Examples with OAuth2Request org.forgerock.oauth2.core.OAuth2Request used on opensource projects

Search in sources :

Example 66 with OAuth2Request

use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.

the class AuthorizationRequestEndpointTest method setup.

@BeforeMethod
@SuppressWarnings("unchecked")
public void setup() throws ServerException, InvalidGrantException, NotFoundException, EntitlementException, JSONException {
    requestFactory = mock(OAuth2RequestFactory.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    given(requestFactory.create(any(Request.class))).willReturn(oAuth2Request);
    given(oAuth2Request.getParameter("realm")).willReturn("REALM");
    accessToken = mock(AccessToken.class);
    oauth2TokenStore = mock(TokenStore.class);
    given(oauth2TokenStore.readAccessToken(Matchers.<OAuth2Request>anyObject(), anyString())).willReturn(accessToken);
    given(accessToken.getClientId()).willReturn(RS_CLIENT_ID);
    given(accessToken.getResourceOwnerId()).willReturn(REQUESTING_PARTY_ID);
    umaAuditLogger = mock(UmaAuditLogger.class);
    umaTokenStore = mock(UmaTokenStore.class);
    rpt = mock(RequestingPartyToken.class);
    given(rpt.getId()).willReturn("1");
    permissionTicket = mock(PermissionTicket.class);
    given(permissionTicket.getExpiryTime()).willReturn(System.currentTimeMillis() + 10000);
    given(permissionTicket.getResourceSetId()).willReturn(RS_ID);
    given(permissionTicket.getResourceServerClientId()).willReturn(RS_CLIENT_ID);
    given(permissionTicket.getRealm()).willReturn("REALM");
    given(umaTokenStore.readPermissionTicket(anyString())).willReturn(permissionTicket);
    given(umaTokenStore.createRPT(Matchers.<PermissionTicket>anyObject())).willReturn(rpt);
    resourceSetStore = mock(ResourceSetStore.class);
    ResourceSetDescription resourceSet = new ResourceSetDescription();
    resourceSet.setId(RS_DESCRIPTION_ID);
    resourceSet.setResourceOwnerId(RESOURCE_OWNER_ID);
    given(resourceSetStore.query(QueryFilter.equalTo(ResourceSetTokenField.RESOURCE_SET_ID, RS_ID))).willReturn(Collections.singleton(resourceSet));
    umaProviderSettings = mock(UmaProviderSettings.class);
    policyEvaluator = mock(Evaluator.class);
    given(umaProviderSettings.getPolicyEvaluator(any(Subject.class), eq(RS_CLIENT_ID.toLowerCase()))).willReturn(policyEvaluator);
    given(umaProviderSettings.getUmaTokenStore()).willReturn(umaTokenStore);
    umaProviderSettingsFactory = mock(UmaProviderSettingsFactory.class);
    given(umaProviderSettingsFactory.get(Matchers.<Request>anyObject())).willReturn(umaProviderSettings);
    given(umaProviderSettings.getUmaTokenStore()).willReturn(umaTokenStore);
    OAuth2ProviderSettingsFactory oauth2ProviderSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
    OAuth2ProviderSettings oauth2ProviderSettings = mock(OAuth2ProviderSettings.class);
    given(oauth2ProviderSettingsFactory.get(any(OAuth2Request.class))).willReturn(oauth2ProviderSettings);
    given(oauth2ProviderSettings.getResourceSetStore()).willReturn(resourceSetStore);
    OAuth2UrisFactory<RealmInfo> oauth2UrisFactory = mock(OAuth2UrisFactory.class);
    OAuth2Uris oauth2Uris = mock(OAuth2Uris.class);
    given(oauth2UrisFactory.get(any(OAuth2Request.class))).willReturn(oauth2Uris);
    given(oauth2Uris.getIssuer()).willReturn("ISSUER");
    pendingRequestsService = mock(PendingRequestsService.class);
    Map<String, ClaimGatherer> claimGatherers = new HashMap<>();
    idTokenClaimGatherer = mock(IdTokenClaimGatherer.class);
    claimGatherers.put(IdTokenClaimGatherer.FORMAT, idTokenClaimGatherer);
    ExtensionFilterManager extensionFilterManager = mock(ExtensionFilterManager.class);
    requestAuthorizationFilter = mock(RequestAuthorizationFilter.class);
    given(extensionFilterManager.getFilters(RequestAuthorizationFilter.class)).willReturn(Collections.singletonList(requestAuthorizationFilter));
    UmaExceptionHandler exceptionHandler = mock(UmaExceptionHandler.class);
    endpoint = spy(new AuthorizationRequestEndpoint2(umaProviderSettingsFactory, oauth2TokenStore, requestFactory, oauth2ProviderSettingsFactory, oauth2UrisFactory, umaAuditLogger, pendingRequestsService, claimGatherers, extensionFilterManager, exceptionHandler, jacksonRepresentationFactory));
    request = mock(Request.class);
    given(endpoint.getRequest()).willReturn(request);
    response = mock(Response.class);
    endpoint.setResponse(response);
    requestBody = mock(JSONObject.class);
    given(requestBody.toString()).willReturn("{\"ticket\": \"016f84e8-f9b9-11e0-bd6f-0021cc6004de\"}");
    entity = mock(JsonRepresentation.class);
    given(entity.getJsonObject()).willReturn(requestBody);
}
Also used : OAuth2Uris(org.forgerock.oauth2.core.OAuth2Uris) HashMap(java.util.HashMap) Matchers.anyString(org.mockito.Matchers.anyString) ResourceSetDescription(org.forgerock.oauth2.resources.ResourceSetDescription) RealmInfo(org.forgerock.openam.core.RealmInfo) OAuth2RequestFactory(org.forgerock.oauth2.core.OAuth2RequestFactory) OAuth2ProviderSettingsFactory(org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory) AccessToken(org.forgerock.oauth2.core.AccessToken) ResourceSetStore(org.forgerock.oauth2.resources.ResourceSetStore) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings) UmaAuditLogger(org.forgerock.openam.uma.audit.UmaAuditLogger) UmaPendingRequest(org.forgerock.openam.sm.datalayer.impl.uma.UmaPendingRequest) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) Request(org.restlet.Request) RequestAuthorizationFilter(org.forgerock.openam.uma.extensions.RequestAuthorizationFilter) Evaluator(com.sun.identity.entitlement.Evaluator) Subject(javax.security.auth.Subject) Response(org.restlet.Response) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) JSONObject(org.json.JSONObject) TokenStore(org.forgerock.oauth2.core.TokenStore) JsonRepresentation(org.restlet.ext.json.JsonRepresentation) ExtensionFilterManager(org.forgerock.openam.oauth2.extensions.ExtensionFilterManager) BeforeMethod(org.testng.annotations.BeforeMethod)

Example 67 with OAuth2Request

use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.

the class IdTokenClaimGathererTest method mockOAuth2ProviderSettings.

private OAuth2ProviderSettingsFactory mockOAuth2ProviderSettings() throws NotFoundException, ServerException {
    OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
    given(oAuth2ProviderSettingsFactory.get(oAuth2Request)).willReturn(oAuth2ProviderSettings);
    PublicKey publicKey = mock(PublicKey.class);
    KeyPair keyPair = new KeyPair(publicKey, null);
    given(oAuth2ProviderSettings.getServerKeyPair()).willReturn(keyPair);
    return oAuth2ProviderSettingsFactory;
}
Also used : KeyPair(java.security.KeyPair) OAuth2ProviderSettingsFactory(org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory) PublicKey(java.security.PublicKey)

Example 68 with OAuth2Request

use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandleWithNoBearerToken.

@Test
public void testBeforeHandleWithNoBearerToken() throws Exception {
    //Given
    Request req = mock(Request.class);
    Response resp = mock(Response.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    when(req.getChallengeResponse()).thenReturn(null);
    //When
    int result = filter.beforeHandle(req, resp);
    //Then
    assertThat(result).isEqualTo(Filter.STOP);
    ArgumentCaptor<Status> statusCaptor = ArgumentCaptor.forClass(Status.class);
    verify(resp).setStatus(statusCaptor.capture());
    Status status = statusCaptor.getValue();
    assertThat(status.getThrowable()).isInstanceOf(InvalidTokenException.class);
}
Also used : ChallengeResponse(org.restlet.data.ChallengeResponse) Response(org.restlet.Response) Status(org.restlet.data.Status) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Test(org.testng.annotations.Test)

Example 69 with OAuth2Request

use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandleWithServerException.

@Test
public void testBeforeHandleWithServerException() throws Exception {
    //Given
    Request req = mock(Request.class);
    Response resp = mock(Response.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenThrow(ServerException.class);
    //When
    int result = filter.beforeHandle(req, resp);
    //Then
    assertThat(result).isEqualTo(Filter.STOP);
    ArgumentCaptor<Status> statusCaptor = ArgumentCaptor.forClass(Status.class);
    verify(resp).setStatus(statusCaptor.capture());
    Status status = statusCaptor.getValue();
    assertThat(status.getThrowable()).isInstanceOf(ServerException.class);
}
Also used : ChallengeResponse(org.restlet.data.ChallengeResponse) Response(org.restlet.Response) Status(org.restlet.data.Status) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) Test(org.testng.annotations.Test)

Example 70 with OAuth2Request

use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandle.

@Test
public void testBeforeHandle() throws Exception {
    //Given
    Request req = mock(Request.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    AccessToken accessToken = new AccessToken(json(object(field("id", "tokenId"), field("tokenName", "access_token"), field("scope", asSet("a", REQUIRED_SCOPE)), field("expireTime", System.currentTimeMillis() + 5000))));
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenReturn(accessToken);
    //When
    int result = filter.beforeHandle(req, null);
    //Then
    assertThat(result).isEqualTo(Filter.CONTINUE);
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) Test(org.testng.annotations.Test)

Aggregations

OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)73 Test (org.testng.annotations.Test)45 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)32 Request (org.restlet.Request)31 AccessToken (org.forgerock.oauth2.core.AccessToken)27 ServerException (org.forgerock.oauth2.core.exceptions.ServerException)27 JsonValue (org.forgerock.json.JsonValue)24 ChallengeResponse (org.restlet.data.ChallengeResponse)17 AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)13 NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)11 CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)11 HashMap (java.util.HashMap)10 HashSet (java.util.HashSet)10 InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)10 UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)10 Response (org.restlet.Response)10 ClientRegistration (org.forgerock.oauth2.core.ClientRegistration)9 OAuth2Exception (org.forgerock.oauth2.core.exceptions.OAuth2Exception)9 DeviceCode (org.forgerock.oauth2.core.DeviceCode)8 InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial