use of org.orcid.core.oauth.OrcidOauth2ClientAuthentication in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method testReissuedAccessTokenHasUpdatedExpiration.
@Test
public void testReissuedAccessTokenHasUpdatedExpiration() throws InterruptedException {
Date earliestExpiry = oneHoursTime();
Map<String, String> authorizationParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date latestExpiry = oneHoursTime();
assertNotNull(oauth2AccessToken);
assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
Thread.sleep(1000);
earliestExpiry = oneHoursTime();
OAuth2AccessToken reissuedOauth2AccessToken = tokenServices.createAccessToken(authentication);
latestExpiry = oneHoursTime();
assertNotNull(reissuedOauth2AccessToken);
assertFalse(reissuedOauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(reissuedOauth2AccessToken.getExpiration().after(latestExpiry));
}
use of org.orcid.core.oauth.OrcidOauth2ClientAuthentication in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method tokenExpireIn20YearsTest.
/**
* Check that the token created with a persistent code will expire within 20 years
* */
@Test
public void tokenExpireIn20YearsTest() throws InterruptedException {
Date in20years = twentyYearsTime();
Thread.sleep(2000);
Map<String, String> requestParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
requestParameters.put(OAuth2Utils.CLIENT_ID, clientId);
requestParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
requestParameters.put("code", "code1");
requestParameters.put(OrcidOauth2Constants.IS_PERSISTENT, "true");
OAuth2Request request = new OAuth2Request(requestParameters, clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date tokenExpiration = oauth2AccessToken.getExpiration();
//The token expires in 20 years
assertFalse(in20years.after(tokenExpiration));
in20years = twentyYearsTime();
//Confirm the token expires in 20 years
assertFalse(tokenExpiration.after(in20years));
}
use of org.orcid.core.oauth.OrcidOauth2ClientAuthentication in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method testCreateAddWorkAccessToken.
@Test
public void testCreateAddWorkAccessToken() {
Date earliestExpiry = oneHoursTime();
Map<String, String> authorizationParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date latestExpiry = oneHoursTime();
assertNotNull(oauth2AccessToken);
assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
}
use of org.orcid.core.oauth.OrcidOauth2ClientAuthentication in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method testCreateReadLimitedAccessToken.
@Test
public void testCreateReadLimitedAccessToken() {
Date earliestExpiry = oneHoursTime();
Map<String, String> authorizationParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-profile/read-limited");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date latestExpiry = oneHoursTime();
assertNotNull(oauth2AccessToken);
assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
}
use of org.orcid.core.oauth.OrcidOauth2ClientAuthentication in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method tokenExpireInAnHourTest.
/**
* Check that the token created with a non persistent code will expire within an hour
* */
@Test
public void tokenExpireInAnHourTest() throws InterruptedException {
Map<String, String> authorizationParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
authorizationParameters.put("code", "code2");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date tokenExpiration = oauth2AccessToken.getExpiration();
Thread.sleep(2000);
//The token expires in less than one hour
assertFalse(tokenExpiration.after(oneHoursTime()));
}
Aggregations