Examples with TokenStore org.forgerock.oauth2.core.TokenStore used on opensource projects

Example 1 with TokenStore

use of org.forgerock.oauth2.core.TokenStore in project OpenAM by OpenRock.

the class OpenAMTokenStoreTest method setUp.

@BeforeMethod
public void setUp() {
    tokenStore = mock(OAuthTokenStore.class);
    providerSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
    oAuth2UrisFactory = mock(OAuth2UrisFactory.class);
    clientRegistrationStore = mock(OpenIdConnectClientRegistrationStore.class);
    realmNormaliser = mock(RealmNormaliser.class);
    ssoTokenManager = mock(SSOTokenManager.class);
    request = mock(Request.class);
    cookieExtractor = mock(CookieExtractor.class);
    auditLogger = mock(OAuth2AuditLogger.class);
    debug = mock(Debug.class);
    failureFactory = mock(ClientAuthenticationFailureFactory.class);
    oAuth2RequestFactory = new RestletOAuth2RequestFactory(new JacksonRepresentationFactory(new ObjectMapper()));
    ClientAuthenticationFailureFactory failureFactory = mock(ClientAuthenticationFailureFactory.class);
    InvalidClientException expectedResult = mock(InvalidClientException.class);
    when(expectedResult.getError()).thenReturn(new String("invalid_client"));
    when(failureFactory.getException()).thenReturn(expectedResult);
    when(failureFactory.getException(anyString())).thenReturn(expectedResult);
    when(failureFactory.getException(any(OAuth2Request.class), anyString())).thenReturn(expectedResult);
    openAMtokenStore = new OpenAMTokenStore(tokenStore, providerSettingsFactory, oAuth2UrisFactory, clientRegistrationStore, realmNormaliser, ssoTokenManager, cookieExtractor, auditLogger, debug, new SecureRandom(), failureFactory);
}

Example 2 with TokenStore

use of org.forgerock.oauth2.core.TokenStore in project OpenAM by OpenRock.

the class AccessTokenProtectionFilterTest method testBeforeHandleWithoutNeedingScope.

@Test
public void testBeforeHandleWithoutNeedingScope() throws Exception {
    //Given
    filter = new AccessTokenProtectionFilter(null, tokenStore, requestFactory, null);
    Request req = mock(Request.class);
    Response resp = mock(Response.class);
    OAuth2Request oAuth2Request = mock(OAuth2Request.class);
    when(requestFactory.create(req)).thenReturn(oAuth2Request);
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
    challengeResponse.setRawValue("tokenId");
    when(req.getChallengeResponse()).thenReturn(challengeResponse);
    AccessToken accessToken = new AccessToken(json(object(field("id", "tokenId"), field("tokenName", "access_token"), field("scope", asSet("a")), field("expireTime", System.currentTimeMillis() + 5000))));
    when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenReturn(accessToken);
    //When
    int result = filter.beforeHandle(req, resp);
    //Then
    assertThat(result).isEqualTo(Filter.CONTINUE);
}

Example 3 with TokenStore

use of org.forgerock.oauth2.core.TokenStore in project OpenAM by OpenRock.

the class RestletFormBodyAccessTokenVerifierTest method shouldCheckValid.

@Test
public void shouldCheckValid() throws Exception {
    // Given
    Form form = new Form();
    form.add("access_token", "freddy");
    Request request = new Request();
    request.setEntity(form.getWebRepresentation());
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return false;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isTrue();
    assertThat(result.getTokenId()).isEqualTo("freddy");
    verify(tokenStore).readAccessToken(req, "freddy");
}

Example 4 with TokenStore

use of org.forgerock.oauth2.core.TokenStore in project OpenAM by OpenRock.

the class RestletFormBodyAccessTokenVerifierTest method shouldCheckExpired.

@Test
public void shouldCheckExpired() throws Exception {
    // Given
    Form form = new Form();
    form.add("access_token", "freddy");
    Request request = new Request();
    request.setEntity(form.getWebRepresentation());
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return true;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}

Example 5 with TokenStore

use of org.forgerock.oauth2.core.TokenStore in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckHttpHeader.

@Test
public void shouldCheckHttpHeader() throws Exception {
    // Given
    ServerCall serverCall = mock(ServerCall.class);
    HttpRequest request = mock(HttpRequest.class);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    when(request.getHttpCall()).thenReturn(serverCall);
    Series<Header> requestHeaders = new Series<Header>(Header.class);
    requestHeaders.add(new Header(HeaderConstants.HEADER_AUTHORIZATION, "Bearer freddy"));
    when(request.getHttpCall().getRequestHeaders()).thenReturn(requestHeaders);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}