Examples with OAuth2RefreshToken org.springframework.security.oauth2.core.OAuth2RefreshToken used on opensource projects

Example 71 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project mt-auth by publicdevop2019.

the class RefreshTokenTest method refresh_token_should_have_exp.

@Test
public void refresh_token_should_have_exp() {
    // create client supports refresh token
    Client clientRaw = ClientUtility.getClientRaw();
    String clientSecret = clientRaw.getClientSecret();
    HashSet<GrantTypeEnum> enums = new HashSet<>();
    enums.add(GrantTypeEnum.PASSWORD);
    enums.add(GrantTypeEnum.REFRESH_TOKEN);
    clientRaw.setResourceIds(Collections.singleton(AppConstant.CLIENT_ID_OAUTH2_ID));
    clientRaw.setGrantTypeEnums(enums);
    clientRaw.setTypes(new HashSet<>(List.of(ClientType.FIRST_PARTY)));
    clientRaw.setAccessTokenValiditySeconds(60);
    clientRaw.setRefreshTokenValiditySeconds(1000);
    ResponseEntity<String> client = ClientUtility.createClient(clientRaw);
    String clientId = client.getHeaders().getLocation().toString();
    Assert.assertEquals(HttpStatus.OK, client.getStatusCode());
    // get jwt
    ResponseEntity<DefaultOAuth2AccessToken> jwtPasswordWithClient = OAuth2Utility.getOAuth2PasswordToken(clientId, clientSecret, AppConstant.ACCOUNT_USERNAME_ADMIN, AppConstant.ACCOUNT_PASSWORD_ADMIN);
    Assert.assertEquals(HttpStatus.OK, jwtPasswordWithClient.getStatusCode());
    OAuth2RefreshToken refreshToken = jwtPasswordWithClient.getBody().getRefreshToken();
    String jwt = refreshToken.getValue();
    String jwtBody;
    try {
        jwtBody = jwt.split("\\.")[1];
    } catch (ArrayIndexOutOfBoundsException ex) {
        throw new IllegalArgumentException("malformed jwt token");
    }
    Base64.Decoder decoder = Base64.getDecoder();
    byte[] decode = decoder.decode(jwtBody);
    String s = new String(decode);
    Integer exp;
    try {
        Map<String, Object> var0 = TestContext.mapper.readValue(s, new TypeReference<Map<String, Object>>() {
        });
        exp = (Integer) var0.get("exp");
    } catch (IOException e) {
        throw new IllegalArgumentException("unable to find authorities in authorization header");
    }
    Assert.assertNotNull(exp);
}

Example 72 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project entando-core by entando.

the class OAuth2TokenDAOTest method readAuthenticationForRefreshToken.

@Test
public void readAuthenticationForRefreshToken() throws Exception {
    when(this.stat.executeQuery()).thenReturn(res);
    Mockito.when(res.next()).thenReturn(true).thenReturn(false);
    Mockito.when(res.getString("localuser")).thenReturn("username");
    Mockito.when(res.getString("clientid")).thenReturn("client_id");
    Mockito.when(res.getString("granttype")).thenReturn("password");
    OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value_X1");
    OAuth2Authentication auth = this.tokenDAO.readAuthenticationForRefreshToken(refreshToken);
    Assert.assertNotNull(auth);
    Assert.assertEquals("username", auth.getPrincipal());
    Assert.assertEquals("password", auth.getOAuth2Request().getGrantType());
    Mockito.verify(stat, Mockito.times(1)).setString(Mockito.anyInt(), Mockito.anyString());
    Mockito.verify(res, Mockito.times(3)).getString(Mockito.anyString());
    Mockito.verify(res, Mockito.times(0)).getTimestamp(Mockito.anyString());
    Mockito.verify(stat, Mockito.times(1)).close();
    Mockito.verify(res, Mockito.times(1)).close();
    Mockito.verify(conn, Mockito.times(1)).close();
}

Example 73 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project entando-core by entando.

the class OAuth2TokenDAOTest method failReadRefreshToken.

@Test(expected = RuntimeException.class)
public void failReadRefreshToken() throws Exception {
    try {
        when(this.statForSearchId.executeQuery()).thenReturn(resForSearchId);
        when(resForSearchId.next()).thenReturn(true).thenReturn(false);
        when(resForSearchId.getString(Mockito.anyString())).thenThrow(SQLException.class);
        OAuth2RefreshToken refreshToken = this.tokenDAO.readRefreshToken("refresh");
        Assert.fail();
    } catch (RuntimeException e) {
        Mockito.verify(statForSearchId, Mockito.times(1)).setString(Mockito.anyInt(), Mockito.anyString());
        Mockito.verify(resForSearchId, Mockito.times(1)).getString(Mockito.anyString());
        this.executeFinalCheckForSearchId(true);
        Mockito.verify(conn, Mockito.times(1)).close();
        throw e;
    }
}

Example 74 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project entando-core by entando.

the class ApiOAuth2TokenManagerTest method readRefreshToken.

@Test
public void readRefreshToken() throws Exception {
    when(tokenDAO.readRefreshToken(Mockito.anyString())).thenReturn(Mockito.any(OAuth2RefreshToken.class));
    OAuth2RefreshToken refreshToken = this.tokenManager.readRefreshToken("refresh_token");
    Assert.assertNull(refreshToken);
    Mockito.verify(tokenDAO, Mockito.times(1)).readRefreshToken("refresh_token");
}

Example 75 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project entando-core by entando.

the class ApiOAuth2TokenManagerTest method removeRefreshToken.

@Test
public void removeRefreshToken() throws Exception {
    OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value_1");
    this.tokenManager.removeRefreshToken(refreshToken);
    Mockito.verify(tokenDAO, Mockito.times(1)).removeAccessTokenUsingRefreshToken("value_1");
}