Search in sources :

Example 16 with OrcidOauth2TokenDetail

use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.

the class OrcidRefreshTokenTokenGranterTest method tryToCreateRefreshTokenWithInvalidClientTest.

@Test
public void tryToCreateRefreshTokenWithInvalidClientTest() {
    // Create token for client # 1, try to create a refresh token using
    // client # 2, fail
    long time = System.currentTimeMillis();
    String parentScope = "/person/update";
    String tokenValue = "parent-token-" + time;
    String refreshTokenValue = "refresh-token-" + time;
    Boolean revokeOld = true;
    Date parentTokenExpiration = new Date(time + 10000);
    Long expireIn = null;
    OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, parentScope);
    try {
        generateRefreshToken(parent, CLIENT_ID_2, revokeOld, expireIn, parentScope);
        fail();
    } catch (IllegalArgumentException e) {
        assertTrue(e.getMessage().contains("This token doesnt belong to the given client"));
    } catch (Exception e) {
        fail();
    }
}
Also used : Date(java.util.Date) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) NoResultException(javax.persistence.NoResultException) InvalidScopeException(org.springframework.security.oauth2.common.exceptions.InvalidScopeException) InvalidTokenException(org.springframework.security.oauth2.common.exceptions.InvalidTokenException) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 17 with OrcidOauth2TokenDetail

use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.

the class OrcidRefreshTokenTokenGranterTest method tryToCreateRefreshTokenWithInvalidParentTokenValueTest.

@Test
public void tryToCreateRefreshTokenWithInvalidParentTokenValueTest() {
    // Create token, try to create refresh token with invalid parent token
    // value, fail
    long time = System.currentTimeMillis();
    String parentScope = "/person/update";
    String tokenValue = "parent-token-" + time;
    String refreshTokenValue = "refresh-token-" + time;
    Boolean revokeOld = true;
    Date parentTokenExpiration = new Date(time + 10000);
    Long expireIn = null;
    OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, parentScope);
    try {
        //Change the value we are going to use for the refresh token
        parent.setTokenValue("invalid-value");
        generateRefreshToken(parent, null, revokeOld, expireIn, parentScope);
        fail();
    } catch (NoResultException e) {
    } catch (Exception e) {
        fail();
    }
}
Also used : NoResultException(javax.persistence.NoResultException) Date(java.util.Date) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) NoResultException(javax.persistence.NoResultException) InvalidScopeException(org.springframework.security.oauth2.common.exceptions.InvalidScopeException) InvalidTokenException(org.springframework.security.oauth2.common.exceptions.InvalidTokenException) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 18 with OrcidOauth2TokenDetail

use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.

the class OrcidRefreshTokenTokenGranterTest method createToken.

private OrcidOauth2TokenDetail createToken(String clientId, String userOrcid, String tokenValue, String refreshTokenValue, Date expirationDate, String scopes) {
    OrcidOauth2TokenDetail token = new OrcidOauth2TokenDetail();
    token.setApproved(true);
    token.setClientDetailsId(clientId);
    token.setDateCreated(new Date());
    token.setLastModified(new Date());
    token.setProfile(new ProfileEntity(userOrcid));
    token.setScope(scopes);
    token.setTokenDisabled(false);
    token.setTokenExpiration(expirationDate);
    token.setTokenType("bearer");
    token.setTokenValue(tokenValue);
    token.setRefreshTokenValue(refreshTokenValue);
    orcidOauth2TokenDetailService.saveOrUpdate(token);
    return token;
}
Also used : OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) Date(java.util.Date) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)

Example 19 with OrcidOauth2TokenDetail

use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.

the class OrcidRefreshTokenTokenGranterTest method createRefreshTokenWithoutRevokeParent.

@Test
public void createRefreshTokenWithoutRevokeParent() {
    // Create token, create refresh without disabling parent token, parent
    // should be enabled, refresh should be enabled
    long time = System.currentTimeMillis();
    String parentScope = "/activities/update /read-limited";
    String tokenValue = "parent-token-" + time;
    String refreshTokenValue = "refresh-token-" + time;
    Boolean revokeOld = false;
    Date parentTokenExpiration = new Date(time + 10000);
    Long expireIn = null;
    OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, parentScope);
    OAuth2AccessToken refresh = generateRefreshToken(parent, null, revokeOld, expireIn);
    assertNotNull(refresh);
    OrcidOauth2TokenDetail parentToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(parent.getTokenValue());
    assertNotNull(parentToken);
    assertEquals(tokenValue, parentToken.getTokenValue());
    assertFalse(parentToken.getTokenDisabled());
    assertNotNull(parentToken.getTokenExpiration());
    OrcidOauth2TokenDetail refreshToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(refresh.getValue());
    assertNotNull(refreshToken);
    assertNotNull(refreshToken.getTokenValue());
    assertNotNull(refreshToken.getRefreshTokenValue());
    assertFalse(refreshToken.getTokenDisabled());
    assertNotNull(refreshToken.getTokenExpiration());
    assertEquals(parentToken.getTokenExpiration().getTime(), refreshToken.getTokenExpiration().getTime());
    assertEquals(parentToken.getScope(), refreshToken.getScope());
    Set<String> tokenScopes = OAuth2Utils.parseParameterList(parentToken.getScope());
    Set<String> originalScopes = OAuth2Utils.parseParameterList(parentScope);
    assertEquals(originalScopes, tokenScopes);
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Date(java.util.Date) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 20 with OrcidOauth2TokenDetail

use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.

the class OrcidRefreshTokenTokenGranterTest method createRefreshTokenWithoutRevokeParentAndWithNarrowerScopes.

@Test
public void createRefreshTokenWithoutRevokeParentAndWithNarrowerScopes() {
    // Create token, create refresh with narrower scopes and without
    // disabling parent token, parent should work, refresh should have
    // narrower scopes
    long time = System.currentTimeMillis();
    String parentScope = "/person/read-limited";
    String refreshScope = "/orcid-bio/read-limited";
    String tokenValue = "parent-token-" + time;
    String refreshTokenValue = "refresh-token-" + time;
    Boolean revokeOld = false;
    Date parentTokenExpiration = new Date(time + 10000);
    Long expireIn = null;
    OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, parentScope);
    OAuth2AccessToken refresh = generateRefreshToken(parent, null, revokeOld, expireIn, refreshScope);
    assertNotNull(refresh);
    OrcidOauth2TokenDetail parentToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(parent.getTokenValue());
    assertNotNull(parentToken);
    assertEquals(tokenValue, parentToken.getTokenValue());
    assertFalse(parentToken.getTokenDisabled());
    assertEquals(parentScope, parentToken.getScope());
    assertNotNull(parentToken.getTokenExpiration());
    OrcidOauth2TokenDetail refreshToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(refresh.getValue());
    assertNotNull(refreshToken);
    assertNotNull(refreshToken.getTokenValue());
    assertNotNull(refreshToken.getRefreshTokenValue());
    assertFalse(refreshToken.getTokenDisabled());
    assertEquals(refreshScope, refreshToken.getScope());
    assertNotNull(refreshToken.getTokenExpiration());
    assertEquals(parentToken.getTokenExpiration().getTime(), refreshToken.getTokenExpiration().getTime());
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Date(java.util.Date) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Aggregations

OrcidOauth2TokenDetail (org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)45 Date (java.util.Date)29 Test (org.junit.Test)27 DBUnitTest (org.orcid.test.DBUnitTest)26 Transactional (org.springframework.transaction.annotation.Transactional)13 Rollback (org.springframework.test.annotation.Rollback)12 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)10 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)9 InvalidTokenException (org.springframework.security.oauth2.common.exceptions.InvalidTokenException)8 InvalidScopeException (org.springframework.security.oauth2.common.exceptions.InvalidScopeException)7 NoResultException (javax.persistence.NoResultException)6 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)5 ArrayList (java.util.ArrayList)4 ScopePathType (org.orcid.jaxb.model.message.ScopePathType)4 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4 OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)3 ApplicationSummary (org.orcid.pojo.ApplicationSummary)3 HashSet (java.util.HashSet)2 OrcidOauth2UserAuthentication (org.orcid.core.oauth.OrcidOauth2UserAuthentication)2 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)2