Search in sources :

Example 61 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project java by kubernetes-client.

the class KubeConfigTest method testGCPAuthProviderExpiredTokenWithoutGCloud.

@Test
public void testGCPAuthProviderExpiredTokenWithoutGCloud() {
    String gcpConfigExpiredToken = "apiVersion: v1\n" + "contexts:\n" + "- context:\n" + "    user: gke-cluster\n" + "  name: foo-context\n" + "current-context: foo-context\n" + "users:\n" + "- name: gke-cluster\n" + "  user:\n" + "    auth-provider:\n" + "      config:\n" + "        access-token: fake-token\n" + "        expiry: 1970-01-01T00:00:00Z\n" + "      name: gcp";
    String fakeToken = "new-fake-token";
    String fakeTokenExpiry = "2121-08-05T02:30:24Z";
    GoogleCredentials mockGC = Mockito.mock(GoogleCredentials.class);
    Mockito.when(mockGC.getAccessToken()).thenReturn(new AccessToken(fakeToken, Date.from(Instant.parse(fakeTokenExpiry))));
    KubeConfig.registerAuthenticator(new GCPAuthenticator(null, mockGC));
    try {
        KubeConfig kc = KubeConfig.loadKubeConfig(new StringReader(gcpConfigExpiredToken));
        assertEquals(fakeToken, kc.getAccessToken());
    } catch (Exception ex) {
        ex.printStackTrace();
        fail("Unexpected exception: " + ex);
    }
}
Also used : GCPAuthenticator(io.kubernetes.client.util.authenticators.GCPAuthenticator) AccessToken(com.google.auth.oauth2.AccessToken) StringReader(java.io.StringReader) GoogleCredentials(com.google.auth.oauth2.GoogleCredentials) IOException(java.io.IOException) Test(org.junit.Test)

Example 62 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project grpc-java by grpc.

the class GoogleAuthLibraryCallCredentialsTest method serviceAccountWithScopeNotToJwt.

@Test
public void serviceAccountWithScopeNotToJwt() throws Exception {
    final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
    KeyPair pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
    ServiceAccountCredentials credentials = new ServiceAccountCredentials(null, "email@example.com", pair.getPrivate(), null, Arrays.asList("somescope")) {

        @Override
        public AccessToken refreshAccessToken() {
            return token;
        }
    };
    GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
    callCredentials.applyRequestMetadata(method, attrs, executor, applier);
    assertEquals(1, runPendingRunnables());
    verify(applier).apply(headersCaptor.capture());
    Metadata headers = headersCaptor.getValue();
    Iterable<String> authorization = headers.getAll(AUTHORIZATION);
    assertArrayEquals(new String[] { "Bearer allyourbase" }, Iterables.toArray(authorization, String.class));
}
Also used : KeyPair(java.security.KeyPair) AccessToken(com.google.auth.oauth2.AccessToken) Metadata(io.grpc.Metadata) ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials) Date(java.util.Date) Test(org.junit.Test)

Example 63 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project vertx-auth by vert-x3.

the class OAuth2IntrospectTest method introspectAccessTokenKeyCloakWay.

@Test
public void introspectAccessTokenKeyCloakWay() {
    config = oauthIntrospect;
    fixture = fixtureKeycloak;
    oauth2.introspectToken(token, res -> {
        if (res.failed()) {
            fail(res.cause().getMessage());
        } else {
            AccessToken token = res.result();
            assertNotNull(token);
            JsonObject principal = token.principal();
            assertTrue(principal.getBoolean("active"));
            testComplete();
        }
    });
    await();
}
Also used : AccessToken(io.vertx.ext.auth.oauth2.AccessToken) JsonObject(io.vertx.core.json.JsonObject) Test(org.junit.Test)

Example 64 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project vertx-auth by vert-x3.

the class OAuth2IntrospectTest method introspectAccessTokenGoogleWay.

@Test
public void introspectAccessTokenGoogleWay() {
    config = oauthIntrospect;
    fixture = fixtureGoogle;
    oauth2.introspectToken(token, res -> {
        if (res.failed()) {
            fail(res.cause().getMessage());
        } else {
            AccessToken token = res.result();
            assertNotNull(token);
            // make a copy because later we need to original data
            JsonObject principal = token.principal().copy();
            // clean time specific value
            principal.remove("expires_at");
            principal.remove("access_token");
            assertEquals(fixtureGoogle.getMap(), principal.getMap());
            token.isAuthorized("profile", res0 -> {
                if (res0.failed()) {
                    fail(res0.cause().getMessage());
                } else {
                    if (res0.result()) {
                        // Issue #142
                        // the test is a replay of the same test so all checks have
                        // been done above.
                        // the replay shows that the api can be used from the user object
                        // directly too
                        token.introspect(v -> {
                            if (v.failed()) {
                                fail(v.cause());
                            } else {
                                testComplete();
                            }
                        });
                    } else {
                        fail("Should be allowed");
                    }
                }
            });
        }
    });
    await();
}
Also used : AccessToken(io.vertx.ext.auth.oauth2.AccessToken) JsonObject(io.vertx.core.json.JsonObject) Test(org.junit.Test)

Example 65 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project vertx-auth by vert-x3.

the class OAuth2UserInfoTest method getUserInfoWithParams.

@Test
public void getUserInfoWithParams() {
    final AccessToken accessToken = new OAuth2TokenImpl((OAuth2AuthProviderImpl) oauth2, new JsonObject("{\"access_token\":\"eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJhdXRob3JpemF0aW9uIjp7InBlcm1pc3Npb25zIjpbeyJyZXNvdXJjZV9zZXRfaWQiOiJkMmZlOTg0My02NDYyLTRiZmMtYmFiYS1iNTc4N2JiNmUwZTciLCJyZXNvdXJjZV9zZXRfbmFtZSI6IkhlbGxvIFdvcmxkIFJlc291cmNlIn1dfSwianRpIjoiZDYxMDlhMDktNzhmZC00OTk4LWJmODktOTU3MzBkZmQwODkyLTE0NjQ5MDY2Nzk0MDUiLCJleHAiOjk5OTk5OTk5OTksIm5iZiI6MCwiaWF0IjoxNDY0OTA2NjcxLCJzdWIiOiJmMTg4OGY0ZC01MTcyLTQzNTktYmUwYy1hZjMzODUwNWQ4NmMiLCJ0eXAiOiJrY19ldHQiLCJhenAiOiJoZWxsby13b3JsZC1hdXRoei1zZXJ2aWNlIn0\",\"active\":true,\"scope\":\"scopeA scopeB\",\"client_id\":\"client-id\",\"username\":\"username\",\"token_type\":\"bearer\",\"expires_at\":99999999999000}"));
    accessToken.userInfo(userInfo -> {
        if (userInfo.failed()) {
            fail(userInfo.cause().getMessage());
        } else {
            assertEquals(fixture, userInfo.result());
            testComplete();
        }
    });
    await();
}
Also used : AccessToken(io.vertx.ext.auth.oauth2.AccessToken) JsonObject(io.vertx.core.json.JsonObject) OAuth2TokenImpl(io.vertx.ext.auth.oauth2.impl.OAuth2TokenImpl) Test(org.junit.Test)

Aggregations

AccessToken (com.google.auth.oauth2.AccessToken)74 Test (org.junit.Test)41 GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)30 Date (java.util.Date)23 IOException (java.io.IOException)20 AccessToken (io.vertx.ext.auth.oauth2.AccessToken)16 Client (javax.ws.rs.client.Client)10 AccessToken (org.glassfish.jersey.client.oauth1.AccessToken)10 ConsumerCredentials (org.glassfish.jersey.client.oauth1.ConsumerCredentials)10 JsonObject (io.vertx.core.json.JsonObject)9 URI (java.net.URI)9 Feature (javax.ws.rs.core.Feature)8 JerseyTest (org.glassfish.jersey.test.JerseyTest)8 Instant (java.time.Instant)7 MockHttpTransport (com.google.api.client.testing.http.MockHttpTransport)6 ServiceAccountCredentials (com.google.auth.oauth2.ServiceAccountCredentials)6 InputStreamReader (java.io.InputStreamReader)6 WebTarget (javax.ws.rs.client.WebTarget)6 LoggingFeature (org.glassfish.jersey.logging.LoggingFeature)6 OAuth2Credentials (com.google.auth.oauth2.OAuth2Credentials)5