Example 16 with ClientDetailsModification
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsTests method setUp.
@BeforeEach
void setUp() {
testZone.setId("testzone");
mockSecurityContextAccessor = Mockito.mock(SecurityContextAccessor.class);
clientDetailsService = Mockito.mock(NoOpClientDetailsResourceManager.class);
when(clientDetailsService.create(any(ClientDetails.class), anyString())).thenCallRealMethod();
clientRegistrationService = Mockito.mock(MultitenantClientServices.class, withSettings().extraInterfaces(SystemDeletable.class));
mockAuthenticationManager = Mockito.mock(AuthenticationManager.class);
ApprovalStore approvalStore = mock(ApprovalStore.class);
clientDetailsValidator = new ClientAdminEndpointsValidator(mockSecurityContextAccessor);
clientDetailsValidator.setClientDetailsService(clientDetailsService);
clientDetailsValidator.setClientSecretValidator(new ZoneAwareClientSecretPolicyValidator(new ClientSecretPolicy(0, 255, 0, 0, 0, 0, 6)));
testZone.getConfig().setClientSecretPolicy(new ClientSecretPolicy(0, 255, 0, 0, 0, 0, 6));
IdentityZoneHolder.set(testZone);
endpoints = spy(new ClientAdminEndpoints(mockSecurityContextAccessor, clientDetailsValidator, mockAuthenticationManager, mock(ResourceMonitor.class), approvalStore, clientRegistrationService, clientDetailsService, 5));
input = new BaseClientDetails();
input.setClientId("foo");
input.setClientSecret("secret");
input.setAuthorizedGrantTypes(Collections.singletonList(GRANT_TYPE_AUTHORIZATION_CODE));
input.setRegisteredRedirectUri(SINGLE_REDIRECT_URL);
for (int i = 0; i < inputs.length; i++) {
inputs[i] = new ClientDetailsModification();
inputs[i].setClientId("foo-" + i);
inputs[i].setClientSecret("secret-" + i);
inputs[i].setAuthorizedGrantTypes(Collections.singletonList(GRANT_TYPE_AUTHORIZATION_CODE));
inputs[i].setRegisteredRedirectUri(new HashSet(Collections.singletonList("https://foo-" + i)));
inputs[i].setAccessTokenValiditySeconds(300);
}
detail = new UaaClientDetails(input);
detail.setResourceIds(Collections.singletonList("none"));
// refresh token is added automatically by endpoint validation
detail.setAuthorizedGrantTypes(Arrays.asList(GRANT_TYPE_AUTHORIZATION_CODE, "refresh_token"));
detail.setScope(Collections.singletonList("uaa.none"));
detail.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
for (int i = 0; i < details.length; i++) {
details[i] = new BaseClientDetails(inputs[i]);
details[i].setResourceIds(Collections.singletonList("none"));
// refresh token is added automatically by endpoint validation
details[i].setAuthorizedGrantTypes(Arrays.asList(GRANT_TYPE_AUTHORIZATION_CODE, "refresh_token"));
details[i].setScope(Collections.singletonList("uaa.none"));
details[i].setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
}
endpoints.setApplicationEventPublisher(new ApplicationEventPublisher() {
@Override
public void publishEvent(ApplicationEvent event) {
if (event instanceof EntityDeletedEvent) {
ClientDetails client = (ClientDetails) ((EntityDeletedEvent) event).getDeleted();
clientRegistrationService.removeClientDetails(client.getClientId());
}
}
@Override
public void publishEvent(Object event) {
}
});
}
Also used :
BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails)
ApplicationEvent(org.springframework.context.ApplicationEvent)
ZoneAwareClientSecretPolicyValidator(org.cloudfoundry.identity.uaa.zone.ZoneAwareClientSecretPolicyValidator)
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
ResourceMonitor(org.cloudfoundry.identity.uaa.resources.ResourceMonitor)
MultitenantClientServices(org.cloudfoundry.identity.uaa.zone.MultitenantClientServices)
BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails)
ClientDetails(org.springframework.security.oauth2.provider.ClientDetails)
ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)
ApprovalStore(org.cloudfoundry.identity.uaa.approval.ApprovalStore)
SecurityContextAccessor(org.cloudfoundry.identity.uaa.security.beans.SecurityContextAccessor)
ClientSecretPolicy(org.cloudfoundry.identity.uaa.zone.ClientSecretPolicy)
EntityDeletedEvent(org.cloudfoundry.identity.uaa.audit.event.EntityDeletedEvent)
ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)
HashSet(java.util.HashSet)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Example 17 with ClientDetailsModification
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsTests method testMultipleCreateClientDetailsNonExistent.
@Test
void testMultipleCreateClientDetailsNonExistent() {
ClientDetailsModification detailsModification = new ClientDetailsModification();
detailsModification.setClientId("unknown");
assertThrows(InvalidClientDetailsException.class, () -> endpoints.createClientDetailsTx(new ClientDetailsModification[] { detailsModification }));
}
Also used :
ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)
Test(org.junit.jupiter.api.Test)
Example 18 with ClientDetailsModification
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsIntegrationTests method doCreateClients.
public ClientDetailsModification[] doCreateClients() throws Exception {
headers = getAuthenticatedHeaders(getClientCredentialsAccessToken("clients.admin,clients.read,clients.write,clients.secret"));
headers.add("Accept", "application/json");
RandomValueStringGenerator gen = new RandomValueStringGenerator();
String[] ids = new String[5];
ClientDetailsModification[] clients = new ClientDetailsModification[ids.length];
for (int i = 0; i < ids.length; i++) {
ids[i] = gen.generate();
ClientDetailsModification detailsModification = new ClientDetailsModification();
detailsModification.setClientId(ids[i]);
detailsModification.setScope(Arrays.asList("foo", "bar"));
detailsModification.setAuthorizedGrantTypes(Collections.singletonList("client_credentials"));
detailsModification.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
clients[i] = detailsModification;
clients[i].setClientSecret("secret");
clients[i].setAdditionalInformation(Collections.<String, Object>singletonMap("foo", Collections.singletonList("bar")));
clients[i].setRegisteredRedirectUri(Collections.singleton("http://redirect.url"));
}
ResponseEntity<ClientDetailsModification[]> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients/tx"), HttpMethod.POST, new HttpEntity<ClientDetailsModification[]>(clients, headers), ClientDetailsModification[].class);
assertEquals(HttpStatus.CREATED, result.getStatusCode());
validateClients(clients, result.getBody());
for (String id : ids) {
ClientDetails client = getClient(id);
assertNotNull(client);
}
return result.getBody();
}
Also used :
BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails)
ClientDetails(org.springframework.security.oauth2.provider.ClientDetails)
RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator)
ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)
Example 19 with ClientDetailsModification
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class MockMvcUtils method getClientDetailsModification.
public static ClientDetailsModification getClientDetailsModification(String id, String secret, Collection<String> resourceIds, Collection<String> scopes, Collection<String> grantTypes, String authorities, Set<String> redirectUris) {
ClientDetailsModification detailsModification = new ClientDetailsModification();
detailsModification.setClientId(id);
detailsModification.setResourceIds(resourceIds);
detailsModification.setScope(scopes);
detailsModification.setAuthorizedGrantTypes(grantTypes);
detailsModification.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList(authorities));
detailsModification.setRegisteredRedirectUri(redirectUris);
detailsModification.setClientSecret(secret);
return detailsModification;
}
Also used :
ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)
Example 20 with ClientDetailsModification
use of org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification in project uaa by cloudfoundry.
the class ClientAdminEndpointsMockMvcTests method testApprovalsAreDeleted.
@Test
void testApprovalsAreDeleted() throws Exception {
ClientDetails details = createClient(adminToken, new RandomValueStringGenerator().generate(), SECRET, Collections.singleton("password"));
String userToken = testClient.getUserOAuthAccessToken(details.getClientId(), "secret", testUser.getUserName(), testPassword, "oauth.approvals");
Approval[] approvals = getApprovals(details.getClientId());
assertEquals(0, approvals.length);
addApprovals(userToken, details.getClientId());
approvals = getApprovals(details.getClientId());
assertEquals(3, approvals.length);
MockHttpServletRequestBuilder deleteClientsPost = post("/oauth/clients/tx/delete").header("Authorization", "Bearer " + adminToken).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content(JsonUtils.writeValueAsString(new ClientDetails[] { details }));
ResultActions result = mockMvc.perform(deleteClientsPost);
result.andExpect(status().isOk());
ClientDetailsModification[] deleted = (ClientDetailsModification[]) arrayFromString(result.andReturn().getResponse().getContentAsString(), ClientDetailsModification[].class);
assertTrue(deleted[0].isApprovalsDeleted());
verify(mockApplicationEventPublisher, times(2)).publishEvent(abstractUaaEventCaptor.capture());
approvals = getApprovals(details.getClientId());
assertEquals(0, approvals.length);
}
Also used :
ClientDetails(org.springframework.security.oauth2.provider.ClientDetails)
BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails)
MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)
RandomValueStringGenerator(org.springframework.security.oauth2.common.util.RandomValueStringGenerator)
ClientDetailsHelper.clientArrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString)
ClientDetailsHelper.arrayFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)
ClientDetailsHelper.clientFromString(org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString)
ResultActions(org.springframework.test.web.servlet.ResultActions)
Approval(org.cloudfoundry.identity.uaa.approval.Approval)
ClientDetailsModification(org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)
Test(org.junit.jupiter.api.Test)
Aggregations
ClientDetailsModification (org.cloudfoundry.identity.uaa.oauth.client.ClientDetailsModification)31
BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)20
Test (org.junit.jupiter.api.Test)16
ClientDetailsHelper.clientFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientFromString)15
ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)15
ResultActions (org.springframework.test.web.servlet.ResultActions)15
ClientDetailsHelper.arrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)14
ClientDetailsHelper.clientArrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.clientArrayFromString)14
MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)14
RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)8
Approval (org.cloudfoundry.identity.uaa.approval.Approval)4
HashMap (java.util.HashMap)3
AbstractUaaEvent (org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent)2
Test (org.junit.Test)2
Transactional (org.springframework.transaction.annotation.Transactional)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2
ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)2
HashSet (java.util.HashSet)1
ApprovalStore (org.cloudfoundry.identity.uaa.approval.ApprovalStore)1
