use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class RefreshGrantHandlerTest method testIssue.
@Test(dataProvider = "GetTokenIssuerData")
public void testIssue(Long userAccessTokenExpiryTime, Long validityPeriod, String renewRefreshToken, String clientId) throws Exception {
OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
oAuthAppDAO.removeConsumerApplication(clientId);
OAuthAppDO oAuthAppDO = new OAuthAppDO();
oAuthAppDO.setUserAccessTokenExpiryTime(userAccessTokenExpiryTime);
oAuthAppDO.setRefreshTokenExpiryTime(userAccessTokenExpiryTime);
oAuthAppDO.setUser(authenticatedUser);
oAuthAppDO.setOauthConsumerKey(clientId);
oAuthAppDO.setOauthVersion(OAuthConstants.OAuthVersions.VERSION_2);
oAuthAppDO.setRenewRefreshTokenEnabled(renewRefreshToken);
oAuthAppDAO.addOAuthApplication(oAuthAppDO);
refreshGrantHandler = new RefreshGrantHandler();
refreshGrantHandler.init();
OAuth2AccessTokenReqDTO tokenReqDTO = new OAuth2AccessTokenReqDTO();
tokenReqDTO.setClientId(clientId);
tokenReqDTO.setRefreshToken("refreshToken1");
tokenReqDTO.setScope(scopes);
RefreshTokenValidationDataDO oldAccessToken = new RefreshTokenValidationDataDO();
oldAccessToken.setTokenId("tokenId");
oldAccessToken.setAccessToken("oldAccessToken");
OAuthTokenReqMessageContext tokenReqMessageContext = new OAuthTokenReqMessageContext(tokenReqDTO);
tokenReqMessageContext.addProperty("previousAccessToken", oldAccessToken);
tokenReqMessageContext.setAuthorizedUser(authenticatedUser);
tokenReqMessageContext.setValidityPeriod(validityPeriod);
tokenReqMessageContext.setScope(scopes);
OAuth2AccessTokenRespDTO actual = refreshGrantHandler.issue(tokenReqMessageContext);
assertFalse(actual.isError());
assertNotNull(actual.getRefreshToken());
if (Objects.equals(renewRefreshToken, "true") || (renewRefreshToken == null)) {
assertNotEquals("refreshToken1", actual.getRefreshToken());
} else {
assertEquals("refreshToken1", actual.getRefreshToken());
}
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method mockPasswordGrantHandler.
private void mockPasswordGrantHandler(boolean isAuthorizedClient, boolean isValidGrant, boolean isAuthorizedAccessDelegation, boolean isValidScope) throws IdentityOAuth2Exception {
Map<String, AuthorizationGrantHandler> authzGrantHandlers = new Hashtable<>();
when(passwordGrantHandler.isOfTypeApplicationUser()).thenReturn(true);
when(passwordGrantHandler.isAuthorizedClient(any(OAuthTokenReqMessageContext.class))).thenReturn(isAuthorizedClient);
when(passwordGrantHandler.validateGrant(any(OAuthTokenReqMessageContext.class))).thenReturn(isValidGrant);
when(passwordGrantHandler.authorizeAccessDelegation(any(OAuthTokenReqMessageContext.class))).thenReturn(isAuthorizedAccessDelegation);
when(passwordGrantHandler.validateScope(any(OAuthTokenReqMessageContext.class))).thenReturn(isValidScope);
when(passwordGrantHandler.issue(any(OAuthTokenReqMessageContext.class))).thenReturn(new OAuth2AccessTokenRespDTO());
authzGrantHandlers.put("password", passwordGrantHandler);
when(passwordGrantHandler.isConfidentialClient()).thenReturn(true);
when(oAuthServerConfiguration.getSupportedGrantTypes()).thenReturn(authzGrantHandlers);
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method setupOIDCScopeTest.
private void setupOIDCScopeTest(String grantType, boolean success) throws IdentityOAuth2Exception {
AuthorizationGrantHandler grantHandler = getMockGrantHandlerForSuccess(false);
when(OAuth2Util.buildScopeString(Matchers.<String[]>anyObject())).thenCallRealMethod();
when(OAuth2Util.isOIDCAuthzRequest(Matchers.<String[]>anyObject())).thenCallRealMethod();
IDTokenBuilder idTokenBuilder;
if (success) {
idTokenBuilder = getMockIDTokenBuilderForSuccess();
} else {
idTokenBuilder = getMockIDTokenBuilderForFailure();
}
when(oAuthServerConfiguration.getOpenIDConnectIDTokenBuilder()).thenReturn(idTokenBuilder);
// Mock Issue method of the grant handler
when(grantHandler.issue(any(OAuthTokenReqMessageContext.class))).then(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
OAuthTokenReqMessageContext context = invocationOnMock.getArgumentAt(0, OAuthTokenReqMessageContext.class);
// set the scope sent in the request
String[] scopeArray = context.getOauth2AccessTokenReqDTO().getScope();
// Set the scope array for OIDC
context.setScope(scopeArray);
return new OAuth2AccessTokenRespDTO();
}
});
HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
authorizationGrantHandlers.put(grantType, grantHandler);
mockOAuth2ServerConfiguration(authorizationGrantHandlers);
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testIssueNoAuthorizationGrantHandler.
/**
* No authorization grant handler found for the given grant type.
*
* @throws Exception
*/
@Test
public void testIssueNoAuthorizationGrantHandler() throws Exception {
when(oAuthServerConfiguration.getSupportedGrantTypes()).thenReturn(new HashMap<String, AuthorizationGrantHandler>());
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(DUMMY_GRANT_TYPE);
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setAuthenticated(true);
reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertTrue(tokenRespDTO.isError());
assertEquals(tokenRespDTO.getErrorCode(), OAuthError.TokenResponse.UNSUPPORTED_GRANT_TYPE);
}
use of org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO in project identity-inbound-auth-oauth by wso2-extensions.
the class ClaimProviderImpl method getAdditionalClaims.
@Override
public Map<String, Object> getAdditionalClaims(OAuthTokenReqMessageContext oAuthTokenReqMessageContext, OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO) throws IdentityOAuth2Exception {
Map<String, Object> additionalClaims = new HashMap<>();
String claimValue = null;
String accessCode = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getAuthorizationCode();
if (StringUtils.isBlank(accessCode)) {
if (log.isDebugEnabled()) {
log.debug("AccessCode is null. Possibly a back end grant");
}
return additionalClaims;
}
AuthorizationGrantCacheEntry authzGrantCacheEntry = getAuthorizationGrantCacheEntryFromCode(accessCode);
if (authzGrantCacheEntry != null) {
claimValue = authzGrantCacheEntry.getOidcSessionId();
}
if (claimValue != null) {
if (log.isDebugEnabled()) {
log.debug("sid claim is found in the session state");
}
additionalClaims.put("sid", claimValue);
}
return additionalClaims;
}
Aggregations