Search in sources :

Example 11 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class OpenAMTokenStoreTest method shouldDeleteDeviceCode.

@Test
public void shouldDeleteDeviceCode() throws Exception {
    // Given
    DeviceCode code = new DeviceCode(json(object(field("tokenName", asSet("device_code")), field("id", asSet("123")), field("user_code", asSet("456")), field("realm", asSet("/")), field("clientID", asSet("CLIENT_ID")))));
    given(tokenStore.read("123")).willReturn(code);
    final RestletOAuth2Request oauth2Request = oAuth2RequestFactory.create(this.request);
    given(request.getAttributes()).willReturn(new ConcurrentHashMap<>(singletonMap("realm", (Object) "/")));
    given(realmNormaliser.normalise("/")).willReturn("/");
    // When
    openAMtokenStore.deleteDeviceCode("CLIENT_ID", "123", oauth2Request);
    // Then
    verify(tokenStore).delete("123");
}
Also used : DeviceCode(org.forgerock.oauth2.core.DeviceCode) RestletOAuth2Request(org.forgerock.oauth2.restlet.RestletOAuth2Request) Test(org.testng.annotations.Test)

Example 12 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckExpired.

@Test
public void shouldCheckExpired() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return true;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) HttpRequest(org.restlet.engine.adapter.HttpRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 13 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletHeaderAccessTokenVerifierTest method shouldCheckValid.

@Test
public void shouldCheckValid() throws Exception {
    // Given
    ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
    challengeResponse.setRawValue("freddy");
    Request request = new Request();
    request.setChallengeResponse(challengeResponse);
    OAuth2Request req = new RestletOAuth2Request(null, request);
    AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {

        @Override
        public boolean isExpired() {
            return false;
        }
    };
    when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isTrue();
    assertThat(result.getTokenId()).isEqualTo("freddy");
    verify(tokenStore).readAccessToken(req, "freddy");
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessToken(org.forgerock.oauth2.core.AccessToken) HttpRequest(org.restlet.engine.adapter.HttpRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) ChallengeResponse(org.restlet.data.ChallengeResponse) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Example 14 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class OpenAMTokenStoreTest method shouldUpdateDeviceCode.

@Test
public void shouldUpdateDeviceCode() throws Exception {
    // Given
    DeviceCode code = new DeviceCode(json(object(field("tokenName", asSet("device_code")), field("id", asSet("123")), field("user_code", asSet("456")), field("realm", asSet("/")), field("clientID", asSet("CLIENT_ID")))));
    given(tokenStore.read("123")).willReturn(code);
    final RestletOAuth2Request oauth2Request = oAuth2RequestFactory.create(this.request);
    given(request.getAttributes()).willReturn(new ConcurrentHashMap<>(singletonMap("realm", (Object) "/")));
    given(realmNormaliser.normalise("/")).willReturn("/");
    // When
    openAMtokenStore.updateDeviceCode(code, oauth2Request);
    // Then
    verify(tokenStore).update(code);
}
Also used : DeviceCode(org.forgerock.oauth2.core.DeviceCode) RestletOAuth2Request(org.forgerock.oauth2.restlet.RestletOAuth2Request) Test(org.testng.annotations.Test)

Example 15 with RestletOAuth2Request

use of org.forgerock.oauth2.restlet.RestletOAuth2Request in project OpenAM by OpenRock.

the class RestletFormBodyAccessTokenVerifierTest method shouldLookupValue.

@Test
public void shouldLookupValue() throws Exception {
    // Given
    Form form = new Form();
    form.add("access_token", "freddy");
    Request request = new Request();
    request.setEntity(form.getWebRepresentation());
    OAuth2Request req = new RestletOAuth2Request(null, request);
    // When
    AccessTokenVerifier.TokenState result = verifier.verify(req);
    // Then
    assertThat(result.isValid()).isFalse();
    verify(tokenStore).readAccessToken(req, "freddy");
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Form(org.restlet.data.Form) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier) Test(org.testng.annotations.Test)

Aggregations

Test (org.testng.annotations.Test)15 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)12 AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)11 Request (org.restlet.Request)10 HttpRequest (org.restlet.engine.adapter.HttpRequest)5 AccessToken (org.forgerock.oauth2.core.AccessToken)4 DeviceCode (org.forgerock.oauth2.core.DeviceCode)4 RestletOAuth2Request (org.forgerock.oauth2.restlet.RestletOAuth2Request)4 Form (org.restlet.data.Form)4 ChallengeResponse (org.restlet.data.ChallengeResponse)3 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)1 ResourceOwner (org.forgerock.oauth2.core.ResourceOwner)1 QueryFilter (org.forgerock.util.query.QueryFilter)1 Header (org.restlet.data.Header)1 ServerCall (org.restlet.engine.adapter.ServerCall)1 EmptyRepresentation (org.restlet.representation.EmptyRepresentation)1 Series (org.restlet.util.Series)1