use of org.wso2.carbon.identity.oauth2.device.api.DeviceAuthService in project identity-inbound-auth-oauth by wso2-extensions.
the class DeviceEndpointTest method testDevice.
/**
* Test the device_authorize endpoint.
*
* @param clientId Consumer key of the application.
* @param expectedStatus Expected status for response.
* @param status Status of user code.
* @throws IdentityOAuth2Exception If failed at device endpoint
* @throws OAuthSystemException If failed at device endpoint.
*/
@Test(dataProvider = "dataValues")
public void testDevice(String clientId, int expectedStatus, boolean status) throws Exception {
DeviceEndpoint deviceEndpoint = PowerMockito.spy(new DeviceEndpoint());
mockOAuthServerConfiguration();
mockStatic(ServiceURLBuilder.class);
mockStatic(ServiceURL.class);
ServiceURLBuilder mockServiceURLBuilder = Mockito.mock(ServiceURLBuilder.class);
ServiceURL mockServiceURL = Mockito.mock(ServiceURL.class);
when(ServiceURLBuilder.create()).thenReturn(mockServiceURLBuilder);
when(mockServiceURLBuilder.addPath(anyString())).thenReturn(mockServiceURLBuilder);
when(mockServiceURLBuilder.addParameter(anyString(), anyString())).thenReturn(mockServiceURLBuilder);
when(mockServiceURLBuilder.build()).thenReturn(mockServiceURL);
when(mockServiceURL.getAbsolutePublicURL()).thenReturn("http://localhost:9443/authenticationendpoint/device.do");
mockStatic(HttpServletRequest.class);
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setClientId(clientId);
oAuthClientAuthnContext.setAuthenticated(status);
when(request.getAttribute(anyString())).thenReturn(oAuthClientAuthnContext);
DeviceAuthServiceImpl deviceAuthService = new DeviceAuthServiceImpl();
deviceEndpoint.setDeviceAuthService(deviceAuthService);
mockStatic(IdentityDatabaseUtil.class);
when(IdentityDatabaseUtil.getDBConnection(true)).thenReturn(connection);
when(IdentityDatabaseUtil.getDBConnection(false)).thenReturn(connection);
when(httpServletRequest.getParameter(anyString())).thenReturn(clientId);
Response response;
mockStatic(IdentityUtil.class);
when(IdentityUtil.getServerURL(anyString(), anyBoolean(), anyBoolean())).thenReturn(TEST_URL);
mockStatic(DeviceFlowPersistenceFactory.class);
when(DeviceFlowPersistenceFactory.getInstance()).thenReturn(deviceFlowPersistenceFactory);
when(deviceFlowPersistenceFactory.getDeviceFlowDAO()).thenReturn(deviceFlowDAO);
when(deviceFlowDAO.checkClientIdExist(anyString())).thenReturn(status);
PowerMockito.when(deviceEndpoint, "getValidationObject", httpServletRequest).thenReturn(oAuthClientAuthnContext);
response = deviceEndpoint.authorize(httpServletRequest, new MultivaluedHashMap<String, String>(), httpServletResponse);
Assert.assertEquals(expectedStatus, response.getStatus());
}
use of org.wso2.carbon.identity.oauth2.device.api.DeviceAuthService in project identity-inbound-auth-oauth by wso2-extensions.
the class UserAuthenticationEndpointTest method testDeviceAuthorizeForURLBuilderExceptionPath.
/**
* Test device endpoint throwing URLBuilderException.
*
* @param userCode User code of the user.
* @param clientId Consumer key of the application.
* @param expectedValue Expected http status.
* @param status Status of user code.
* @param uri Redirection uri.
* @throws Exception Error while testing device endpoint throwing URLBuilderException.
*/
@Test(dataProvider = "providePostParamsForURLBuilderExceptionPath")
public void testDeviceAuthorizeForURLBuilderExceptionPath(String userCode, String clientId, int expectedValue, String status, String uri) throws Exception {
mockOAuthServerConfiguration();
WhiteboxImpl.setInternalState(userAuthenticationEndpoint, "oAuth2AuthzEndpoint", oAuth2AuthzEndpoint);
mockStatic(IdentityDatabaseUtil.class);
when(IdentityDatabaseUtil.getDBConnection()).thenReturn(connection);
mockStatic(DeviceFlowPersistenceFactory.class);
when(DeviceFlowPersistenceFactory.getInstance()).thenReturn(deviceFlowPersistenceFactory);
when(deviceFlowPersistenceFactory.getDeviceFlowDAO()).thenReturn(deviceFlowDAO);
when(deviceFlowDAO.getClientIdByUserCode(anyString())).thenReturn(clientId);
when(deviceFlowDAO.getDetailsForUserCode(anyString())).thenReturn(deviceFlowDOAsNotExpired);
when(deviceFlowDAO.getScopesForUserCode(anyString())).thenReturn(scopes);
when(httpServletRequest.getParameter(anyString())).thenReturn(userCode);
mockStatic(OAuth2Util.class);
when(OAuth2Util.getAppInformationByClientId(anyString())).thenReturn(oAuthAppDO);
when(oAuthAppDO.getCallbackUrl()).thenReturn(uri);
Response response1;
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantDomain(anyInt())).thenReturn(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(MultitenantConstants.SUPER_TENANT_ID);
mockStatic(ServiceURLBuilder.class);
when(ServiceURLBuilder.create()).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.addPath(any())).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.addParameter(any(), any())).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.build()).thenThrow(new URLBuilderException("Throwing URLBuilderException."));
when(serviceURL.getAbsolutePublicURL()).thenReturn(TEST_URL);
when(oAuth2AuthzEndpoint.authorize(any(CommonAuthRequestWrapper.class), any(HttpServletResponse.class))).thenReturn(response);
DeviceAuthServiceImpl deviceAuthService = new DeviceAuthServiceImpl();
userAuthenticationEndpoint = new UserAuthenticationEndpoint();
userAuthenticationEndpoint.setDeviceAuthService(deviceAuthService);
WhiteboxImpl.setInternalState(userAuthenticationEndpoint, OAuth2AuthzEndpoint.class, oAuth2AuthzEndpoint);
response1 = userAuthenticationEndpoint.deviceAuthorize(httpServletRequest, httpServletResponse);
if (expectedValue == HttpServletResponse.SC_ACCEPTED) {
Assert.assertNotNull(response1);
} else {
Assert.assertNull(response1);
}
}
use of org.wso2.carbon.identity.oauth2.device.api.DeviceAuthService in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ServiceComponent method activate.
protected void activate(ComponentContext context) {
try {
if (OAuth2ServiceComponentHolder.getInstance().getScopeClaimMappingDAO() == null) {
OAuth2ServiceComponentHolder.getInstance().setScopeClaimMappingDAO(new ScopeClaimMappingDAOImpl());
}
loadScopeConfigFile();
loadOauthScopeBinding();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
boolean isRecordExist = OAuthTokenPersistenceFactory.getInstance().getScopeClaimMappingDAO().hasScopesPopulated(tenantId);
if (!isRecordExist) {
OAuth2Util.initiateOIDCScopes(tenantId);
}
TenantCreationEventListener scopeTenantMgtListener = new TenantCreationEventListener();
bundleContext = context.getBundleContext();
// Registering TenantCreationEventListener
ServiceRegistration scopeTenantMgtListenerSR = bundleContext.registerService(TenantMgtListener.class.getName(), scopeTenantMgtListener, null);
if (scopeTenantMgtListenerSR != null) {
if (log.isDebugEnabled()) {
log.debug(" TenantMgtListener is registered");
}
} else {
log.error("TenantMgtListener could not be registered");
}
// iniating oauth scopes
OAuth2Util.initiateOAuthScopePermissionsBindings(tenantId);
// exposing server configuration as a service
OAuthServerConfiguration oauthServerConfig = OAuthServerConfiguration.getInstance();
bundleContext.registerService(OAuthServerConfiguration.class.getName(), oauthServerConfig, null);
OAuth2TokenValidationService tokenValidationService = new OAuth2TokenValidationService();
bundleContext.registerService(OAuth2TokenValidationService.class.getName(), tokenValidationService, null);
OAuthClientAuthnService clientAuthnService = new OAuthClientAuthnService();
bundleContext.registerService(OAuthClientAuthnService.class.getName(), clientAuthnService, null);
BasicAuthClientAuthenticator basicAuthClientAuthenticator = new BasicAuthClientAuthenticator();
bundleContext.registerService(OAuthClientAuthenticator.class.getName(), basicAuthClientAuthenticator, null);
PublicClientAuthenticator publicClientAuthenticator = new PublicClientAuthenticator();
bundleContext.registerService(OAuthClientAuthenticator.class.getName(), publicClientAuthenticator, null);
// Register cookie based access token binder.
CookieBasedTokenBinder cookieBasedTokenBinder = new CookieBasedTokenBinder();
bundleContext.registerService(TokenBinderInfo.class.getName(), cookieBasedTokenBinder, null);
// SSO session based access token binder.
SSOSessionBasedTokenBinder ssoSessionBasedTokenBinder = new SSOSessionBasedTokenBinder();
bundleContext.registerService(TokenBinderInfo.class.getName(), ssoSessionBasedTokenBinder, null);
if (log.isDebugEnabled()) {
log.debug("Identity OAuth bundle is activated");
}
if (OAuth2ServiceComponentHolder.getKeyIDProvider() == null) {
KeyIDProvider defaultKeyIDProvider = new DefaultKeyIDProviderImpl();
OAuth2ServiceComponentHolder.setKeyIDProvider(defaultKeyIDProvider);
if (log.isDebugEnabled()) {
log.debug("Key ID Provider " + DefaultKeyIDProviderImpl.class.getSimpleName() + " registered as the default Key ID Provider implementation.");
}
}
ServiceRegistration tenantMgtListenerSR = bundleContext.registerService(TenantMgtListener.class.getName(), new OAuthTenantMgtListenerImpl(), null);
if (tenantMgtListenerSR != null) {
if (log.isDebugEnabled()) {
log.debug("OAuth - TenantMgtListener registered.");
}
} else {
log.error("OAuth - TenantMgtListener could not be registered.");
}
ServiceRegistration userStoreConfigEventSR = bundleContext.registerService(UserStoreConfigListener.class.getName(), new OAuthUserStoreConfigListenerImpl(), null);
if (userStoreConfigEventSR != null) {
if (log.isDebugEnabled()) {
log.debug("OAuth - UserStoreConfigListener registered.");
}
} else {
log.error("OAuth - UserStoreConfigListener could not be registered.");
}
ServiceRegistration oauthApplicationMgtListenerSR = bundleContext.registerService(ApplicationMgtListener.class.getName(), new OAuthApplicationMgtListener(), null);
if (oauthApplicationMgtListenerSR != null) {
if (log.isDebugEnabled()) {
log.debug("OAuth - ApplicationMgtListener registered.");
}
} else {
log.error("OAuth - ApplicationMgtListener could not be registered.");
}
// PKCE enabled by default.
OAuth2ServiceComponentHolder.setPkceEnabled(true);
// Register device auth service.
ServiceRegistration deviceAuthService = bundleContext.registerService(DeviceAuthService.class.getName(), new DeviceAuthServiceImpl(), null);
if (deviceAuthService != null) {
if (log.isDebugEnabled()) {
log.debug("DeviceAuthService registered.");
}
} else {
log.error("DeviceAuthService could not be registered.");
}
// Register the default OpenIDConnect claim filter
bundleContext.registerService(OpenIDConnectClaimFilter.class, new OpenIDConnectClaimFilterImpl(), null);
if (log.isDebugEnabled()) {
log.debug("Default OpenIDConnect Claim filter registered successfully.");
}
bundleContext.registerService(AbstractEventHandler.class.getName(), new TokenBindingExpiryEventHandler(), null);
if (log.isDebugEnabled()) {
log.debug("TokenBindingExpiryEventHandler is successfully registered.");
}
// Registering OAuth2Service as a OSGIService
bundleContext.registerService(OAuth2Service.class.getName(), new OAuth2Service(), null);
// Registering OAuth2ScopeService as a OSGIService
bundleContext.registerService(OAuth2ScopeService.class.getName(), new OAuth2ScopeService(), null);
// Note : DO NOT add any activation related code below this point,
// to make sure the server doesn't start up if any activation failures occur
} catch (Throwable e) {
String errMsg = "Error while activating OAuth2ServiceComponent.";
log.error(errMsg, e);
throw new RuntimeException(errMsg, e);
}
if (checkAudienceEnabled()) {
if (log.isDebugEnabled()) {
log.debug("OAuth - OIDC audiences enabled.");
}
OAuth2ServiceComponentHolder.setAudienceEnabled(true);
} else {
if (log.isDebugEnabled()) {
log.debug("OAuth - OIDC audiences disabled.");
}
OAuth2ServiceComponentHolder.setAudienceEnabled(false);
}
if (checkIDPIdColumnAvailable()) {
if (log.isDebugEnabled()) {
log.debug("IDP_ID column is available in all relevant tables. " + "Setting isIDPIdColumnEnabled to true.");
}
OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(true);
} else {
if (log.isDebugEnabled()) {
log.debug("IDP_ID column is not available in all relevant tables. " + "Setting isIDPIdColumnEnabled to false.");
}
OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(false);
}
}
use of org.wso2.carbon.identity.oauth2.device.api.DeviceAuthService in project identity-inbound-auth-oauth by wso2-extensions.
the class UserAuthenticationEndpointTest method testDeviceAuthorizeForIOExceptionPath.
/**
* Test device endpoint throwing IOException.
*
* @param userCode User code of the user.
* @param clientId Consumer key of the application.
* @param expectedValue Expected http status.
* @param status Status of user code.
* @param uri Redirection uri.
* @throws Exception Error while testing device endpoint throwing IOException.
*/
@Test(dataProvider = "providePostParamsForIOExceptionPath")
public void testDeviceAuthorizeForIOExceptionPath(String userCode, String clientId, int expectedValue, String status, String uri) throws Exception {
mockOAuthServerConfiguration();
WhiteboxImpl.setInternalState(userAuthenticationEndpoint, "oAuth2AuthzEndpoint", oAuth2AuthzEndpoint);
mockStatic(IdentityDatabaseUtil.class);
when(IdentityDatabaseUtil.getDBConnection()).thenReturn(connection);
mockStatic(DeviceFlowPersistenceFactory.class);
when(DeviceFlowPersistenceFactory.getInstance()).thenReturn(deviceFlowPersistenceFactory);
when(deviceFlowPersistenceFactory.getDeviceFlowDAO()).thenReturn(deviceFlowDAO);
when(deviceFlowDAO.getClientIdByUserCode(anyString())).thenReturn(clientId);
when(deviceFlowDAO.getDetailsForUserCode(anyString())).thenReturn(deviceFlowDOAsExpired);
when(deviceFlowDAO.getScopesForUserCode(anyString())).thenReturn(scopes);
when(httpServletRequest.getParameter(anyString())).thenReturn(userCode);
mockStatic(OAuth2Util.class);
when(OAuth2Util.getAppInformationByClientId(anyString())).thenReturn(oAuthAppDO);
when(oAuthAppDO.getCallbackUrl()).thenReturn(uri);
Response response1;
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantDomain(anyInt())).thenReturn(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(MultitenantConstants.SUPER_TENANT_ID);
mockStatic(ServiceURLBuilder.class);
when(ServiceURLBuilder.create()).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.addPath(any())).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.addParameter(any(), any())).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.build()).thenReturn(serviceURL);
when(serviceURL.getAbsolutePublicURL()).thenReturn(TEST_URL);
Mockito.doThrow(new IOException("Throwing IOException.")).when(httpServletResponse).sendRedirect(TEST_URL);
when(oAuth2AuthzEndpoint.authorize(any(CommonAuthRequestWrapper.class), any(HttpServletResponse.class))).thenReturn(response);
DeviceAuthServiceImpl deviceAuthService = new DeviceAuthServiceImpl();
userAuthenticationEndpoint = new UserAuthenticationEndpoint();
userAuthenticationEndpoint.setDeviceAuthService(deviceAuthService);
WhiteboxImpl.setInternalState(userAuthenticationEndpoint, OAuth2AuthzEndpoint.class, oAuth2AuthzEndpoint);
response1 = userAuthenticationEndpoint.deviceAuthorize(httpServletRequest, httpServletResponse);
if (expectedValue == HttpServletResponse.SC_ACCEPTED) {
Assert.assertNotNull(response1);
} else {
Assert.assertNull(response1);
}
}
use of org.wso2.carbon.identity.oauth2.device.api.DeviceAuthService in project identity-inbound-auth-oauth by wso2-extensions.
the class UserAuthenticationEndpointTest method testDeviceAuthorize.
/**
* Test device endpoint.
*
* @param userCode User code of the user.
* @param clientId Consumer key of the application.
* @param expectedValue Expected http status.
* @param status Status of user code.
* @param uri Redirection uri.
* @throws Exception Error while testing device endpoint.
*/
@Test(dataProvider = "providePostParams")
public void testDeviceAuthorize(String userCode, String clientId, int expectedValue, String status, String uri) throws Exception {
mockOAuthServerConfiguration();
WhiteboxImpl.setInternalState(userAuthenticationEndpoint, "oAuth2AuthzEndpoint", oAuth2AuthzEndpoint);
mockStatic(IdentityDatabaseUtil.class);
when(IdentityDatabaseUtil.getDBConnection()).thenReturn(connection);
mockStatic(DeviceFlowPersistenceFactory.class);
when(DeviceFlowPersistenceFactory.getInstance()).thenReturn(deviceFlowPersistenceFactory);
when(deviceFlowPersistenceFactory.getDeviceFlowDAO()).thenReturn(deviceFlowDAO);
when(deviceFlowDAO.getClientIdByUserCode(anyString())).thenReturn(clientId);
when(deviceFlowDAO.getDetailsForUserCode(anyString())).thenReturn(deviceFlowDOAsNotExpired);
when(deviceFlowDAO.getScopesForUserCode(anyString())).thenReturn(scopes);
when(httpServletRequest.getParameter(anyString())).thenReturn(userCode);
mockStatic(OAuth2Util.class);
when(OAuth2Util.getAppInformationByClientId(anyString())).thenReturn(oAuthAppDO);
when(oAuthAppDO.getCallbackUrl()).thenReturn(uri);
Response response1;
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantDomain(anyInt())).thenReturn(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(MultitenantConstants.SUPER_TENANT_ID);
mockStatic(ServiceURLBuilder.class);
when(ServiceURLBuilder.create()).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.addPath(any())).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.addParameter(any(), any())).thenReturn(serviceURLBuilder);
when(serviceURLBuilder.build()).thenReturn(serviceURL);
when(serviceURL.getAbsolutePublicURL()).thenReturn(TEST_URL);
when(oAuth2AuthzEndpoint.authorize(any(CommonAuthRequestWrapper.class), any(HttpServletResponse.class))).thenReturn(response);
DeviceAuthServiceImpl deviceAuthService = new DeviceAuthServiceImpl();
userAuthenticationEndpoint = new UserAuthenticationEndpoint();
userAuthenticationEndpoint.setDeviceAuthService(deviceAuthService);
WhiteboxImpl.setInternalState(userAuthenticationEndpoint, OAuth2AuthzEndpoint.class, oAuth2AuthzEndpoint);
response1 = userAuthenticationEndpoint.deviceAuthorize(httpServletRequest, httpServletResponse);
if (expectedValue == HttpServletResponse.SC_ACCEPTED) {
Assert.assertNotNull(response1);
} else {
Assert.assertNull(response1);
}
}
Aggregations