Example 6 with AccessTokenInfo
use of org.wso2.carbon.apimgt.core.models.AccessTokenInfo in project carbon-apimgt by wso2.
the class OAuth2AuthenticatorTestCase method testOauthAuthenticate.
@Test
public void testOauthAuthenticate() throws Exception {
HTTPCarbonMessage carbonMessage = Mockito.mock(HTTPCarbonMessage.class);
Request requestObj = new Request(carbonMessage);
Response responseObj = Mockito.mock(Response.class);
ServiceMethodInfo serviceMethodInfoObj = Mockito.mock(ServiceMethodInfo.class);
final String authorizationHttpHeader = "Bearer 7d33e3cd-60f0-3484-9651-cc31f2e09fb4";
final String accessToken = "7d33e3cd-60f0-3484-9651-cc31f2e09fb4";
Mockito.when(requestObj.getHeader(RestApiConstants.AUTHORIZATION_HTTP_HEADER)).thenReturn(authorizationHttpHeader);
AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
accessTokenInfo.setTokenValid(true);
accessTokenInfo.setEndUserName("admin@carbon.super");
IdentityProvider identityProvider = Mockito.mock(IdentityProvider.class);
APIManagerFactory instance = Mockito.mock(APIManagerFactory.class);
PowerMockito.mockStatic(APIManagerFactory.class);
PowerMockito.when(APIManagerFactory.getInstance()).thenReturn(instance);
Mockito.when(instance.getIdentityProvider()).thenReturn(identityProvider);
Mockito.when(identityProvider.getTokenMetaData(accessToken)).thenReturn(accessTokenInfo);
when((String) requestObj.getProperty(APIConstants.REQUEST_URL)).thenReturn("/api/am/publisher/");
OAuth2Authenticator oAuth2Authenticator = new OAuth2Authenticator();
oAuth2Authenticator.authenticate(requestObj, responseObj, serviceMethodInfoObj);
Assert.assertEquals(0, responseObj.getStatusCode());
}
Also used :
Response(org.wso2.msf4j.Response)
AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo)
APIManagerFactory(org.wso2.carbon.apimgt.core.impl.APIManagerFactory)
HTTPCarbonMessage(org.wso2.transport.http.netty.message.HTTPCarbonMessage)
ServiceMethodInfo(org.wso2.msf4j.ServiceMethodInfo)
OAuth2Authenticator(org.wso2.carbon.apimgt.rest.api.common.impl.OAuth2Authenticator)
Request(org.wso2.msf4j.Request)
IdentityProvider(org.wso2.carbon.apimgt.core.api.IdentityProvider)
Test(org.junit.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Example 7 with AccessTokenInfo
use of org.wso2.carbon.apimgt.core.models.AccessTokenInfo in project carbon-apimgt by wso2.
the class OAuth2Authenticator method validateTokenAndScopes.
private boolean validateTokenAndScopes(Request request, ServiceMethodInfo serviceMethodInfo, String accessToken) throws APIMgtSecurityException {
// Map<String, String> tokenInfo = validateToken(accessToken);
AccessTokenInfo accessTokenInfo = validateToken(accessToken);
String restAPIResource = getRestAPIResource(request);
// scope validation
return validateScopes(request, serviceMethodInfo, accessTokenInfo.getScopes(), restAPIResource);
}
Also used :
AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo)
Example 8 with AccessTokenInfo
use of org.wso2.carbon.apimgt.core.models.AccessTokenInfo in project carbon-apimgt by wso2.
the class APIStoreImpl method generateApplicationToken.
@Override
public ApplicationToken generateApplicationToken(String clientId, String clientSecret, String scopes, long validityPeriod, String tokenToBeRevoked) throws APIManagementException {
log.debug("Generating a new application access token");
AccessTokenRequest accessTokenRequest = new AccessTokenRequest();
accessTokenRequest.setClientId(clientId);
accessTokenRequest.setClientSecret(clientSecret);
accessTokenRequest.setGrantType(KeyManagerConstants.CLIENT_CREDENTIALS_GRANT_TYPE);
if (StringUtils.isEmpty(scopes)) {
scopes = KeyManagerConstants.OAUTH2_DEFAULT_SCOPE;
}
accessTokenRequest.setScopes(scopes);
accessTokenRequest.setValidityPeriod(validityPeriod);
accessTokenRequest.setTokenToRevoke(tokenToBeRevoked);
AccessTokenInfo newToken = getKeyManager().getNewAccessToken(accessTokenRequest);
ApplicationToken applicationToken = new ApplicationToken();
applicationToken.setAccessToken(newToken.getAccessToken());
applicationToken.setValidityPeriod(newToken.getValidityPeriod());
applicationToken.setScopes(newToken.getScopes());
log.debug("Successfully created a new application access token.");
return applicationToken;
}
Also used :
AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo)
AccessTokenRequest(org.wso2.carbon.apimgt.core.models.AccessTokenRequest)
ApplicationToken(org.wso2.carbon.apimgt.core.models.ApplicationToken)
Example 9 with AccessTokenInfo
use of org.wso2.carbon.apimgt.core.models.AccessTokenInfo in project carbon-apimgt by wso2.
the class DefaultKeyManagerImplTestCase method testGetTokenMetaData.
@Test
public void testGetTokenMetaData() throws Exception {
DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
OAuth2ServiceStubs.IntrospectionServiceStub introspectionStub = Mockito.mock(OAuth2ServiceStubs.IntrospectionServiceStub.class);
Mockito.when(oAuth2ServiceStub.getIntrospectionServiceStub()).thenReturn(introspectionStub);
ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
final String accessToken = "aaa-aaa-aaa-aaa";
// happy path - 200 - token is active
// //mocked response from /introspect service
OAuth2IntrospectionResponse introspectionResponse = new OAuth2IntrospectionResponse();
introspectionResponse.setActive(true);
introspectionResponse.setClientId(consumerKey);
// //expected response from key manager
AccessTokenInfo expectedTokenInfo = new AccessTokenInfo();
expectedTokenInfo.setTokenValid(introspectionResponse.isActive());
expectedTokenInfo.setAccessToken(accessToken);
expectedTokenInfo.setConsumerKey(introspectionResponse.getClientId());
Response introspectResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(introspectionResponse), feign.Util.UTF_8).build();
Mockito.when(oAuth2ServiceStub.getIntrospectionServiceStub()).thenReturn(introspectionStub);
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(introspectResponse);
try {
AccessTokenInfo tokenMetaData = kmImpl.getTokenMetaData(accessToken);
Assert.assertEquals(tokenMetaData, expectedTokenInfo);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
// happy path - 200 - token is not active
// //mocked response from /introspect service
introspectionResponse = new OAuth2IntrospectionResponse();
introspectionResponse.setActive(false);
introspectionResponse.setClientId(consumerKey);
// //expected response from key manager
expectedTokenInfo = new AccessTokenInfo();
expectedTokenInfo.setTokenValid(introspectionResponse.isActive());
expectedTokenInfo.setErrorCode(KeyManagerConstants.KeyValidationStatus.API_AUTH_INVALID_CREDENTIALS);
introspectResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(introspectionResponse), feign.Util.UTF_8).build();
Mockito.when(oAuth2ServiceStub.getIntrospectionServiceStub()).thenReturn(introspectionStub);
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(introspectResponse);
try {
AccessTokenInfo tokenMetaData = kmImpl.getTokenMetaData(accessToken);
Assert.assertEquals(tokenMetaData, expectedTokenInfo);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
// error case - response is null
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(null);
try {
kmImpl.getTokenMetaData(accessToken);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Error occurred while introspecting access token. " + "Response is null"));
}
// error case - token response non-200
// //request to key manager
final int errorCode = 500;
introspectResponse = Response.builder().status(errorCode).headers(new HashMap<>()).body("backend error occurred", Util.UTF_8).build();
Mockito.when(introspectionStub.introspectToken(accessToken)).thenReturn(introspectResponse);
try {
kmImpl.getTokenMetaData(accessToken);
Assert.fail("Exception was expected, but wasn't thrown");
} catch (KeyManagementException ex) {
Assert.assertTrue(ex.getMessage().startsWith("Token introspection request failed. HTTP error code: " + errorCode));
}
}
Also used :
HashMap(java.util.HashMap)
OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse)
Gson(com.google.gson.Gson)
ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration)
OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs)
KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException)
KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException)
Response(feign.Response)
OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse)
AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo)
DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub)
Test(org.testng.annotations.Test)
Example 10 with AccessTokenInfo
use of org.wso2.carbon.apimgt.core.models.AccessTokenInfo in project carbon-apimgt by wso2.
the class DefaultKeyManagerImplTestCase method testGetNewAccessTokenByRefreshGrant.
@Test
public void testGetNewAccessTokenByRefreshGrant() throws Exception {
DCRMServiceStub dcrmServiceStub = Mockito.mock(DCRMServiceStub.class);
OAuth2ServiceStubs oAuth2ServiceStub = Mockito.mock(OAuth2ServiceStubs.class);
OAuth2ServiceStubs.TokenServiceStub tokenStub = Mockito.mock(OAuth2ServiceStubs.TokenServiceStub.class);
ScopeRegistration scopeRegistration = Mockito.mock(ScopeRegistration.class);
DefaultKeyManagerImpl kmImpl = new DefaultKeyManagerImpl(dcrmServiceStub, oAuth2ServiceStub, scopeRegistration);
// happy path - 200 - refresh grant type
// //request to key manager
AccessTokenRequest tokenRequest = createKeyManagerTokenRequest(consumerKey, consumerSecret, KeyManagerConstants.REFRESH_GRANT_TYPE, null, null, null, -1L, null, null, "xxx-refresh-token-xxx", null);
// //mocked response from /token service
OAuth2TokenInfo oAuth2TokenInfo = createTokenServiceResponse(tokenRequest);
// //expected response from key manager
AccessTokenInfo accessTokenInfo = createExpectedKeyManagerResponse(oAuth2TokenInfo);
Response newTokenResponse = Response.builder().status(200).headers(new HashMap<>()).body(new Gson().toJson(oAuth2TokenInfo), Util.UTF_8).build();
Mockito.when(oAuth2ServiceStub.getTokenServiceStub()).thenReturn(tokenStub);
Mockito.when(oAuth2ServiceStub.getTokenServiceStub().generateRefreshGrantAccessToken(tokenRequest.getRefreshToken(), tokenRequest.getScopes(), -2L, tokenRequest.getClientId(), tokenRequest.getClientSecret())).thenReturn(newTokenResponse);
try {
AccessTokenInfo newToken = kmImpl.getNewAccessToken(tokenRequest);
Assert.assertEquals(newToken, accessTokenInfo);
} catch (Exception ex) {
Assert.fail(ex.getMessage());
}
}
Also used :
Response(feign.Response)
OAuth2IntrospectionResponse(org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse)
AccessTokenInfo(org.wso2.carbon.apimgt.core.models.AccessTokenInfo)
Gson(com.google.gson.Gson)
DCRMServiceStub(org.wso2.carbon.apimgt.core.auth.DCRMServiceStub)
ScopeRegistration(org.wso2.carbon.apimgt.core.auth.ScopeRegistration)
AccessTokenRequest(org.wso2.carbon.apimgt.core.models.AccessTokenRequest)
OAuth2ServiceStubs(org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs)
KeyManagementException(org.wso2.carbon.apimgt.core.exception.KeyManagementException)
OAuth2TokenInfo(org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo)
Test(org.testng.annotations.Test)
Aggregations
AccessTokenInfo (org.wso2.carbon.apimgt.core.models.AccessTokenInfo)17
KeyManagementException (org.wso2.carbon.apimgt.core.exception.KeyManagementException)11
Response (feign.Response)8
OAuth2IntrospectionResponse (org.wso2.carbon.apimgt.core.auth.dto.OAuth2IntrospectionResponse)8
AccessTokenRequest (org.wso2.carbon.apimgt.core.models.AccessTokenRequest)7
Gson (com.google.gson.Gson)6
Test (org.testng.annotations.Test)6
DCRMServiceStub (org.wso2.carbon.apimgt.core.auth.DCRMServiceStub)6
OAuth2ServiceStubs (org.wso2.carbon.apimgt.core.auth.OAuth2ServiceStubs)6
ScopeRegistration (org.wso2.carbon.apimgt.core.auth.ScopeRegistration)6
OAuth2TokenInfo (org.wso2.carbon.apimgt.core.auth.dto.OAuth2TokenInfo)6
APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)6
AuthResponseBean (org.wso2.carbon.apimgt.rest.api.authenticator.utils.bean.AuthResponseBean)4
HashMap (java.util.HashMap)3
Test (org.junit.Test)3
IdentityProvider (org.wso2.carbon.apimgt.core.api.IdentityProvider)3
MultiEnvironmentOverview (org.wso2.carbon.apimgt.core.configuration.models.MultiEnvironmentOverview)3
APIMAppConfigurations (org.wso2.carbon.apimgt.rest.api.authenticator.configuration.models.APIMAppConfigurations)3
GsonDecoder (feign.gson.GsonDecoder)2
IOException (java.io.IOException)2
