Example 41 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class TokenInfoServiceImpl method getTokenInfo.
/**
* {@inheritDoc}
*/
public JsonValue getTokenInfo(OAuth2Request request) throws InvalidTokenException, InvalidRequestException, ExpiredTokenException, ServerException, BadRequestException, InvalidGrantException, NotFoundException {
final AccessTokenVerifier.TokenState headerToken = headerTokenVerifier.verify(request);
final AccessTokenVerifier.TokenState queryToken = queryTokenVerifier.verify(request);
final Map<String, Object> response = new HashMap<String, Object>();
if (!headerToken.isValid() && !queryToken.isValid()) {
logger.error("Access Token not valid");
throw new InvalidRequestException("Access Token not valid");
} else if (headerToken.isValid() && queryToken.isValid()) {
logger.error("Access Token provided in both query and header in request");
throw new InvalidRequestException("Access Token cannot be provided in both query and header");
} else {
final AccessToken accessToken = request.getToken(AccessToken.class);
logger.trace("In Validator resource - got token = " + accessToken);
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final Map<String, Object> scopeEvaluation = providerSettings.evaluateScope(accessToken);
response.putAll(accessToken.getTokenInfo());
response.putAll(scopeEvaluation);
return new JsonValue(response);
}
}
Also used :
HashMap(java.util.HashMap)
JsonValue(org.forgerock.json.JsonValue)
InvalidRequestException(org.forgerock.oauth2.core.exceptions.InvalidRequestException)
HashMap(java.util.HashMap)
Map(java.util.Map)
AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier)
Example 42 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class ResourceSetRegistrationEndpointTest method setup.
@BeforeMethod
@SuppressWarnings("unchecked")
public void setup() throws ServerException, InvalidGrantException, NotFoundException {
store = mock(ResourceSetStore.class);
validator = mock(ResourceSetDescriptionValidator.class);
OAuth2RequestFactory<?, Request> requestFactory = mock(OAuth2RequestFactory.class);
Set<ResourceSetRegistrationHook> hooks = new HashSet<>();
hook = mock(ResourceSetRegistrationHook.class);
hooks.add(hook);
labelRegistration = mock(ResourceSetLabelRegistration.class);
ExtensionFilterManager extensionFilterManager = mock(ExtensionFilterManager.class);
resourceRegistrationFilter = mock(ResourceRegistrationFilter.class);
given(extensionFilterManager.getFilters(ResourceRegistrationFilter.class)).willReturn(Collections.singletonList(resourceRegistrationFilter));
OAuth2ProviderSettingsFactory providerSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
OAuth2ProviderSettings providerSettings = mock(OAuth2ProviderSettings.class);
given(providerSettingsFactory.get(Matchers.<OAuth2Request>anyObject())).willReturn(providerSettings);
given(providerSettings.getResourceSetStore()).willReturn(store);
ExceptionHandler exceptionHandler = mock(ExceptionHandler.class);
UmaLabelsStore umaLabelsStore = mock(UmaLabelsStore.class);
endpoint = spy(new ResourceSetRegistrationEndpoint(providerSettingsFactory, validator, requestFactory, hooks, labelRegistration, extensionFilterManager, exceptionHandler, umaLabelsStore, jacksonRepresentationFactory));
Request request = mock(Request.class);
ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
challengeResponse.setRawValue("PAT");
given(request.getChallengeResponse()).willReturn(challengeResponse);
given(endpoint.getRequest()).willReturn(request);
AccessToken accessToken = mock(AccessToken.class);
given(accessToken.getClientId()).willReturn("CLIENT_ID");
given(accessToken.getResourceOwnerId()).willReturn("RESOURCE_OWNER_ID");
response = mock(Response.class);
given(endpoint.getResponse()).willReturn(response);
OAuth2Request oAuth2Request = mock(OAuth2Request.class);
given(requestFactory.create(Matchers.<Request>anyObject())).willReturn(oAuth2Request);
given(oAuth2Request.getToken(AccessToken.class)).willReturn(accessToken);
}
Also used :
ResourceSetRegistrationHook(org.forgerock.oauth2.restlet.resources.ResourceSetRegistrationHook)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Request(org.restlet.Request)
ResourceRegistrationFilter(org.forgerock.openam.oauth2.extensions.ResourceRegistrationFilter)
ResourceSetDescriptionValidator(org.forgerock.oauth2.restlet.resources.ResourceSetDescriptionValidator)
ChallengeResponse(org.restlet.data.ChallengeResponse)
ExceptionHandler(org.forgerock.oauth2.restlet.ExceptionHandler)
ChallengeResponse(org.restlet.data.ChallengeResponse)
Response(org.restlet.Response)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
OAuth2ProviderSettingsFactory(org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory)
ResourceSetStore(org.forgerock.oauth2.resources.ResourceSetStore)
AccessToken(org.forgerock.oauth2.core.AccessToken)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
UmaLabelsStore(org.forgerock.openam.oauth2.resources.labels.UmaLabelsStore)
ExtensionFilterManager(org.forgerock.openam.oauth2.extensions.ExtensionFilterManager)
HashSet(java.util.HashSet)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 43 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class OpenAMTokenStoreTest method shouldNotReadOtherRealmsAccessToken.
@Test(expectedExceptions = InvalidGrantException.class)
public void shouldNotReadOtherRealmsAccessToken() throws Exception {
//Given
JsonValue token = json(object(field("tokenName", Collections.singleton("access_token")), field("realm", Collections.singleton("/otherrealm"))));
given(tokenStore.read("TOKEN_ID")).willReturn(token);
given(realmNormaliser.normalise("/otherrealm")).willReturn("/otherrealm");
ConcurrentHashMap<String, Object> attributes = new ConcurrentHashMap<String, Object>();
given(request.getAttributes()).willReturn(attributes);
attributes.put("realm", "/testrealm");
OAuth2Request request = oAuth2RequestFactory.create(this.request);
//When
AccessToken accessToken = openAMtokenStore.readAccessToken(request, "TOKEN_ID");
//Then
// expect InvalidGrantException
}
Also used :
RestletOAuth2Request(org.forgerock.oauth2.restlet.RestletOAuth2Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AccessToken(org.forgerock.oauth2.core.AccessToken)
JsonValue(org.forgerock.json.JsonValue)
BDDMockito.anyString(org.mockito.BDDMockito.anyString)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
Test(org.testng.annotations.Test)
Example 44 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class OpenAMTokenStoreTest method shouldDeleteDeviceCode.
@Test
public void shouldDeleteDeviceCode() throws Exception {
// Given
DeviceCode code = new DeviceCode(json(object(field("tokenName", asSet("device_code")), field("id", asSet("123")), field("user_code", asSet("456")), field("realm", asSet("/")), field("clientID", asSet("CLIENT_ID")))));
given(tokenStore.read("123")).willReturn(code);
final RestletOAuth2Request oauth2Request = oAuth2RequestFactory.create(this.request);
given(request.getAttributes()).willReturn(new ConcurrentHashMap<>(singletonMap("realm", (Object) "/")));
given(realmNormaliser.normalise("/")).willReturn("/");
// When
openAMtokenStore.deleteDeviceCode("CLIENT_ID", "123", oauth2Request);
// Then
verify(tokenStore).delete("123");
}
Also used :
DeviceCode(org.forgerock.oauth2.core.DeviceCode)
RestletOAuth2Request(org.forgerock.oauth2.restlet.RestletOAuth2Request)
Test(org.testng.annotations.Test)
Example 45 with OAuth2Request
use of org.forgerock.oauth2.core.OAuth2Request in project OpenAM by OpenRock.
the class OpenAMTokenStoreTest method shouldFailWhenNoProvider.
@Test(expectedExceptions = NotFoundException.class)
public void shouldFailWhenNoProvider() throws Exception {
//Given
OAuth2Request request = oAuth2RequestFactory.create(this.request);
doThrow(NotFoundException.class).when(providerSettingsFactory).get(request);
//When
openAMtokenStore.createAccessToken(null, null, null, null, null, null, null, null, null, null, request);
//Then
//Expected NotFoundException
}
Also used :
RestletOAuth2Request(org.forgerock.oauth2.restlet.RestletOAuth2Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Test(org.testng.annotations.Test)
Aggregations
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)73
Test (org.testng.annotations.Test)45
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)32
Request (org.restlet.Request)31
AccessToken (org.forgerock.oauth2.core.AccessToken)27
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)27
JsonValue (org.forgerock.json.JsonValue)24
ChallengeResponse (org.restlet.data.ChallengeResponse)17
AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)13
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)11
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)11
HashMap (java.util.HashMap)10
HashSet (java.util.HashSet)10
InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)10
UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)10
Response (org.restlet.Response)10
ClientRegistration (org.forgerock.oauth2.core.ClientRegistration)9
OAuth2Exception (org.forgerock.oauth2.core.exceptions.OAuth2Exception)9
DeviceCode (org.forgerock.oauth2.core.DeviceCode)8
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)8
