Search in sources :

Example 6 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletFormBodyAccessTokenVerifierTest method shouldCheckBody.

@Test
public void shouldCheckBody() throws Exception {
    // Given
    Request request = new Request();
    OAuth2Request req = new RestletOAuth2Request(null, request);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 7 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletFormBodyAccessTokenVerifierTest method shouldCheckParameter.

@Test
public void shouldCheckParameter() throws Exception {
    // Given
    Form form = new Form();
    Request request = new Request();
    request.setEntity(form.getWebRepresentation());
    OAuth2Request req = new RestletOAuth2Request(null, request);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Form(org.restlet.data.Form) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 8 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckHeader.

@Test
public void shouldCheckHeader() throws Exception {
    // Given
    Request request = new Request();
    OAuth2Request req = new RestletOAuth2Request(null, request);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) HttpRequest(org.restlet.engine.adapter.HttpRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 9 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckHttpHeader.

@Test
public void shouldCheckHttpHeader() throws Exception {
    // Given
    ServerCall serverCall = mock(ServerCall.class);
    HttpRequest request = mock(HttpRequest.class);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    when(request.getHttpCall()).thenReturn(serverCall);
    Series<Header> requestHeaders = new Series<Header>(Header.class);
    requestHeaders.add(new Header(HeaderConstants.HEADER_AUTHORIZATION, "Bearer freddy"));
    when(request.getHttpCall().getRequestHeaders()).thenReturn(requestHeaders);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}
Also used : HttpRequest(org.restlet.engine.adapter.HttpRequest) Series(org.restlet.util.Series) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Header(org.restlet.data.Header) ServerCall(org.restlet.engine.adapter.ServerCall) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 10 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldLookupValue.

@Test
public void shouldLookupValue() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) HttpRequest(org.restlet.engine.adapter.HttpRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Aggregations

Test (org.testng.annotations.Test)15 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)12 AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)11 Request (org.restlet.Request)10 HttpRequest (org.restlet.engine.adapter.HttpRequest)5 AccessToken (org.forgerock.oauth2.core.AccessToken)4 DeviceCode (org.forgerock.oauth2.core.DeviceCode)4 RestletOAuth2Request (org.forgerock.oauth2.restlet.RestletOAuth2Request)4 Form (org.restlet.data.Form)4 ChallengeResponse (org.restlet.data.ChallengeResponse)3 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)1 ResourceOwner (org.forgerock.oauth2.core.ResourceOwner)1 QueryFilter (org.forgerock.util.query.QueryFilter)1 Header (org.restlet.data.Header)1 ServerCall (org.restlet.engine.adapter.ServerCall)1 EmptyRepresentation (org.restlet.representation.EmptyRepresentation)1 Series (org.restlet.util.Series)1