Examples with OAuthNonceServices org.springframework.security.oauth.provider.nonce.OAuthNonceServices used on opensource projects

Example 1 with OAuthNonceServices

use of org.springframework.security.oauth.provider.nonce.OAuthNonceServices in project spring-security-oauth by spring-projects.

the class OAuthProcessingFilterTests method testValidateParams.

/**
	 * tests validation of the params.
	 */
@Test
public void testValidateParams() throws Exception {
    OAuthProviderProcessingFilter filter = new OAuthProviderProcessingFilter() {

        protected void onValidSignature(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
        }
    };
    ConsumerDetails consumerDetails = mock(ConsumerDetails.class);
    HashMap<String, String> params = new HashMap<String, String>();
    params.put(OAuthConsumerParameter.oauth_version.toString(), "1.1");
    try {
        filter.validateOAuthParams(consumerDetails, params);
        fail("should have thrown a bad credentials.");
    } catch (OAuthVersionUnsupportedException e) {
        params.remove(OAuthConsumerParameter.oauth_version.toString());
    }
    filter.getAuthenticationEntryPoint().setRealmName("anywho");
    params.put("realm", "hello");
    try {
        filter.validateOAuthParams(consumerDetails, params);
        fail("should have thrown a bad credentials.");
    } catch (InvalidOAuthParametersException e) {
    }
    params.put("realm", "anywho");
    try {
        filter.validateOAuthParams(consumerDetails, params);
        fail("should have thrown a bad credentials for missing signature method.");
    } catch (InvalidOAuthParametersException e) {
    }
    params.remove("realm");
    params.put(OAuthConsumerParameter.oauth_signature_method.toString(), "sigmethod");
    try {
        filter.validateOAuthParams(consumerDetails, params);
        fail("should have thrown a bad credentials for missing signature.");
    } catch (InvalidOAuthParametersException e) {
    }
    params.remove("realm");
    params.put(OAuthConsumerParameter.oauth_signature_method.toString(), "sigmethod");
    params.put(OAuthConsumerParameter.oauth_signature.toString(), "value");
    try {
        filter.validateOAuthParams(consumerDetails, params);
        fail("should have thrown a bad credentials for missing timestamp.");
    } catch (InvalidOAuthParametersException e) {
    }
    params.remove("realm");
    params.put(OAuthConsumerParameter.oauth_signature_method.toString(), "sigmethod");
    params.put(OAuthConsumerParameter.oauth_signature.toString(), "value");
    params.put(OAuthConsumerParameter.oauth_timestamp.toString(), "value");
    try {
        filter.validateOAuthParams(consumerDetails, params);
        fail("should have thrown a bad credentials for missing nonce.");
    } catch (InvalidOAuthParametersException e) {
    }
    params.remove("realm");
    params.put(OAuthConsumerParameter.oauth_signature_method.toString(), "sigmethod");
    params.put(OAuthConsumerParameter.oauth_signature.toString(), "value");
    params.put(OAuthConsumerParameter.oauth_timestamp.toString(), "value");
    params.put(OAuthConsumerParameter.oauth_nonce.toString(), "value");
    try {
        filter.validateOAuthParams(consumerDetails, params);
        fail("should have thrown a bad credentials for bad timestamp.");
    } catch (InvalidOAuthParametersException e) {
    }
    OAuthNonceServices nonceServices = mock(OAuthNonceServices.class);
    filter.setNonceServices(nonceServices);
    params.remove("realm");
    params.put(OAuthConsumerParameter.oauth_signature_method.toString(), "sigmethod");
    params.put(OAuthConsumerParameter.oauth_signature.toString(), "value");
    params.put(OAuthConsumerParameter.oauth_timestamp.toString(), "1111111");
    params.put(OAuthConsumerParameter.oauth_nonce.toString(), "value");
    filter.validateOAuthParams(consumerDetails, params);
    verify(nonceServices).validateNonce(consumerDetails, 1111111L, "value");
}