use of org.forgerock.oauth2.core.OAuth2RequestFactory in project OpenAM by OpenRock.
the class OpenAMTokenStoreTest method setUp.
@BeforeMethod
public void setUp() {
tokenStore = mock(OAuthTokenStore.class);
providerSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
oAuth2UrisFactory = mock(OAuth2UrisFactory.class);
clientRegistrationStore = mock(OpenIdConnectClientRegistrationStore.class);
realmNormaliser = mock(RealmNormaliser.class);
ssoTokenManager = mock(SSOTokenManager.class);
request = mock(Request.class);
cookieExtractor = mock(CookieExtractor.class);
auditLogger = mock(OAuth2AuditLogger.class);
debug = mock(Debug.class);
failureFactory = mock(ClientAuthenticationFailureFactory.class);
oAuth2RequestFactory = new RestletOAuth2RequestFactory(new JacksonRepresentationFactory(new ObjectMapper()));
ClientAuthenticationFailureFactory failureFactory = mock(ClientAuthenticationFailureFactory.class);
InvalidClientException expectedResult = mock(InvalidClientException.class);
when(expectedResult.getError()).thenReturn(new String("invalid_client"));
when(failureFactory.getException()).thenReturn(expectedResult);
when(failureFactory.getException(anyString())).thenReturn(expectedResult);
when(failureFactory.getException(any(OAuth2Request.class), anyString())).thenReturn(expectedResult);
openAMtokenStore = new OpenAMTokenStore(tokenStore, providerSettingsFactory, oAuth2UrisFactory, clientRegistrationStore, realmNormaliser, ssoTokenManager, cookieExtractor, auditLogger, debug, new SecureRandom(), failureFactory);
}
use of org.forgerock.oauth2.core.OAuth2RequestFactory in project OpenAM by OpenRock.
the class OAuth2GuiceModule method configure.
/**
* {@inheritDoc}
*/
@Override
protected void configure() {
bind(AuthorizationService.class).to(AuthorizationServiceImpl.class);
bind(new TypeLiteral<OAuth2RequestFactory<?, Request>>() {
}).to(RestletOAuth2RequestFactory.class);
bind(ResourceOwnerConsentVerifier.class).to(OpenIdResourceOwnerConsentVerifier.class);
bind(ClientRegistrationStore.class).to(OpenAMClientRegistrationStore.class);
bind(OpenIdConnectClientRegistrationStore.class).to(OpenAMClientRegistrationStore.class);
bind(OAuth2ProviderSettingsFactory.class).to(OpenAMOAuth2ProviderSettingsFactory.class);
bind(OAuth2ProviderSettingsFactory.class).to(OpenAMOAuth2ProviderSettingsFactory.class);
bind(ResourceOwnerSessionValidator.class).to(OpenAMResourceOwnerSessionValidator.class);
bind(ClientAuthenticator.class).to(ClientAuthenticatorImpl.class);
bind(TokenStore.class).to(OpenAMTokenStore.class);
bind(OpenIdConnectTokenStore.class).to(OpenAMTokenStore.class);
bind(AccessTokenService.class).to(AccessTokenServiceImpl.class);
bind(ResourceOwnerAuthenticator.class).to(OpenAMResourceOwnerAuthenticator.class);
bind(IdTokenResponseTypeHandler.class).to(OpenAMIdTokenResponseTypeHandler.class);
bind(UserInfoService.class).to(UserInfoServiceImpl.class);
bind(TokenInfoService.class).to(TokenInfoServiceImpl.class);
bind(ClientAuthenticationFailureFactory.class).to(OpenAMClientAuthenticationFailureFactory.class);
bind(AccessTokenVerifier.class).to(RestletHeaderAccessTokenVerifier.class);
bind(AccessTokenVerifier.class).annotatedWith(named(HEADER)).to(RestletHeaderAccessTokenVerifier.class);
bind(AccessTokenVerifier.class).annotatedWith(named(FORM_BODY)).to(RestletFormBodyAccessTokenVerifier.class);
bind(AccessTokenVerifier.class).annotatedWith(named(QUERY_PARAM)).to(RestletQueryParameterAccessTokenVerifier.class);
bind(OpenIDConnectProvider.class).to(OpenAMOpenIDConnectProvider.class);
bind(ClientDAO.class).to(OpenAMClientDAO.class);
bind(OpenIdConnectClientRegistrationService.class).to(OpenAMOpenIdConnectClientRegistrationService.class);
bind(OpenAMSettings.class).toProvider(new Provider<OpenAMSettings>() {
public OpenAMSettings get() {
return new OpenAMSettingsImpl(OAuth2Constants.OAuth2ProviderService.NAME, OAuth2Constants.OAuth2ProviderService.VERSION);
}
});
bind(OpenIDTokenIssuer.class).to(OpenAMOpenIdTokenIssuer.class);
final Multibinder<AuthorizeRequestValidator> authorizeRequestValidators = Multibinder.newSetBinder(binder(), AuthorizeRequestValidator.class);
authorizeRequestValidators.addBinding().to(AuthorizeRequestValidatorImpl.class);
authorizeRequestValidators.addBinding().to(OpenIdConnectAuthorizeRequestValidator.class);
authorizeRequestValidators.addBinding().to(ClaimsParameterValidator.class);
authorizeRequestValidators.addBinding().to(SubjectTypeValidator.class);
authorizeRequestValidators.addBinding().to(CodeVerifierValidator.class);
final Multibinder<AuthorizationCodeRequestValidator> authorizationCodeRequestValidators = Multibinder.newSetBinder(binder(), AuthorizationCodeRequestValidator.class);
authorizationCodeRequestValidators.addBinding().to(AuthorizationCodeRequestValidatorImpl.class);
final Multibinder<ClientCredentialsRequestValidator> clientCredentialsRequestValidators = Multibinder.newSetBinder(binder(), ClientCredentialsRequestValidator.class);
clientCredentialsRequestValidators.addBinding().to(ClientCredentialsRequestValidatorImpl.class);
final Multibinder<PasswordCredentialsRequestValidator> passwordCredentialsRequestValidators = Multibinder.newSetBinder(binder(), PasswordCredentialsRequestValidator.class);
passwordCredentialsRequestValidators.addBinding().to(PasswordCredentialsRequestValidatorImpl.class);
final MapBinder<String, GrantTypeHandler> grantTypeHandlers = MapBinder.newMapBinder(binder(), String.class, GrantTypeHandler.class);
grantTypeHandlers.addBinding(CLIENT_CREDENTIALS).to(ClientCredentialsGrantTypeHandler.class);
grantTypeHandlers.addBinding(PASSWORD).to(PasswordCredentialsGrantTypeHandler.class);
grantTypeHandlers.addBinding(AUTHORIZATION_CODE).to(AuthorizationCodeGrantTypeHandler.class);
grantTypeHandlers.addBinding(DEVICE_CODE).to(DeviceCodeGrantTypeHandler.class);
grantTypeHandlers.addBinding(JWT_BEARER).to(JwtBearerGrantTypeHandler.class);
grantTypeHandlers.addBinding(OAuth2Constants.TokenEndpoint.SAML2_BEARER).to(Saml2GrantTypeHandler.class);
final Multibinder<AuthorizeRequestHook> authorizeRequestHooks = Multibinder.newSetBinder(binder(), AuthorizeRequestHook.class);
authorizeRequestHooks.addBinding().to(LoginHintHook.class);
final Multibinder<TokenRequestHook> tokenRequestHooks = Multibinder.newSetBinder(binder(), TokenRequestHook.class);
tokenRequestHooks.addBinding().to(LoginHintHook.class);
install(new FactoryModuleBuilder().implement(ResourceSetStore.class, OpenAMResourceSetStore.class).build(ResourceSetStoreFactory.class));
bind(TokenIdGenerator.class).to(ThreadSafeTokenIdGenerator.class);
Multibinder.newSetBinder(binder(), TokenIntrospectionHandler.class).addBinding().to(OAuth2TokenIntrospectionHandler.class);
bind(TokenIntrospectionService.class).to(TokenIntrospectionServiceImpl.class);
Multibinder.newSetBinder(binder(), ResourceSetRegistrationHook.class);
bind(OpenIDConnectURLValidator.class).toInstance(OpenIDConnectURLValidator.getInstance());
install(new LabelsGuiceModule());
bind(OAuth2UrisFactory.class).to(OpenAMOAuth2UrisFactory.class);
bind(new TypeLiteral<OAuth2UrisFactory<RealmInfo>>() {
}).to(OpenAMOAuth2UrisFactory.class);
}
use of org.forgerock.oauth2.core.OAuth2RequestFactory in project OpenAM by OpenRock.
the class PermissionRequestEndpointTest method setup.
@BeforeMethod
@SuppressWarnings("unchecked")
public void setup() throws ServerException, InvalidGrantException, NotFoundException {
resourceSetStore = mock(ResourceSetStore.class);
OAuth2RequestFactory<?, Request> requestFactory = mock(OAuth2RequestFactory.class);
umaTokenStore = mock(UmaTokenStore.class);
OAuth2ProviderSettingsFactory providerSettingFactory = mock(OAuth2ProviderSettingsFactory.class);
OAuth2ProviderSettings providerSettings = mock(OAuth2ProviderSettings.class);
given(providerSettingFactory.get(Matchers.<OAuth2Request>anyObject())).willReturn(providerSettings);
given(providerSettings.getResourceSetStore()).willReturn(resourceSetStore);
UmaProviderSettingsFactory umaProviderSettingsFactory = mock(UmaProviderSettingsFactory.class);
UmaProviderSettings umaProviderSettings = mock(UmaProviderSettings.class);
given(umaProviderSettingsFactory.get(any(Request.class))).willReturn(umaProviderSettings);
given(umaProviderSettings.getUmaTokenStore()).willReturn(umaTokenStore);
ExtensionFilterManager extensionFilterManager = mock(ExtensionFilterManager.class);
permissionRequestFilter = mock(PermissionRequestFilter.class);
given(extensionFilterManager.getFilters(PermissionRequestFilter.class)).willReturn(Collections.singleton(permissionRequestFilter));
UmaExceptionHandler exceptionHandler = mock(UmaExceptionHandler.class);
endpoint = spy(new PermissionRequestEndpoint(providerSettingFactory, requestFactory, umaProviderSettingsFactory, extensionFilterManager, exceptionHandler, jacksonRepresentationFactory));
response = mock(Response.class);
endpoint.setResponse(response);
Request request = mock(Request.class);
given(endpoint.getRequest()).willReturn(request);
AccessToken accessToken = mock(AccessToken.class);
given(accessToken.getClientId()).willReturn("CLIENT_ID");
given(accessToken.getResourceOwnerId()).willReturn("RESOURCE_OWNER_ID");
OAuth2Request oAuth2Request = mock(OAuth2Request.class);
given(requestFactory.create(request)).willReturn(oAuth2Request);
given(oAuth2Request.getToken(AccessToken.class)).willReturn(accessToken);
}
use of org.forgerock.oauth2.core.OAuth2RequestFactory in project OpenAM by OpenRock.
the class ResourceSetRegistrationEndpointTest method setup.
@BeforeMethod
@SuppressWarnings("unchecked")
public void setup() throws ServerException, InvalidGrantException, NotFoundException {
store = mock(ResourceSetStore.class);
validator = mock(ResourceSetDescriptionValidator.class);
OAuth2RequestFactory<?, Request> requestFactory = mock(OAuth2RequestFactory.class);
Set<ResourceSetRegistrationHook> hooks = new HashSet<>();
hook = mock(ResourceSetRegistrationHook.class);
hooks.add(hook);
labelRegistration = mock(ResourceSetLabelRegistration.class);
ExtensionFilterManager extensionFilterManager = mock(ExtensionFilterManager.class);
resourceRegistrationFilter = mock(ResourceRegistrationFilter.class);
given(extensionFilterManager.getFilters(ResourceRegistrationFilter.class)).willReturn(Collections.singletonList(resourceRegistrationFilter));
OAuth2ProviderSettingsFactory providerSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
OAuth2ProviderSettings providerSettings = mock(OAuth2ProviderSettings.class);
given(providerSettingsFactory.get(Matchers.<OAuth2Request>anyObject())).willReturn(providerSettings);
given(providerSettings.getResourceSetStore()).willReturn(store);
ExceptionHandler exceptionHandler = mock(ExceptionHandler.class);
UmaLabelsStore umaLabelsStore = mock(UmaLabelsStore.class);
endpoint = spy(new ResourceSetRegistrationEndpoint(providerSettingsFactory, validator, requestFactory, hooks, labelRegistration, extensionFilterManager, exceptionHandler, umaLabelsStore, jacksonRepresentationFactory));
Request request = mock(Request.class);
ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
challengeResponse.setRawValue("PAT");
given(request.getChallengeResponse()).willReturn(challengeResponse);
given(endpoint.getRequest()).willReturn(request);
AccessToken accessToken = mock(AccessToken.class);
given(accessToken.getClientId()).willReturn("CLIENT_ID");
given(accessToken.getResourceOwnerId()).willReturn("RESOURCE_OWNER_ID");
response = mock(Response.class);
given(endpoint.getResponse()).willReturn(response);
OAuth2Request oAuth2Request = mock(OAuth2Request.class);
given(requestFactory.create(Matchers.<Request>anyObject())).willReturn(oAuth2Request);
given(oAuth2Request.getToken(AccessToken.class)).willReturn(accessToken);
}
use of org.forgerock.oauth2.core.OAuth2RequestFactory in project OpenAM by OpenRock.
the class EndSessionTest method setup.
@BeforeMethod
public void setup() throws InvalidClientException, SignatureException, NotFoundException {
idToken = "eyAidHlwIjogIkpXVCIsICJhbGciOiAiSFMyNTYiIH0.eyAidG9rZW5OYW1lIjogImlkX3Rva2VuIiwgImF6cCI6ICJOZXdPcG" + "VuSWRDbGllbnQiLCAic3ViIjogIlRlc3RVc2VyIiwgImF0X2hhc2giOiAibHhSNE1BcGV1aXl0dWxiVFI4OV9wQSIsICJpc3MiOi" + "AiaHR0cDovL29wZW5hbS5leGFtcGxlLmNvbTo4MDgwL29wZW5hbS9vYXV0aDIiLCAib3JnLmZvcmdlcm9jay5vcGVuaWRjb25uZW" + "N0Lm9wcyI6ICI2OTYzOTc4MC04NjkzLTQ1ODktOTk1Ni05ZThkM2UxZWI2YjQiLCAiaWF0IjogMTQzNjM1MjM4MiwgImF1dGhfdG" + "ltZSI6IDE0MzYzNTIzODIsICJleHAiOiAxNDM2MzUyOTgyLCAidG9rZW5UeXBlIjogIkpXVFRva2VuIiwgIm5vbmNlIjogIjEyMz" + "Q1IiwgInJlYWxtIjogIi8iLCAiYXVkIjogWyAiTmV3T3BlbklkQ2xpZW50IiBdLCAiY19oYXNoIjogIkY3RENrMkE5cDVmeUN0VF" + "hpYmF5V2ciIH0.0uIyHGAsr04gu9H4cJ57UPYVJmSJwjCakozPATlCcuE";
oAuth2Request = mock(OAuth2Request.class);
when(oAuth2Request.getParameter(OAuth2Constants.Params.END_SESSION_ID_TOKEN_HINT)).thenReturn(idToken);
OAuth2RequestFactory<?, Request> requestFactory = mock(OAuth2RequestFactory.class);
ExceptionHandler exceptionHandler = mock(ExceptionHandler.class);
ClientRegistrationStore clientRegistrationStore = mock(ClientRegistrationStore.class);
openIDConnectEndSession = mock(OpenIDConnectEndSession.class);
endSession = new EndSession(requestFactory, openIDConnectEndSession, exceptionHandler, clientRegistrationStore);
Request request = mock(Request.class);
Response response = mock(Response.class);
when(response.getEntity()).thenReturn(mock(Representation.class));
endSession.setRequest(request);
endSession.setResponse(response);
when(requestFactory.create(any(Request.class))).thenReturn(oAuth2Request);
client = mock(ClientRegistration.class);
when(clientRegistrationStore.get(anyString(), any(OAuth2Request.class))).thenReturn(client);
}
Aggregations