use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testIssueWithOpenIdScope.
@Test(dataProvider = "grantTypeDataProvider")
public void testIssueWithOpenIdScope(String grantType) throws Exception {
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(grantType);
reqDTO.setScope((String[]) ArrayUtils.clone(SCOPES_WITH_OPENID));
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
setupOIDCScopeTest(grantType, true);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertFalse(tokenRespDTO.isError());
assertTrue(Arrays.deepEquals(tokenRespDTO.getAuthorizedScopes().split(" "), SCOPES_WITH_OPENID));
assertNotNull(tokenRespDTO.getIDToken());
assertEquals(tokenRespDTO.getIDToken(), ID_TOKEN);
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testIssueWithScopes.
/**
* Exception thrown when issuing access token by the Grant Handler
*
* @throws Exception
*/
@Test(dataProvider = "scopeDataProvider")
public void testIssueWithScopes(String[] scopes, String expectedScopeString) throws Exception {
when(OAuth2Util.buildScopeString(Matchers.<String[]>anyObject())).thenCallRealMethod();
AuthorizationGrantHandler dummyGrantHandler = getMockGrantHandlerForSuccess(false);
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(DUMMY_GRANT_TYPE);
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
reqDTO.setScope((String[]) ArrayUtils.clone(scopes));
final ResponseHeader responseHeader = new ResponseHeader();
responseHeader.setKey("Header");
responseHeader.setValue("HeaderValue");
final ResponseHeader[] responseHeaders = new ResponseHeader[] { responseHeader };
// Mock Issue
when(dummyGrantHandler.issue(any(OAuthTokenReqMessageContext.class))).then(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
OAuthTokenReqMessageContext context = invocationOnMock.getArgumentAt(0, OAuthTokenReqMessageContext.class);
// set some response headers
context.addProperty(OAuthConstants.RESPONSE_HEADERS_PROPERTY, responseHeaders);
String[] scopeArray = context.getOauth2AccessTokenReqDTO().getScope();
context.setScope(scopeArray);
return new OAuth2AccessTokenRespDTO();
}
});
HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
authorizationGrantHandlers.put(DUMMY_GRANT_TYPE, dummyGrantHandler);
mockOAuth2ServerConfiguration(authorizationGrantHandlers);
PowerMockito.whenNew(JDBCPermissionBasedInternalScopeValidator.class).withNoArguments().thenReturn(scopeValidator);
when(scopeValidator.validateScope(any(OAuthTokenReqMessageContext.class))).thenReturn(null);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertFalse(tokenRespDTO.isError());
assertEquals(tokenRespDTO.getAuthorizedScopes(), expectedScopeString);
// Assert response headers set by the grant handler
assertNotNull(tokenRespDTO.getResponseHeaders());
assertTrue(Arrays.deepEquals(tokenRespDTO.getResponseHeaders(), responseHeaders));
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class AbstractAuthorizationGrantHandlerTest method testIssue.
@Test(dataProvider = "IssueDataProvider")
public void testIssue(boolean cacheEnabled, boolean cacheEntryAvailable, long cachedTokenValidity, long cachedRefreshTokenValidity, long dbTokenValidity, long dbRefreshTokenValidity, boolean dbEntryAvailable, String dbTokenState, boolean tokenLoggable, boolean isIDPIdColumnEnabled) throws Exception {
OAuth2ServiceComponentHolder.setIDPIdColumnEnabled(isIDPIdColumnEnabled);
Map<String, AuthorizationGrantHandler> supportedGrantTypes = new HashMap<>();
supportedGrantTypes.put("refresh_token", refreshGrantHandler);
OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO = new OAuth2AccessTokenReqDTO();
oAuth2AccessTokenReqDTO.setClientId(clientId);
oAuth2AccessTokenReqDTO.setGrantType(PASSWORD_GRANT);
OAuthTokenReqMessageContext tokReqMsgCtx = new OAuthTokenReqMessageContext(oAuth2AccessTokenReqDTO);
tokReqMsgCtx.setAuthorizedUser(authenticatedUser);
tokReqMsgCtx.setScope(new String[] { "scope1", "scope2" });
OAuth2AccessTokenRespDTO tokenRespDTO = handler.issue(tokReqMsgCtx);
assertNotNull(tokenRespDTO.getAccessToken());
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class DefaultIDTokenBuilderTest method testBuildIDToken.
@Test
public void testBuildIDToken() throws Exception {
String clientId = "dabfba9390aa423f8b04332794d83614";
OAuth2AccessTokenRespDTO tokenRespDTO = new OAuth2AccessTokenRespDTO();
tokenRespDTO.setAccessToken("2sa9a678f890877856y66e75f605d456");
AuthenticatedUser user = getDefaultAuthenticatedUserFederatedUser();
OAuthTokenReqMessageContext messageContext = getTokenReqMessageContextForUser(user, clientId);
mockRealmService();
String idToken = defaultIDTokenBuilder.buildIDToken(messageContext, tokenRespDTO);
JWTClaimsSet claims = SignedJWT.parse(idToken).getJWTClaimsSet();
Assert.assertEquals(claims.getAudience().get(0), clientId);
Assert.assertEquals(claims.getIssuer(), "https://localhost:9443/oauth2/token");
Assert.assertEquals(claims.getSubject(), "user1");
Assert.assertEquals(claims.getClaim("isk"), "idp");
Assert.assertEquals(claims.getClaim("email"), "email");
Assert.assertEquals(claims.getClaim("username"), "username");
Assert.assertNotNull(claims.getClaim("nbf"));
Long expirationTime = ((Date) claims.getClaim("exp")).getTime();
Assert.assertTrue(expirationTime > (new Date()).getTime());
Long issueTime = ((Date) claims.getClaim("iat")).getTime();
Assert.assertTrue(issueTime <= (new Date()).getTime());
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class OpenIDConnectSystemClaimImplTest method setUp.
@BeforeClass
public void setUp() throws Exception {
oAuth2AccessTokenReqDTO = new OAuth2AccessTokenReqDTO();
oAuthTokenReqMessageContext = new OAuthTokenReqMessageContext(oAuth2AccessTokenReqDTO);
oAuth2AccessTokenRespDTO = new OAuth2AccessTokenRespDTO();
oAuth2AuthorizeReqDTO = new OAuth2AuthorizeReqDTO();
oAuthAuthzReqMessageContext = new OAuthAuthzReqMessageContext(oAuth2AuthorizeReqDTO);
oAuth2AuthorizeRespDTO = new OAuth2AuthorizeRespDTO();
openIDConnectSystemClaim = new OpenIDConnectSystemClaimImpl();
}
Aggregations