Search in sources :

Example 1 with GoogleAccessTokenContext

use of org.gatein.security.oauth.google.GoogleAccessTokenContext in project gatein-portal by Meeds-io.

the class TestSocialNetworkService method createGoogleAccessToken.

private GoogleAccessTokenContext createGoogleAccessToken(String accessToken, String refreshToken, String... scope) {
    GoogleTokenResponse grc = new GoogleTokenResponse();
    grc.setAccessToken(accessToken);
    grc.setRefreshToken(refreshToken);
    grc.setExpiresInSeconds(1000L);
    grc.setTokenType("Bearer");
    grc.setIdToken("someTokenId");
    return new GoogleAccessTokenContext(grc, scope);
}
Also used : GoogleTokenResponse(com.google.api.client.googleapis.auth.oauth2.GoogleTokenResponse) GoogleAccessTokenContext(org.gatein.security.oauth.google.GoogleAccessTokenContext)

Example 2 with GoogleAccessTokenContext

use of org.gatein.security.oauth.google.GoogleAccessTokenContext in project gatein-portal by Meeds-io.

the class TestSocialNetworkService method testAccessTokensWithMoreScopes.

public void testAccessTokensWithMoreScopes() throws Exception {
    User user1 = new UserImpl("testUser1");
    orgService.getUserHandler().createUser(user1, false);
    // Update some google accessToken with two scopes
    GoogleAccessTokenContext googleToken = createGoogleAccessToken("ccc789", "rfrc487", "http://someScope", "http://someScope2");
    socialNetworkService.updateOAuthAccessToken(getGoogleProvider(), user1.getUserName(), googleToken);
    // Verify that Google accessTokens could be obtained and are equals to saved access token
    assertEquals(googleToken, socialNetworkService.getOAuthAccessToken(getGoogleProvider(), user1.getUserName()));
    // Update some google accessToken with two scopes
    FacebookAccessTokenContext facebookToken = createFacebookAccessToken("ddd789", "rfrc4876", "email", "publish_stream");
    socialNetworkService.updateOAuthAccessToken(getFacebookProvider(), user1.getUserName(), facebookToken);
    // Verify that Facebook accessTokens could be obtained and are equals to saved access token
    assertEquals(facebookToken, socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()));
    orgService.getUserHandler().removeUser(user1.getUserName(), false);
}
Also used : User(org.exoplatform.services.organization.User) FacebookAccessTokenContext(org.gatein.security.oauth.facebook.FacebookAccessTokenContext) UserImpl(org.exoplatform.services.organization.impl.UserImpl) GoogleAccessTokenContext(org.gatein.security.oauth.google.GoogleAccessTokenContext)

Example 3 with GoogleAccessTokenContext

use of org.gatein.security.oauth.google.GoogleAccessTokenContext in project gatein-portal by Meeds-io.

the class TestSocialNetworkService method testPersistOAuthAccessTokens.

public void testPersistOAuthAccessTokens() throws Exception {
    User user1 = new UserImpl("testUser1");
    User user2 = new UserImpl("testUser2");
    orgService.getUserHandler().createUser(user1, false);
    orgService.getUserHandler().createUser(user2, false);
    // Update some facebook accessTokens
    socialNetworkService.updateOAuthAccessToken(getFacebookProvider(), user1.getUserName(), createFacebookAccessToken("aaa123"));
    socialNetworkService.updateOAuthAccessToken(getFacebookProvider(), user2.getUserName(), createFacebookAccessToken("bbb456"));
    // Update some google accessToken
    GoogleAccessTokenContext googleToken = createGoogleAccessToken("ccc789", "rfrc487", "http://someScope");
    socialNetworkService.updateOAuthAccessToken(getGoogleProvider(), user1.getUserName(), googleToken);
    // Update some twitter accessToken
    TwitterAccessTokenContext twitterToken = new TwitterAccessTokenContext("tok1", "secret1");
    socialNetworkService.updateOAuthAccessToken(getTwitterProvider(), user1.getUserName(), twitterToken);
    // Verify that FB accessTokens could be obtained
    assertEquals("aaa123", socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()).getAccessToken());
    assertEquals("bbb456", socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user2.getUserName()).getAccessToken());
    // Verify that Google accessToken could be obtained
    googleToken = createGoogleAccessToken("ccc789", "rfrc487", "http://someScope");
    assertEquals(googleToken, socialNetworkService.getOAuthAccessToken(getGoogleProvider(), user1.getUserName()));
    assertNull(socialNetworkService.getOAuthAccessToken(getGoogleProvider(), user2.getUserName()));
    // Verify that twitter accessToken could be obtained
    assertEquals(new TwitterAccessTokenContext("tok1", "secret1"), socialNetworkService.getOAuthAccessToken(getTwitterProvider(), user1.getUserName()));
    assertNull(socialNetworkService.getOAuthAccessToken(getTwitterProvider(), user2.getUserName()));
    // Directly obtain accessTokens from userProfile and verify that they are encoded
    UserProfile userProfile1 = orgService.getUserProfileHandler().findUserProfileByName("testUser1");
    UserProfile userProfile2 = orgService.getUserProfileHandler().findUserProfileByName("testUser2");
    String encodedAccessToken1 = userProfile1.getAttribute(OAuthConstants.PROFILE_FACEBOOK_ACCESS_TOKEN + ".1");
    String encodedAccessToken2 = userProfile2.getAttribute(OAuthConstants.PROFILE_FACEBOOK_ACCESS_TOKEN + ".1");
    assertFalse("aaa123".equals(encodedAccessToken1));
    assertFalse("bbb456".equals(encodedAccessToken2));
    assertTrue(codec.encode("aaa123").equals(encodedAccessToken1));
    assertTrue(codec.encode("bbb456").equals(encodedAccessToken2));
    // Verify that tokens are null after invalidation
    socialNetworkService.removeOAuthAccessToken(getFacebookProvider(), user1.getUserName());
    socialNetworkService.removeOAuthAccessToken(getGoogleProvider(), user1.getUserName());
    socialNetworkService.removeOAuthAccessToken(getTwitterProvider(), user1.getUserName());
    assertNull(socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()));
    assertNull(socialNetworkService.getOAuthAccessToken(getGoogleProvider(), user1.getUserName()));
    assertNull(socialNetworkService.getOAuthAccessToken(getTwitterProvider(), user1.getUserName()));
    assertNotNull(socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user2.getUserName()));
    orgService.getUserHandler().removeUser(user1.getUserName(), false);
    orgService.getUserHandler().removeUser(user2.getUserName(), false);
}
Also used : User(org.exoplatform.services.organization.User) UserProfile(org.exoplatform.services.organization.UserProfile) UserImpl(org.exoplatform.services.organization.impl.UserImpl) TwitterAccessTokenContext(org.gatein.security.oauth.twitter.TwitterAccessTokenContext) GoogleAccessTokenContext(org.gatein.security.oauth.google.GoogleAccessTokenContext)

Example 4 with GoogleAccessTokenContext

use of org.gatein.security.oauth.google.GoogleAccessTokenContext in project gatein-portal by Meeds-io.

the class TestSocialNetworkService method testLongAccessToken.

public void testLongAccessToken() throws Exception {
    // Create some example token of length 800
    User user1 = new UserImpl("testUser1");
    orgService.getUserHandler().createUser(user1, false);
    String longAccessToken = createLongString();
    // FACEBOOK
    // Update long accessToken and verify that it's available
    socialNetworkService.updateOAuthInfo(getFacebookProvider(), user1.getUserName(), "fbUsername1", createFacebookAccessToken(longAccessToken));
    assertEquals(longAccessToken, socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()).getAccessToken());
    // Update with some short token now
    String shortAccessToken = "someToken1";
    socialNetworkService.updateOAuthInfo(getFacebookProvider(), user1.getUserName(), "fbUsername1", createFacebookAccessToken(shortAccessToken));
    assertEquals(shortAccessToken, socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()).getAccessToken());
    // GOOGLE
    GoogleAccessTokenContext grc = createGoogleAccessToken(longAccessToken, longAccessToken, "http://someScope");
    socialNetworkService.updateOAuthInfo(getGoogleProvider(), user1.getUserName(), "googleUsername1", grc);
    assertEquals(grc, socialNetworkService.getOAuthAccessToken(getGoogleProvider(), user1.getUserName()));
    socialNetworkService.removeOAuthAccessToken(getGoogleProvider(), user1.getUserName());
    assertNull(socialNetworkService.getOAuthAccessToken(getGoogleProvider(), user1.getUserName()));
    // TWITTER
    TwitterAccessTokenContext twitterToken = new TwitterAccessTokenContext(longAccessToken, longAccessToken);
    socialNetworkService.updateOAuthAccessToken(getTwitterProvider(), user1.getUserName(), twitterToken);
    assertEquals(twitterToken, socialNetworkService.getOAuthAccessToken(getTwitterProvider(), user1.getUserName()));
    twitterToken = new TwitterAccessTokenContext(shortAccessToken, shortAccessToken);
    socialNetworkService.updateOAuthAccessToken(getTwitterProvider(), user1.getUserName(), twitterToken);
    assertEquals(twitterToken, socialNetworkService.getOAuthAccessToken(getTwitterProvider(), user1.getUserName()));
    orgService.getUserHandler().removeUser(user1.getUserName(), false);
}
Also used : User(org.exoplatform.services.organization.User) UserImpl(org.exoplatform.services.organization.impl.UserImpl) TwitterAccessTokenContext(org.gatein.security.oauth.twitter.TwitterAccessTokenContext) GoogleAccessTokenContext(org.gatein.security.oauth.google.GoogleAccessTokenContext)

Example 5 with GoogleAccessTokenContext

use of org.gatein.security.oauth.google.GoogleAccessTokenContext in project gatein-portal by Meeds-io.

the class TestSocialNetworkService method testInvalidationOfAccessTokens.

public void testInvalidationOfAccessTokens() throws Exception {
    User user1 = new UserImpl("testUser1");
    orgService.getUserHandler().createUser(user1, false);
    // Update some accessToken and verify that it's available
    socialNetworkService.updateOAuthInfo(getFacebookProvider(), user1.getUserName(), "fbUsername1", createFacebookAccessToken("fbAccessToken1"));
    assertEquals("fbAccessToken1", socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()).getAccessToken());
    // Update some accessToken again
    socialNetworkService.updateOAuthInfo(getFacebookProvider(), user1.getUserName(), "fbUsername1", createFacebookAccessToken("fbAccessToken2"));
    assertEquals("fbAccessToken2", socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()).getAccessToken());
    // Update userProfile and change FB username. AccessToken should be invalidated
    UserProfile userProfile1 = orgService.getUserProfileHandler().findUserProfileByName(user1.getUserName());
    userProfile1.setAttribute(getFacebookProvider().getUserNameAttrName(), "fbUsername2");
    orgService.getUserProfileHandler().saveUserProfile(userProfile1, true);
    assertNull(socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()));
    // Update some accessToken and verify it's here now
    socialNetworkService.updateOAuthAccessToken(getFacebookProvider(), user1.getUserName(), createFacebookAccessToken("fbAccessToken3"));
    assertEquals("fbAccessToken3", socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()).getAccessToken());
    // Null FB username and verify that accessToken is invalidated
    userProfile1 = orgService.getUserProfileHandler().findUserProfileByName(user1.getUserName());
    userProfile1.setAttribute(getFacebookProvider().getUserNameAttrName(), null);
    orgService.getUserProfileHandler().saveUserProfile(userProfile1, true);
    assertNull(socialNetworkService.getOAuthAccessToken(getFacebookProvider(), user1.getUserName()));
    // Test this with Twitter
    TwitterAccessTokenContext twitterToken = new TwitterAccessTokenContext("token1", "secret1");
    socialNetworkService.updateOAuthInfo(getTwitterProvider(), user1.getUserName(), "twitterUsername1", twitterToken);
    userProfile1 = orgService.getUserProfileHandler().findUserProfileByName(user1.getUserName());
    userProfile1.setAttribute(getTwitterProvider().getUserNameAttrName(), "twitterUsername2");
    orgService.getUserProfileHandler().saveUserProfile(userProfile1, true);
    assertNull(socialNetworkService.getOAuthAccessToken(getTwitterProvider(), user1.getUserName()));
    // Test this with Google
    GoogleAccessTokenContext grc = createGoogleAccessToken("token1", "rf1", "http://someScope");
    socialNetworkService.updateOAuthInfo(getGoogleProvider(), user1.getUserName(), "googleUsername1", grc);
    userProfile1 = orgService.getUserProfileHandler().findUserProfileByName(user1.getUserName());
    userProfile1.setAttribute(getGoogleProvider().getUserNameAttrName(), "googleUsername2");
    orgService.getUserProfileHandler().saveUserProfile(userProfile1, true);
    assertNull(socialNetworkService.getOAuthAccessToken(getGoogleProvider(), user1.getUserName()));
    orgService.getUserHandler().removeUser(user1.getUserName(), false);
}
Also used : User(org.exoplatform.services.organization.User) UserProfile(org.exoplatform.services.organization.UserProfile) UserImpl(org.exoplatform.services.organization.impl.UserImpl) TwitterAccessTokenContext(org.gatein.security.oauth.twitter.TwitterAccessTokenContext) GoogleAccessTokenContext(org.gatein.security.oauth.google.GoogleAccessTokenContext)

Aggregations

GoogleAccessTokenContext (org.gatein.security.oauth.google.GoogleAccessTokenContext)7 User (org.exoplatform.services.organization.User)4 UserImpl (org.exoplatform.services.organization.impl.UserImpl)4 TwitterAccessTokenContext (org.gatein.security.oauth.twitter.TwitterAccessTokenContext)3 GoogleTokenResponse (com.google.api.client.googleapis.auth.oauth2.GoogleTokenResponse)2 UserProfile (org.exoplatform.services.organization.UserProfile)2 Userinfo (com.google.api.services.oauth2.model.Userinfo)1 AccessTokenImpl (org.gatein.api.oauth.AccessTokenImpl)1 FacebookAccessTokenContext (org.gatein.security.oauth.facebook.FacebookAccessTokenContext)1 GoogleProcessor (org.gatein.security.oauth.google.GoogleProcessor)1