Search in sources :

Example 31 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class RefreshGrantHandlerTest method testIssue.

@Test(dataProvider = "GetTokenIssuerData")
public void testIssue(Long userAccessTokenExpiryTime, Long validityPeriod, String renewRefreshToken, String clientId) throws Exception {
    OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
    oAuthAppDAO.removeConsumerApplication(clientId);
    OAuthAppDO oAuthAppDO = new OAuthAppDO();
    oAuthAppDO.setUserAccessTokenExpiryTime(userAccessTokenExpiryTime);
    oAuthAppDO.setRefreshTokenExpiryTime(userAccessTokenExpiryTime);
    oAuthAppDO.setUser(authenticatedUser);
    oAuthAppDO.setOauthConsumerKey(clientId);
    oAuthAppDO.setOauthVersion(OAuthConstants.OAuthVersions.VERSION_2);
    oAuthAppDO.setRenewRefreshTokenEnabled(renewRefreshToken);
    oAuthAppDAO.addOAuthApplication(oAuthAppDO);
    refreshGrantHandler = new RefreshGrantHandler();
    refreshGrantHandler.init();
    OAuth2AccessTokenReqDTO tokenReqDTO = new OAuth2AccessTokenReqDTO();
    tokenReqDTO.setClientId(clientId);
    tokenReqDTO.setRefreshToken("refreshToken1");
    tokenReqDTO.setScope(scopes);
    RefreshTokenValidationDataDO oldAccessToken = new RefreshTokenValidationDataDO();
    oldAccessToken.setTokenId("tokenId");
    oldAccessToken.setAccessToken("oldAccessToken");
    OAuthTokenReqMessageContext tokenReqMessageContext = new OAuthTokenReqMessageContext(tokenReqDTO);
    tokenReqMessageContext.addProperty("previousAccessToken", oldAccessToken);
    tokenReqMessageContext.setAuthorizedUser(authenticatedUser);
    tokenReqMessageContext.setValidityPeriod(validityPeriod);
    tokenReqMessageContext.setScope(scopes);
    OAuth2AccessTokenRespDTO actual = refreshGrantHandler.issue(tokenReqMessageContext);
    assertFalse(actual.isError());
    assertNotNull(actual.getRefreshToken());
    if (Objects.equals(renewRefreshToken, "true") || (renewRefreshToken == null)) {
        assertNotEquals("refreshToken1", actual.getRefreshToken());
    } else {
        assertEquals("refreshToken1", actual.getRefreshToken());
    }
}
Also used : OAuthAppDAO(org.wso2.carbon.identity.oauth.dao.OAuthAppDAO) OAuthAppDO(org.wso2.carbon.identity.oauth.dao.OAuthAppDO) RefreshTokenValidationDataDO(org.wso2.carbon.identity.oauth2.model.RefreshTokenValidationDataDO) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) OAuthTokenReqMessageContext(org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) Test(org.testng.annotations.Test)

Example 32 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuerTest method mockPasswordGrantHandler.

private void mockPasswordGrantHandler(boolean isAuthorizedClient, boolean isValidGrant, boolean isAuthorizedAccessDelegation, boolean isValidScope) throws IdentityOAuth2Exception {
    Map<String, AuthorizationGrantHandler> authzGrantHandlers = new Hashtable<>();
    when(passwordGrantHandler.isOfTypeApplicationUser()).thenReturn(true);
    when(passwordGrantHandler.isAuthorizedClient(any(OAuthTokenReqMessageContext.class))).thenReturn(isAuthorizedClient);
    when(passwordGrantHandler.validateGrant(any(OAuthTokenReqMessageContext.class))).thenReturn(isValidGrant);
    when(passwordGrantHandler.authorizeAccessDelegation(any(OAuthTokenReqMessageContext.class))).thenReturn(isAuthorizedAccessDelegation);
    when(passwordGrantHandler.validateScope(any(OAuthTokenReqMessageContext.class))).thenReturn(isValidScope);
    when(passwordGrantHandler.issue(any(OAuthTokenReqMessageContext.class))).thenReturn(new OAuth2AccessTokenRespDTO());
    authzGrantHandlers.put("password", passwordGrantHandler);
    when(passwordGrantHandler.isConfidentialClient()).thenReturn(true);
    when(oAuthServerConfiguration.getSupportedGrantTypes()).thenReturn(authzGrantHandlers);
}
Also used : OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler) Hashtable(java.util.Hashtable) Matchers.anyString(org.mockito.Matchers.anyString)

Example 33 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuerTest method setupOIDCScopeTest.

private void setupOIDCScopeTest(String grantType, boolean success) throws IdentityOAuth2Exception {
    AuthorizationGrantHandler grantHandler = getMockGrantHandlerForSuccess(false);
    when(OAuth2Util.buildScopeString(Matchers.<String[]>anyObject())).thenCallRealMethod();
    when(OAuth2Util.isOIDCAuthzRequest(Matchers.<String[]>anyObject())).thenCallRealMethod();
    IDTokenBuilder idTokenBuilder;
    if (success) {
        idTokenBuilder = getMockIDTokenBuilderForSuccess();
    } else {
        idTokenBuilder = getMockIDTokenBuilderForFailure();
    }
    when(oAuthServerConfiguration.getOpenIDConnectIDTokenBuilder()).thenReturn(idTokenBuilder);
    // Mock Issue method of the grant handler
    when(grantHandler.issue(any(OAuthTokenReqMessageContext.class))).then(new Answer<Object>() {

        @Override
        public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
            OAuthTokenReqMessageContext context = invocationOnMock.getArgumentAt(0, OAuthTokenReqMessageContext.class);
            // set the scope sent in the request
            String[] scopeArray = context.getOauth2AccessTokenReqDTO().getScope();
            // Set the scope array for OIDC
            context.setScope(scopeArray);
            return new OAuth2AccessTokenRespDTO();
        }
    });
    HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
    authorizationGrantHandlers.put(grantType, grantHandler);
    mockOAuth2ServerConfiguration(authorizationGrantHandlers);
}
Also used : IDTokenBuilder(org.wso2.carbon.identity.openidconnect.IDTokenBuilder) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler) HashMap(java.util.HashMap) InvocationOnMock(org.mockito.invocation.InvocationOnMock) Matchers.anyString(org.mockito.Matchers.anyString)

Example 34 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuerTest method testIssueNoAuthorizationGrantHandler.

/**
 * No authorization grant handler found for the given grant type.
 *
 * @throws Exception
 */
@Test
public void testIssueNoAuthorizationGrantHandler() throws Exception {
    when(oAuthServerConfiguration.getSupportedGrantTypes()).thenReturn(new HashMap<String, AuthorizationGrantHandler>());
    OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
    reqDTO.setGrantType(DUMMY_GRANT_TYPE);
    OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
    oAuthClientAuthnContext.setAuthenticated(true);
    reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
    OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
    assertNotNull(tokenRespDTO);
    assertTrue(tokenRespDTO.isError());
    assertEquals(tokenRespDTO.getErrorCode(), OAuthError.TokenResponse.UNSUPPORTED_GRANT_TYPE);
}
Also used : OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler) Matchers.anyString(org.mockito.Matchers.anyString) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 35 with OAuth2AccessTokenRespDTO

use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.

the class ClaimProviderImpl method getAdditionalClaims.

@Override
public Map<String, Object> getAdditionalClaims(OAuthTokenReqMessageContext oAuthTokenReqMessageContext, OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO) throws IdentityOAuth2Exception {
    Map<String, Object> additionalClaims = new HashMap<>();
    String claimValue = null;
    String accessCode = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getAuthorizationCode();
    if (StringUtils.isBlank(accessCode)) {
        if (log.isDebugEnabled()) {
            log.debug("AccessCode is null. Possibly a back end grant");
        }
        return additionalClaims;
    }
    AuthorizationGrantCacheEntry authzGrantCacheEntry = getAuthorizationGrantCacheEntryFromCode(accessCode);
    if (authzGrantCacheEntry != null) {
        claimValue = authzGrantCacheEntry.getOidcSessionId();
    }
    if (claimValue != null) {
        if (log.isDebugEnabled()) {
            log.debug("sid claim is found in the session state");
        }
        additionalClaims.put("sid", claimValue);
    }
    return additionalClaims;
}
Also used : AuthorizationGrantCacheEntry(org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry) HashMap(java.util.HashMap)

Aggregations

OAuth2AccessTokenRespDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)30 OAuth2AccessTokenReqDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)19 Test (org.testng.annotations.Test)18 HashMap (java.util.HashMap)16 Matchers.anyString (org.mockito.Matchers.anyString)15 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)15 PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)12 OAuthClientAuthnContext (org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)10 AuthorizationGrantHandler (org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)10 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)9 ArrayList (java.util.ArrayList)7 ResponseHeader (org.wso2.carbon.identity.oauth2.ResponseHeader)6 AuthorizationGrantCacheEntry (org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry)5 OAuthAppDO (org.wso2.carbon.identity.oauth.dao.OAuthAppDO)5 OAuthTokenReqMessageContext (org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext)5 Hashtable (java.util.Hashtable)4 InvocationOnMock (org.mockito.invocation.InvocationOnMock)4 AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)4 Date (java.util.Date)3 Map (java.util.Map)3