Example 16 with ChallengeResponse
use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.
the class AccessTokenProtectionFilterTest method testBeforeHandleWithoutToken.
@Test
public void testBeforeHandleWithoutToken() throws Exception {
//Given
Request req = mock(Request.class);
Response resp = mock(Response.class);
OAuth2Request oAuth2Request = mock(OAuth2Request.class);
when(requestFactory.create(req)).thenReturn(oAuth2Request);
ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
challengeResponse.setRawValue("tokenId");
when(req.getChallengeResponse()).thenReturn(challengeResponse);
when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenReturn(null);
//When
int result = filter.beforeHandle(req, resp);
//Then
assertThat(result).isEqualTo(Filter.STOP);
ArgumentCaptor<Status> statusCaptor = ArgumentCaptor.forClass(Status.class);
verify(resp).setStatus(statusCaptor.capture());
Status status = statusCaptor.getValue();
assertThat(status.getThrowable()).isInstanceOf(InvalidTokenException.class);
}
Also used :
ChallengeResponse(org.restlet.data.ChallengeResponse)
Response(org.restlet.Response)
Status(org.restlet.data.Status)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Request(org.restlet.Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ChallengeResponse(org.restlet.data.ChallengeResponse)
Test(org.testng.annotations.Test)
Example 17 with ChallengeResponse
use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.
the class AccessTokenProtectionFilterTest method testBeforeHandleWithInvalidGrant.
@Test
public void testBeforeHandleWithInvalidGrant() throws Exception {
//Given
Request req = mock(Request.class);
Response resp = mock(Response.class);
OAuth2Request oAuth2Request = mock(OAuth2Request.class);
when(requestFactory.create(req)).thenReturn(oAuth2Request);
ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
challengeResponse.setRawValue("tokenId");
when(req.getChallengeResponse()).thenReturn(challengeResponse);
when(tokenStore.readAccessToken(oAuth2Request, "tokenId")).thenThrow(InvalidGrantException.class);
//When
int result = filter.beforeHandle(req, resp);
//Then
assertThat(result).isEqualTo(Filter.STOP);
ArgumentCaptor<Status> statusCaptor = ArgumentCaptor.forClass(Status.class);
verify(resp).setStatus(statusCaptor.capture());
Status status = statusCaptor.getValue();
assertThat(status.getThrowable()).isInstanceOf(InvalidTokenException.class);
}
Also used :
ChallengeResponse(org.restlet.data.ChallengeResponse)
Response(org.restlet.Response)
Status(org.restlet.data.Status)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Request(org.restlet.Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ChallengeResponse(org.restlet.data.ChallengeResponse)
Test(org.testng.annotations.Test)
Example 18 with ChallengeResponse
use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.
the class RestletHeaderAccessTokenVerifierTest method shouldCheckExpired.
@Test
public void shouldCheckExpired() throws Exception {
// Given
ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
challengeResponse.setRawValue("freddy");
Request request = new Request();
request.setChallengeResponse(challengeResponse);
OAuth2Request req = new RestletOAuth2Request(null, request);
AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {
@Override
public boolean isExpired() {
return true;
}
};
when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
// When
AccessTokenVerifier.TokenState result = verifier.verify(req);
// Then
assertThat(result.isValid()).isFalse();
verify(tokenStore).readAccessToken(req, "freddy");
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AccessToken(org.forgerock.oauth2.core.AccessToken)
HttpRequest(org.restlet.engine.adapter.HttpRequest)
Request(org.restlet.Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ChallengeResponse(org.restlet.data.ChallengeResponse)
AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier)
Test(org.testng.annotations.Test)
Example 19 with ChallengeResponse
use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.
the class RestletHeaderAccessTokenVerifierTest method shouldCheckValid.
@Test
public void shouldCheckValid() throws Exception {
// Given
ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.CUSTOM, "foo", "bar");
challengeResponse.setRawValue("freddy");
Request request = new Request();
request.setChallengeResponse(challengeResponse);
OAuth2Request req = new RestletOAuth2Request(null, request);
AccessToken token = new AccessToken(json(object()), "access_token", "freddy") {
@Override
public boolean isExpired() {
return false;
}
};
when(tokenStore.readAccessToken(req, "freddy")).thenReturn(token);
// When
AccessTokenVerifier.TokenState result = verifier.verify(req);
// Then
assertThat(result.isValid()).isTrue();
assertThat(result.getTokenId()).isEqualTo("freddy");
verify(tokenStore).readAccessToken(req, "freddy");
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AccessToken(org.forgerock.oauth2.core.AccessToken)
HttpRequest(org.restlet.engine.adapter.HttpRequest)
Request(org.restlet.Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ChallengeResponse(org.restlet.data.ChallengeResponse)
AccessTokenVerifier(org.forgerock.oauth2.core.AccessTokenVerifier)
Test(org.testng.annotations.Test)
Example 20 with ChallengeResponse
use of org.restlet.data.ChallengeResponse in project OpenAM by OpenRock.
the class RestletHeaderAccessTokenVerifier method getChallengeResponse.
/**
* Returns the authentication response sent by a client to an origin server
* instead of org.restlet.engine.adapter.HttpRequest.
*
* @return The authentication response sent by a client to an origin server.
*/
public ChallengeResponse getChallengeResponse(Request request) {
if (request instanceof HttpRequest) {
// Extract the header value
final Series<Header> headers = ((HttpRequest) request).getHttpCall().getRequestHeaders();
final String authorization = headers.getValues(HeaderConstants.HEADER_AUTHORIZATION);
if (authorization != null) {
int space = authorization.indexOf(' ');
if (space != -1) {
String scheme = authorization.substring(0, space);
if (scheme.equalsIgnoreCase("Bearer")) {
ChallengeResponse result = new ChallengeResponse(new ChallengeScheme("HTTP_" + scheme, scheme));
result.setRawValue(authorization.substring(space + 1));
request.setChallengeResponse(result);
return result;
}
}
}
}
return request.getChallengeResponse();
}
Also used :
HttpRequest(org.restlet.engine.adapter.HttpRequest)
Header(org.restlet.data.Header)
ChallengeScheme(org.restlet.data.ChallengeScheme)
ChallengeResponse(org.restlet.data.ChallengeResponse)
Aggregations
ChallengeResponse (org.restlet.data.ChallengeResponse)26
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)17
Request (org.restlet.Request)15
Test (org.testng.annotations.Test)9
AccessToken (org.forgerock.oauth2.core.AccessToken)8
Response (org.restlet.Response)8
Status (org.restlet.data.Status)5
HttpRequest (org.restlet.engine.adapter.HttpRequest)5
InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)4
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)4
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)4
AccessTokenVerifier (org.forgerock.oauth2.core.AccessTokenVerifier)3
ApiAccessToken (cbit.vcell.modeldb.ApiAccessToken)2
SQLException (java.sql.SQLException)2
Form (org.restlet.data.Form)2
Representation (org.restlet.representation.Representation)2
ApiClient (cbit.vcell.modeldb.ApiClient)1
ParseException (java.text.ParseException)1
Collection (java.util.Collection)1
HashSet (java.util.HashSet)1
