use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method createClient.
private BaseClientDetails createClient(List<String> authorities) throws Exception {
String clientId = generator.generate().toLowerCase();
List<String> scopes = Arrays.asList("foo", "bar", "oauth.approvals");
ClientDetailsModification client = createBaseClient(clientId, SECRET, Collections.singleton("client_credentials"), authorities, scopes);
MockHttpServletRequestBuilder createClientPost = post("/oauth/clients").header("Authorization", "Bearer " + adminUserToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(client));
ResultActions createResult = mockMvc.perform(createClientPost).andExpect(status().isCreated());
return JsonUtils.readValue(createResult.andReturn().getResponse().getContentAsString(), BaseClientDetails.class);
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method testCreateAsReadPermissions.
@Test
void testCreateAsReadPermissions() throws Exception {
ClientDetails adminsClient = createReadWriteClient(adminToken);
// create clients
ClientDetailsModification[] clients = createBaseClients(1, SECRET, Arrays.asList("client_credentials", "refresh_token"));
for (ClientDetailsModification c : clients) {
c.setScope(Collections.singletonList("oauth.approvals"));
c.setAction(ClientDetailsModification.ADD);
}
String token = testClient.getClientCredentialsOAuthAccessToken(adminsClient.getClientId(), "secret", "clients.read");
MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients").header("Authorization", "Bearer " + token).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients[0]));
ResultActions result = mockMvc.perform(modifyClientsPost);
result.andExpect(status().isForbidden());
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method createBaseClient.
private ClientDetailsModification createBaseClient(String id, String clientSecret, Collection<String> grantTypes, List<String> authorities, List<String> scopes) {
if (id == null) {
id = new RandomValueStringGenerator().generate();
}
if (grantTypes == null) {
grantTypes = Collections.singleton("client_credentials");
}
ClientDetailsModification client = new ClientDetailsModification();
client.setClientId(id);
client.setScope(scopes);
client.setAuthorizedGrantTypes(grantTypes);
if (authorities != null) {
client.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList(String.join(",", authorities)));
}
client.setClientSecret(clientSecret);
Map<String, Object> additionalInformation = new HashMap<>();
additionalInformation.put("foo", "bar");
additionalInformation.put("name", "Client " + id);
client.setAdditionalInformation(additionalInformation);
client.setRegisteredRedirectUri(Collections.singleton("http://some.redirect.url.com"));
return client;
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method testSecretChangeTxApprovalsNotDeleted.
@Test
void testSecretChangeTxApprovalsNotDeleted() throws Exception {
int count = 3;
// create clients
ClientDetailsModification[] clients = createBaseClients(count, SECRET, Arrays.asList("client_credentials", "password"));
for (ClientDetailsModification c : clients) {
c.setAction(ClientDetailsModification.ADD);
}
MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(clients));
ResultActions result = mockMvc.perform(modifyClientsPost);
result.andExpect(status().isOk());
// add approvals to the client
for (ClientDetailsModification c : clients) {
String userToken = testClient.getUserOAuthAccessToken(c.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
addApprovals(userToken, c.getClientId());
}
// verify approvals to the client
for (ClientDetailsModification c : clients) {
String userToken = testClient.getUserOAuthAccessToken(c.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
assertEquals(3, getApprovals(c.getClientId()).length);
}
// change the secret, and we know the old secret
SecretChangeRequest[] srs = new SecretChangeRequest[clients.length];
for (int i = 0; i < srs.length; i++) {
srs[i] = new SecretChangeRequest();
srs[i].setClientId(clients[i].getClientId());
srs[i].setOldSecret(clients[i].getClientSecret());
srs[i].setSecret("secret2");
}
modifyClientsPost = post("/oauth/clients/tx/secret").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(srs));
result = mockMvc.perform(modifyClientsPost);
result.andExpect(status().isOk());
clients = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
// check that we still have approvals for each client
ClientDetails approvalsClient = createApprovalsLoginClient(adminToken);
for (ClientDetailsModification c : clients) {
String loginToken = testClient.getUserOAuthAccessToken(approvalsClient.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
assertEquals(3, getApprovals(c.getClientId()).length);
assertFalse(c.isApprovalsDeleted());
}
}
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method testAddUpdateDeleteClientsTxSuccess.
@Test
void testAddUpdateDeleteClientsTxSuccess() throws Exception {
int count = 5;
ClientDetailsModification[] details = new ClientDetailsModification[count * 3];
for (int i = 0; i < count; i++) {
details[i] = (ClientDetailsModification) createClient(adminToken, null, SECRET, null);
details[i].setRefreshTokenValiditySeconds(120);
details[i].setAction(ClientDetailsModification.UPDATE);
}
for (int i = count; i < (count * 2); i++) {
details[i] = (ClientDetailsModification) createClient(adminToken, null, SECRET, null);
details[i].setAction(ClientDetailsModification.DELETE);
}
for (int i = (count * 2); i < (count * 3); i++) {
details[i] = createBaseClient(null, SECRET, null);
details[i].setAction(ClientDetailsModification.ADD);
}
MockHttpServletRequestBuilder modifyClientsPost = post("/oauth/clients/tx/modify").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(details));
ResultActions result = mockMvc.perform(modifyClientsPost);
result.andExpect(status().isOk());
for (int i = 0; i < count; i++) {
ClientDetails c = getClient(details[i].getClientId());
assertNotNull(c);
assertEquals(Integer.valueOf(120), c.getRefreshTokenValiditySeconds());
}
for (int i = count; i < (count * 2); i++) {
ClientDetails c = getClient(details[i].getClientId());
assertNull(c);
}
for (int i = (count * 2); i < (count * 3); i++) {
ClientDetails c = getClient(details[i].getClientId());
assertNotNull(c);
assertNull(c.getRefreshTokenValiditySeconds());
}
verify(mockApplicationEventPublisher, times(count * 5)).publishEvent(abstractUaaEventCaptor.capture());
int index = 0;
for (AbstractUaaEvent event : abstractUaaEventCaptor.getAllValues()) {
int swit = index / count;
switch(swit) {
case 0:
case 1:
case 4:
{
// 1-10 and 21-25 events are create
assertEquals(AuditEventType.ClientCreateSuccess, event.getAuditEvent().getType());
assertEquals(ClientCreateEvent.class, event.getClass());
assertEquals(details[index < 10 ? index : (index - count * 2)].getClientId(), event.getAuditEvent().getPrincipalId());
break;
}
case 2:
{
// the 11-15 events are update
assertEquals(AuditEventType.ClientUpdateSuccess, event.getAuditEvent().getType());
assertEquals(ClientUpdateEvent.class, event.getClass());
assertEquals(details[index - (count * 2)].getClientId(), event.getAuditEvent().getPrincipalId());
break;
}
case 3:
{
// the 16-20 events are deletes
assertEquals(AuditEventType.ClientDeleteSuccess, event.getAuditEvent().getType());
assertEquals(ClientDeleteEvent.class, event.getClass());
assertEquals(details[index - count * 2].getClientId(), event.getAuditEvent().getPrincipalId());
break;
}
}
index++;
}
}
Aggregations