Search in sources :

Example 16 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuerTest method testIssueWithOpenIdScope.

@Test(dataProvider = "grantTypeDataProvider")
public void testIssueWithOpenIdScope(String grantType) throws Exception {
    OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
    reqDTO.setGrantType(grantType);
    reqDTO.setScope((String[]) ArrayUtils.clone(SCOPES_WITH_OPENID));
    OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
    oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
    reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
    setupOIDCScopeTest(grantType, true);
    OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
    assertNotNull(tokenRespDTO);
    assertFalse(tokenRespDTO.isError());
    assertTrue(Arrays.deepEquals(tokenRespDTO.getAuthorizedScopes().split(" "), SCOPES_WITH_OPENID));
    assertNotNull(tokenRespDTO.getIDToken());
    assertEquals(tokenRespDTO.getIDToken(), ID_TOKEN);
}
Also used : OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) Matchers.anyString(org.mockito.Matchers.anyString) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 17 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuerTest method testIssueWithScopes.

/**
 * Exception thrown when issuing access token by the Grant Handler
 *
 * @throws Exception
 */
@Test(dataProvider = "scopeDataProvider")
public void testIssueWithScopes(String[] scopes, String expectedScopeString) throws Exception {
    when(OAuth2Util.buildScopeString(Matchers.<String[]>anyObject())).thenCallRealMethod();
    AuthorizationGrantHandler dummyGrantHandler = getMockGrantHandlerForSuccess(false);
    OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
    reqDTO.setGrantType(DUMMY_GRANT_TYPE);
    OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
    oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
    reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
    reqDTO.setScope((String[]) ArrayUtils.clone(scopes));
    final ResponseHeader responseHeader = new ResponseHeader();
    responseHeader.setKey("Header");
    responseHeader.setValue("HeaderValue");
    final ResponseHeader[] responseHeaders = new ResponseHeader[] { responseHeader };
    // Mock Issue
    when(dummyGrantHandler.issue(any(OAuthTokenReqMessageContext.class))).then(new Answer<Object>() {

        @Override
        public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
            OAuthTokenReqMessageContext context = invocationOnMock.getArgumentAt(0, OAuthTokenReqMessageContext.class);
            // set some response headers
            context.addProperty(OAuthConstants.RESPONSE_HEADERS_PROPERTY, responseHeaders);
            String[] scopeArray = context.getOauth2AccessTokenReqDTO().getScope();
            context.setScope(scopeArray);
            return new OAuth2AccessTokenRespDTO();
        }
    });
    HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
    authorizationGrantHandlers.put(DUMMY_GRANT_TYPE, dummyGrantHandler);
    mockOAuth2ServerConfiguration(authorizationGrantHandlers);
    PowerMockito.whenNew(JDBCPermissionBasedInternalScopeValidator.class).withNoArguments().thenReturn(scopeValidator);
    when(scopeValidator.validateScope(any(OAuthTokenReqMessageContext.class))).thenReturn(null);
    OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
    assertNotNull(tokenRespDTO);
    assertFalse(tokenRespDTO.isError());
    assertEquals(tokenRespDTO.getAuthorizedScopes(), expectedScopeString);
    // Assert response headers set by the grant handler
    assertNotNull(tokenRespDTO.getResponseHeaders());
    assertTrue(Arrays.deepEquals(tokenRespDTO.getResponseHeaders(), responseHeaders));
}
Also used : ResponseHeader(org.wso2.carbon.identity.oauth2.ResponseHeader) AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler) HashMap(java.util.HashMap) Matchers.anyString(org.mockito.Matchers.anyString) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) InvocationOnMock(org.mockito.invocation.InvocationOnMock) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 18 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class AbstractAuthorizationGrantHandlerTest method testIssue.

@Test(dataProvider = "IssueDataProvider")
public void testIssue(boolean cacheEnabled, boolean cacheEntryAvailable, long cachedTokenValidity, long cachedRefreshTokenValidity, long dbTokenValidity, long dbRefreshTokenValidity, boolean dbEntryAvailable, String dbTokenState, boolean tokenLoggable, boolean isIDPIdColumnEnabled) throws Exception {
    OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(isIDPIdColumnEnabled);
    Map<String, AuthorizationGrantHandler> supportedGrantTypes = new HashMap<>();
    supportedGrantTypes.put("refresh_token", refreshGrantHandler);
    OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO = new OAuth2AccessTokenReqDTO();
    oAuth2AccessTokenReqDTO.setClientId(clientId);
    oAuth2AccessTokenReqDTO.setGrantType(PASSWORD_GRANT);
    OAuthTokenReqMessageContext tokReqMsgCtx = new OAuthTokenReqMessageContext(oAuth2AccessTokenReqDTO);
    tokReqMsgCtx.setAuthorizedUser(authenticatedUser);
    tokReqMsgCtx.setScope(new String[] { "scope1", "scope2" });
    OAuth2AccessTokenRespDTO tokenRespDTO = handler.issue(tokReqMsgCtx);
    assertNotNull(tokenRespDTO.getAccessToken());
}
Also used : OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) HashMap(java.util.HashMap) OAuthTokenReqMessageContext(org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) Test(org.testng.annotations.Test)

Example 19 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultIDTokenBuilderTest method testBuildIDToken.

@Test
public void testBuildIDToken() throws Exception {
    String clientId = "dabfba9390aa423f8b04332794d83614";
    OAuth2AccessTokenRespDTO tokenRespDTO = new OAuth2AccessTokenRespDTO();
    tokenRespDTO.setAccessToken("2sa9a678f890877856y66e75f605d456");
    AuthenticatedUser user = getDefaultAuthenticatedUserFederatedUser();
    OAuthTokenReqMessageContext messageContext = getTokenReqMessageContextForUser(user, clientId);
    mockRealmService();
    String idToken = defaultIDTokenBuilder.buildIDToken(messageContext, tokenRespDTO);
    JWTClaimsSet claims = SignedJWT.parse(idToken).getJWTClaimsSet();
    Assert.assertEquals(claims.getAudience().get(0), clientId);
    Assert.assertEquals(claims.getIssuer(), "https://localhost:9443/oauth2/token");
    Assert.assertEquals(claims.getSubject(), "user1");
    Assert.assertEquals(claims.getClaim("isk"), "idp");
    Assert.assertEquals(claims.getClaim("email"), "email");
    Assert.assertEquals(claims.getClaim("username"), "username");
    Assert.assertNotNull(claims.getClaim("nbf"));
    Long expirationTime = ((Date) claims.getClaim("exp")).getTime();
    Assert.assertTrue(expirationTime > (new Date()).getTime());
    Long issueTime = ((Date) claims.getClaim("iat")).getTime();
    Assert.assertTrue(issueTime <= (new Date()).getTime());
}
Also used : OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) OAuthTokenReqMessageContext(org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext) Matchers.anyString(org.mockito.Matchers.anyString) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser) Date(java.util.Date) SAML2BearerGrantHandlerTest(org.wso2.carbon.identity.oauth2.token.handlers.grant.saml.SAML2BearerGrantHandlerTest) Test(org.testng.annotations.Test)

Example 20 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class OpenIDConnectSystemClaimImplTest method setUp.

@BeforeClass
public void setUp() throws Exception {
    oAuth2AccessTokenReqDTO = new OAuth2AccessTokenReqDTO();
    oAuthTokenReqMessageContext = new OAuthTokenReqMessageContext(oAuth2AccessTokenReqDTO);
    oAuth2AccessTokenRespDTO = new OAuth2AccessTokenRespDTO();
    oAuth2AuthorizeReqDTO = new OAuth2AuthorizeReqDTO();
    oAuthAuthzReqMessageContext = new OAuthAuthzReqMessageContext(oAuth2AuthorizeReqDTO);
    oAuth2AuthorizeRespDTO = new OAuth2AuthorizeRespDTO();
    openIDConnectSystemClaim = new OpenIDConnectSystemClaimImpl();
}
Also used : OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) OAuth2AuthorizeRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO) OAuthTokenReqMessageContext(org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext) OAuthAuthzReqMessageContext(org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext) OAuth2AuthorizeReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) BeforeClass(org.testng.annotations.BeforeClass)

Aggregations

OAuth2AccessTokenRespDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)30 OAuth2AccessTokenReqDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)19 Test (org.testng.annotations.Test)18 HashMap (java.util.HashMap)16 Matchers.anyString (org.mockito.Matchers.anyString)15 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)15 PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)12 OAuthClientAuthnContext (org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)10 AuthorizationGrantHandler (org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)10 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)9 ArrayList (java.util.ArrayList)7 ResponseHeader (org.wso2.carbon.identity.oauth2.ResponseHeader)6 AuthorizationGrantCacheEntry (org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry)5 OAuthAppDO (org.wso2.carbon.identity.oauth.dao.OAuthAppDO)5 OAuthTokenReqMessageContext (org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext)5 Hashtable (java.util.Hashtable)4 InvocationOnMock (org.mockito.invocation.InvocationOnMock)4 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)4 Date (java.util.Date)3 Map (java.util.Map)3