Examples with AccessToken org.forgerock.oauth2.core.AccessToken used on opensource projects

Search in sources :

Example 31 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandle.

@Test
public void testBeforeHandle() throws Exception {
    //Given
    Request req = mock(Request.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    AccessToken accessToken = new AccessToken(json(object(field("id", "tokenId"), field("tokenName", "access_token"), field("scope", asSet("a", REQUIRED_SCOPE)), field("expireTime", System.currentTimeMillis() + 5000))));
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenReturn(accessToken);
    //When
    int result = filter.beforeHandle(req, null);
    //Then
    assertThat(result).isEqualTo(Filter.CONTINUE);
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) Test(org.testng.annotations.Test)

Example 32 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandleWithoutScope.

@Test
public void testBeforeHandleWithoutScope() throws Exception {
    //Given
    Request req = mock(Request.class);
    Response resp = mock(Response.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    AccessToken accessToken = new AccessToken(json(object(field("id", "tokenId"), field("tokenName", "access_token"), field("scope", asSet("a")), field("expireTime", System.currentTimeMillis() + 5000))));
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenReturn(accessToken);
    //When
    int result = filter.beforeHandle(req, resp);
    //Then
    assertThat(result).isEqualTo(Filter.STOP);
    ArgumentCaptor<Status> statusCaptor = ArgumentCaptor.forClass(Status.class);
    verify(resp).setStatus(statusCaptor.capture());
    Status status = statusCaptor.getValue();
    assertThat(status.getThrowable()).isInstanceOf(InsufficientScopeException.class);
}
Also used : ChallengeResponse(org.restlet.data.ChallengeResponse) Response(org.restlet.Response) Status(org.restlet.data.Status) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) Test(org.testng.annotations.Test)

Example 33 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckExpired.

@Test
public void shouldCheckExpired() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return true;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) HttpRequest(org.restlet.engine.adapter.HttpRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 34 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckValid.

@Test
public void shouldCheckValid() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return false;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isTrue();
    assertThat(result.getTokenId()).isEqualTo("freddy");
    verify(tokenStore).readAccessToken(req, "freddy");
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) HttpRequest(org.restlet.engine.adapter.HttpRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 35 with AccessToken

use of org.forgerock.oauth2.core.AccessToken in project OpenAM by OpenRock.

the class OpenAMTokenStore method appendIdTokenClaims.

//return all claims from scopes + claims requested in the id_token
private void appendIdTokenClaims(OAuth2Request request, OAuth2ProviderSettings providerSettings, OpenAMOpenIdConnectToken oidcToken) throws ServerException, NotFoundException, InvalidClientException {
    try {
        AccessToken accessToken = request.getToken(AccessToken.class);
        Map<String, Object> userInfo = providerSettings.getUserInfo(accessToken, request).getValues();
        for (Map.Entry<String, Object> claim : userInfo.entrySet()) {
            oidcToken.put(claim.getKey(), claim.getValue());
        }
    } catch (UnauthorizedClientException e) {
        throw failureFactory.getException(request, e.getMessage());
    }
}
Also used : AccessToken(org.forgerock.oauth2.core.AccessToken) UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException) JSONObject(org.json.JSONObject) Map(java.util.Map)

Aggregations

AccessToken (org.forgerock.oauth2.core.AccessToken)37 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)22 Test (org.testng.annotations.Test)17 ServerException (org.forgerock.oauth2.core.exceptions.ServerException)14 JsonValue (org.forgerock.json.JsonValue)13 Request (org.restlet.Request)12 ChallengeResponse (org.restlet.data.ChallengeResponse)10 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)9 NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)7 AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)6 Response (org.restlet.Response)6 Map (java.util.Map)5 InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)5 InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)5 UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)5 BeforeMethod (org.testng.annotations.BeforeMethod)5 HashMap (java.util.HashMap)4 ResourceOwner (org.forgerock.oauth2.core.ResourceOwner)4 InvalidTokenException (org.forgerock.oauth2.core.exceptions.InvalidTokenException)4 JSONObject (org.json.JSONObject)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial