use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class ClientAdminEndpointsIntegrationTests method passwordGrantClientWithoutSecretIsOk.
@Test
public void passwordGrantClientWithoutSecretIsOk() {
BaseClientDetails client = new BaseClientDetails(new RandomValueStringGenerator().generate(), "", "foo,bar", "password", "uaa.none", "http://redirect.url");
ResponseEntity<Void> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients"), HttpMethod.POST, new HttpEntity<BaseClientDetails>(client, headers), Void.class);
assertEquals(HttpStatus.CREATED, result.getStatusCode());
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class ClientAdminEndpointsIntegrationTests method createClientWithoutSecretIsRejected.
@Test
public void createClientWithoutSecretIsRejected() throws Exception {
OAuth2AccessToken token = getClientCredentialsAccessToken("clients.read,clients.write");
HttpHeaders headers = getAuthenticatedHeaders(token);
BaseClientDetails invalidSecretClient = new BaseClientDetails(new RandomValueStringGenerator().generate(), "", "foo,bar", "client_credentials", "uaa.none");
invalidSecretClient.setClientSecret("tooLongSecret");
ResponseEntity<UaaException> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients"), HttpMethod.POST, new HttpEntity<BaseClientDetails>(invalidSecretClient, headers), UaaException.class);
assertEquals(HttpStatus.BAD_REQUEST, result.getStatusCode());
assertEquals("invalid_client", result.getBody().getErrorCode());
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class ClientAdminEndpointsIntegrationTests method testAddUpdateAndDeleteTx.
@Test
public void testAddUpdateAndDeleteTx() throws Exception {
ClientDetailsModification[] clients = doCreateClients();
for (int i = 1; i < clients.length; i++) {
clients[i] = new ClientDetailsModification(clients[i]);
clients[i].setRefreshTokenValiditySeconds(120);
clients[i].setAction(ClientDetailsModification.UPDATE);
clients[i].setClientSecret("secret");
}
clients[0].setClientId(new RandomValueStringGenerator().generate());
clients[0].setRefreshTokenValiditySeconds(60);
clients[0].setAction(ClientDetailsModification.ADD);
clients[0].setClientSecret("secret");
clients[0].setClientId(new RandomValueStringGenerator().generate());
clients[clients.length - 1].setAction(ClientDetailsModification.DELETE);
headers = getAuthenticatedHeaders(getClientCredentialsAccessToken("clients.admin"));
headers.add("Accept", "application/json");
String oldId = clients[clients.length - 1].getClientId();
ResponseEntity<BaseClientDetails[]> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients/tx/modify"), HttpMethod.POST, new HttpEntity<ClientDetailsModification[]>(clients, headers), BaseClientDetails[].class);
assertEquals(HttpStatus.OK, result.getStatusCode());
// set the deleted client ID so we can verify it is gone.
clients[clients.length - 1].setClientId(oldId);
for (int i = 0; i < clients.length; i++) {
ClientDetails client = getClient(clients[i].getClientId());
if (i == (clients.length - 1)) {
assertNull(client);
} else {
assertNotNull(client);
}
}
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class ClientAdminEndpointsIntegrationTests method nonImplicitGrantClientWithoutSecretIsRejectedTxFails.
@Test
public void nonImplicitGrantClientWithoutSecretIsRejectedTxFails() throws Exception {
headers = getAuthenticatedHeaders(getClientCredentialsAccessToken("clients.admin,clients.read,clients.write,clients.secret"));
headers.add("Accept", "application/json");
String grantTypes = "client_credentials";
RandomValueStringGenerator gen = new RandomValueStringGenerator();
String[] ids = new String[5];
BaseClientDetails[] clients = new BaseClientDetails[ids.length];
for (int i = 0; i < ids.length; i++) {
ids[i] = gen.generate();
clients[i] = new BaseClientDetails(ids[i], "", "foo,bar", grantTypes, "uaa.none");
clients[i].setClientSecret("secret");
clients[i].setAdditionalInformation(Collections.<String, Object>singletonMap("foo", Collections.singletonList("bar")));
}
clients[clients.length - 1].setClientSecret(null);
ResponseEntity<UaaException> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients/tx"), HttpMethod.POST, new HttpEntity<BaseClientDetails[]>(clients, headers), UaaException.class);
assertEquals(HttpStatus.BAD_REQUEST, result.getStatusCode());
for (String id : ids) {
ClientDetails client = getClient(id);
assertNull(client);
}
}
use of org.springframework.security.oauth2.common.util.RandomValueStringGenerator in project uaa by cloudfoundry.
the class ClientAdminEndpointsIntegrationTests method createApprovalsClient.
private ClientDetailsModification createApprovalsClient(String... grantTypes) {
ClientDetailsModification detailsModification = new ClientDetailsModification();
detailsModification.setClientId(new RandomValueStringGenerator().generate());
detailsModification.setScope(Arrays.asList("oauth.login", "oauth.approvals", "foo", "bar"));
detailsModification.setAuthorizedGrantTypes(Arrays.asList(grantTypes));
detailsModification.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("uaa.none"));
detailsModification.setClientSecret("secret");
detailsModification.setAdditionalInformation(Collections.<String, Object>singletonMap("foo", Collections.singletonList("bar")));
detailsModification.setRegisteredRedirectUri(Collections.singleton("http://redirect.url"));
ResponseEntity<Void> result = serverRunning.getRestTemplate().exchange(serverRunning.getUrl("/oauth/clients"), HttpMethod.POST, new HttpEntity<BaseClientDetails>(detailsModification, headers), Void.class);
assertEquals(HttpStatus.CREATED, result.getStatusCode());
return detailsModification;
}
Aggregations