Search in sources :

Example 1 with ScopeRegistration

use of org.wso2.carbon.apimgt.core.auth.ScopeRegistration in project carbon-apimgt by wso2.

the class ScopeRegistrationServiceStubFactoryTest method testGetScopeRegistrationForWso2Is.

@Test
public void testGetScopeRegistrationForWso2Is() throws Exception {
    KeyMgtConfigurations keyManagerConfiguration = new KeyMgtConfigurations();
    keyManagerConfiguration.setKeyManagerImplClass(WSO2ISKeyManagerImpl.class.getCanonicalName());
    ConfigProvider configProvider = Mockito.mock(ConfigProvider.class);
    APIMConfigurations apimConfigurations = new APIMConfigurations();
    apimConfigurations.setKeyManagerConfigs(keyManagerConfiguration);
    Mockito.when(configProvider.getConfigurationObject(APIMConfigurations.class)).thenReturn(apimConfigurations);
    ServiceReferenceHolder.getInstance().setConfigProvider(configProvider);
    ScopeRegistration scopeRegistration = ScopeRegistrationServiceStubFactory.getScopeRegistration();
    Assert.assertTrue(scopeRegistration instanceof WSO2ISScopeRegistrationImpl);
}
Also used : KeyMgtConfigurations(org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations) ConfigProvider(org.wso2.carbon.config.provider.ConfigProvider) APIMConfigurations(org.wso2.carbon.apimgt.core.configuration.models.APIMConfigurations) WSO2ISKeyManagerImpl(org.wso2.carbon.apimgt.core.impl.WSO2ISKeyManagerImpl) Test(org.testng.annotations.Test)

Example 2 with ScopeRegistration

use of org.wso2.carbon.apimgt.core.auth.ScopeRegistration in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method testRevokeToken.

// TODO:Enable after revoke endpoint implementation done in key manager.
@Test(enabled = false)
public void testRevokeToken() throws Exception {
    DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
    OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
    OAuth2ServiceStubs.RevokeServiceStub revokeStub = Mockito.mock(OAuth2ServiceStubs.RevokeServiceStub.class);
    ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
    DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
    // happy path - 200
    Response revokeTokenResponse = Response.builder().status(200).headers(new HashMap<>()).build();
    Mockito.when(oAuth2ServiceStub.getRevokeServiceStub()).thenReturn(revokeStub);
    final String revokeToken = "xxx-revoke-token-xxx";
    Mockito.when(revokeStub.revokeAccessToken(revokeToken, consumerKey, consumerSecret)).thenReturn(revokeTokenResponse);
    try {
        kmImpl.revokeAccessToken(revokeToken, consumerKey, consumerSecret);
    } catch (Exception ex) {
        Assert.fail(ex.getMessage());
    }
    // error case - response is null
    Mockito.when(oAuth2ServiceStub.getRevokeServiceStub()).thenReturn(revokeStub);
    Mockito.when(revokeStub.revokeAccessToken(revokeToken, consumerKey, consumerSecret)).thenReturn(null);
    try {
        kmImpl.revokeAccessToken(revokeToken, consumerKey, consumerSecret);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().equals("Error occurred while revoking current access token. " + "Response is null"));
    }
    // error case - token response non-200
    final int errorCode = 500;
    Response errorResponse = Response.builder().status(errorCode).headers(new HashMap<>()).body("backend error occurred", Util.UTF_8).build();
    Mockito.when(oAuth2ServiceStub.getRevokeServiceStub()).thenReturn(revokeStub);
    Mockito.when(revokeStub.revokeAccessToken(revokeToken, consumerKey, consumerSecret)).thenReturn(errorResponse);
    try {
        kmImpl.revokeAccessToken(revokeToken, consumerKey, consumerSecret);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().startsWith("Token revocation failed. HTTP error code: " + errorCode));
    }
}
Also used : Response(feign.Response) OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) HashMap(java.util.HashMap) DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub) ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration) OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) Test(org.testng.annotations.Test)

Example 3 with ScopeRegistration

use of org.wso2.carbon.apimgt.core.auth.ScopeRegistration in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method testGetNewAccessTokenByClientCredentialsGrant.

@Test
public void testGetNewAccessTokenByClientCredentialsGrant() throws Exception {
    DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
    OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
    OAuth2ServiceStubs.TokenServiceStub tokenStub = Mockito.mock(OAuth2ServiceStubs.TokenServiceStub.class);
    ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
    DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
    // happy path - 200 - client credentials grant type
    // //request to key manager
    AccessTokenRequest tokenRequest = createKeyManagerTokenRequest(consumerKey, consumerSecret, KeyManagerConstants.CLIENT_CREDENTIALS_GRANT_TYPE, null, null, null, -2L, null, null, null, null);
    // //mocked response from /token service
    OAuth2TokenInfo oAuth2TokenInfo = createTokenServiceResponse(tokenRequest);
    // //expected response from key manager
    AccessTokenInfo accessTokenInfo = createExpectedKeyManagerResponse(oAuth2TokenInfo);
    Response newTokenResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(oAuth2TokenInfo), Util.UTF_8).build();
    Mockito.when(oAuth2ServiceStub.getTokenServiceStub()).thenReturn(tokenStub);
    Mockito.when(oAuth2ServiceStub.getTokenServiceStub().generateClientCredentialsGrantAccessToken(tokenRequest.getScopes(), tokenRequest.getValidityPeriod(), tokenRequest.getClientId(), tokenRequest.getClientSecret())).thenReturn(newTokenResponse);
    try {
        AccessTokenInfo newToken = kmImpl.getNewAccessToken(tokenRequest);
        Assert.assertEquals(newToken, accessTokenInfo);
    } catch (Exception ex) {
        Assert.fail(ex.getMessage());
    }
}
Also used : Response(feign.Response) OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo) Gson(com.google.gson.Gson) DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub) ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration) AccessTokenRequest(org.wso2.carbon.apimgt.core.models.AccessTokenRequest) OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) OAuth2TokenInfo(org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo) Test(org.testng.annotations.Test)

Example 4 with ScopeRegistration

use of org.wso2.carbon.apimgt.core.auth.ScopeRegistration in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method testDeleteApplication.

@Test
public void testDeleteApplication() throws Exception {
    DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
    OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
    ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
    DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
    final String consumerKey = "xxx-xxx-xxx-xxx";
    // happy path - 204
    Response okResponse = Response.builder().status(204).headers(new HashMap<>()).build();
    Mockito.when(dcrmServiceStub.deleteApplication(consumerKey)).thenReturn(okResponse);
    try {
        kmImpl.deleteApplication(consumerKey);
    } catch (Exception ex) {
        Assert.fail(ex.getMessage());
    }
    // error case - empty consumer key
    try {
        kmImpl.deleteApplication("");
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().equals("Unable to delete OAuth Application. Consumer Key is null " + "or empty"));
    }
    // error case - empty consumer null
    try {
        kmImpl.deleteApplication(null);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().equals("Unable to delete OAuth Application. Consumer Key is null " + "or empty"));
    }
    // error case - non-204
    String errorMsg = "unknown error occurred";
    Response errorResponse = Response.builder().status(500).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
    Mockito.when(dcrmServiceStub.deleteApplication(consumerKey)).thenReturn(errorResponse);
    try {
        kmImpl.deleteApplication(consumerKey);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().startsWith("Error occurred while deleting DCR application."));
    }
}
Also used : Response(feign.Response) OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) HashMap(java.util.HashMap) DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub) ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration) OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) Test(org.testng.annotations.Test)

Example 5 with ScopeRegistration

use of org.wso2.carbon.apimgt.core.auth.ScopeRegistration in project carbon-apimgt by wso2.

the class DefaultKeyManagerImplTestCase method testCreateApplication.

@Test
public void testCreateApplication() throws Exception {
    DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
    OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
    ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
    DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
    // happy path - 201
    // //request object to key manager
    List<String> grantTypesList = new ArrayList<>();
    grantTypesList.add("password");
    grantTypesList.add("client-credentials");
    OAuthAppRequest oauthAppRequest = new OAuthAppRequest("app1", "https://sample.callback/url", "PRODUCTION", grantTypesList);
    // //request object to dcr api
    DCRClientInfo dcrClientInfo = new DCRClientInfo();
    dcrClientInfo.setClientName(oauthAppRequest.getClientName() + '_' + oauthAppRequest.getKeyType());
    dcrClientInfo.setGrantTypes(oauthAppRequest.getGrantTypes());
    dcrClientInfo.addCallbackUrl(oauthAppRequest.getCallBackURL());
    /*
        dcrClientInfo.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
                .getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
    // //mocked response object from dcr api
    DCRClientInfo dcrClientInfoResponse = new DCRClientInfo();
    dcrClientInfoResponse.setClientName(oauthAppRequest.getClientName());
    dcrClientInfoResponse.setGrantTypes(oauthAppRequest.getGrantTypes());
    dcrClientInfoResponse.addCallbackUrl(oauthAppRequest.getCallBackURL());
    /*
        dcrClientInfoResponse.setUserinfoSignedResponseAlg(ServiceReferenceHolder.getInstance().getAPIMConfiguration()
                .getKeyManagerConfigs().getOidcUserinfoJWTSigningAlgo());
*/
    dcrClientInfoResponse.setClientId("xxx-xxx-xxx-xxx");
    dcrClientInfoResponse.setClientSecret("yyy-yyy-yyy-yyy");
    dcrClientInfoResponse.setClientIdIssuedAt("now");
    dcrClientInfoResponse.setClientSecretExpiresAt("future");
    dcrClientInfoResponse.setRegistrationClientUri("https://localhost:9443/oauth/xxx-xxx-xxx-xxx");
    // //expected response object from key manager
    OAuthApplicationInfo oAuthApplicationInfoResponse = new OAuthApplicationInfo();
    oAuthApplicationInfoResponse.setClientName(dcrClientInfoResponse.getClientName());
    oAuthApplicationInfoResponse.setGrantTypes(dcrClientInfoResponse.getGrantTypes());
    oAuthApplicationInfoResponse.setCallBackURL(dcrClientInfoResponse.getRedirectURIs().get(0));
    oAuthApplicationInfoResponse.setClientId(dcrClientInfoResponse.getClientId());
    oAuthApplicationInfoResponse.setClientSecret(dcrClientInfoResponse.getClientSecret());
    Response dcrResponse = Response.builder().status(201).headers(new HashMap<>()).body(new Gson().toJson(dcrClientInfoResponse), feign.Util.UTF_8).build();
    Mockito.when(dcrmServiceStub.registerApplication(dcrClientInfo)).thenReturn(dcrResponse);
    try {
        OAuthApplicationInfo app = kmImpl.createApplication(oauthAppRequest);
        Assert.assertEquals(app, oAuthApplicationInfoResponse);
    } catch (Exception ex) {
        Assert.fail(ex.getMessage());
    }
    // error case - 400
    int errorSc = 400;
    String errorMsg = "{\"error\": \"invalid_redirect_uri\", \"error_description\": \"One or more " + "redirect_uri values are invalid\"}";
    Response errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
    Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
    try {
        kmImpl.createApplication(oauthAppRequest);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
    }
    // error case - non-400
    errorSc = 500;
    errorMsg = "unknown error occurred";
    errorResponse = Response.builder().status(errorSc).headers(new HashMap<>()).body(errorMsg.getBytes()).build();
    Mockito.when(dcrmServiceStub.registerApplication(any(DCRClientInfo.class))).thenReturn(errorResponse);
    try {
        kmImpl.createApplication(oauthAppRequest);
        Assert.fail("Exception was expected, but wasn't thrown");
    } catch (KeyManagementException ex) {
        Assert.assertTrue(ex.getMessage().startsWith("Error occurred while DCR application creation."));
    }
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Gson(com.google.gson.Gson) ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration) OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException) Response(feign.Response) OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse) OAuthAppRequest(org.wso2.carbon.apimgt.core.models.OAuthAppRequest) OAuthApplicationInfo(org.wso2.carbon.apimgt.core.models.OAuthApplicationInfo) DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub) DCRClientInfo(org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo) Test(org.testng.annotations.Test)

Aggregations

Test (org.testng.annotations.Test)13 Response (feign.Response)12 DCRMServiceStub (org.wso2.carbon.apimgt.core.auth.DCRMServiceStub)12 OAuth2ServiceStubs (org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs)12 ScopeRegistration (org.wso2.carbon.apimgt.core.auth.ScopeRegistration)12 OAuth2IntrospectionResponse (org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse)12 KeyManagementException (org.wso2.carbon.apimgt.core.exception.KeyManagementException)12 Gson (com.google.gson.Gson)9 AccessTokenInfo (org.wso2.carbon.apimgt.core.models.AccessTokenInfo)6 AccessTokenRequest (org.wso2.carbon.apimgt.core.models.AccessTokenRequest)6 HashMap (java.util.HashMap)5 OAuth2TokenInfo (org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo)5 ArrayList (java.util.ArrayList)3 DCRClientInfo (org.wso2.carbon.apimgt.core.auth.dto.DCRClientInfo)3 OAuthApplicationInfo (org.wso2.carbon.apimgt.core.models.OAuthApplicationInfo)3 APIMConfigurations (org.wso2.carbon.apimgt.core.configuration.models.APIMConfigurations)1 KeyMgtConfigurations (org.wso2.carbon.apimgt.core.configuration.models.KeyMgtConfigurations)1 WSO2ISKeyManagerImpl (org.wso2.carbon.apimgt.core.impl.WSO2ISKeyManagerImpl)1 OAuthAppRequest (org.wso2.carbon.apimgt.core.models.OAuthAppRequest)1 ConfigProvider (org.wso2.carbon.config.provider.ConfigProvider)1