUpdatedAt(oneSecondAgo), IdentityZoneHolder.get().getId());
Claims result = endpoint.checkToken(accessToken.getValue(), Collections.emptyList(), request);
assertNull(result.getAuthorities());
}
use of org.cloudfoundry.identity.uaa.approval.Approval in project uaa by cloudfoundry.
the class CheckTokenEndpointTests method testExpiredApprovals.
@Test(expected = InvalidTokenException.class)
public void testExpiredApprovals() throws Exception {
OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);
approvalStore.revokeApproval(new Approval().setUserId(userId).setClientId("client").setScope("read").setExpiresAt(new Date(nowMillis)).setStatus(ApprovalStatus.APPROVED), IdentityZoneHolder.get().getId());
approvalStore.addApproval(new Approval().setUserId(userId).setClientId("client").setScope("read").setExpiresAt(new Date(nowMillis)).setStatus(ApprovalStatus.APPROVED), IdentityZoneHolder.get().getId());
Claims result = endpoint.checkToken(accessToken.getValue(), Collections.emptyList(), request);
assertNull(result.getAuthorities());
}
Aggregations