Search in sources :

Example 1 with CarbonOAuthTokenRequest

use of org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2TokenEndpointTest method testGetAccessToken.

@Test(dataProvider = "testGetAccessTokenDataProvider")
public void testGetAccessToken(String grantType, String additionalParameters) throws Exception {
    Map<String, String[]> requestParams = new HashMap<>();
    requestParams.put(OAuth.OAUTH_CLIENT_ID, new String[] { CLIENT_ID_VALUE });
    requestParams.put(OAuth.OAUTH_GRANT_TYPE, new String[] { grantType });
    requestParams.put(OAuth.OAUTH_SCOPE, new String[] { "scope1" });
    // Required params for authorization_code grant type
    requestParams.put(OAuth.OAUTH_REDIRECT_URI, new String[] { APP_REDIRECT_URL });
    requestParams.put(OAuth.OAUTH_CODE, new String[] { "auth_code" });
    // Required params for password grant type
    requestParams.put(OAuth.OAUTH_USERNAME, new String[] { USERNAME });
    requestParams.put(OAuth.OAUTH_PASSWORD, new String[] { "password" });
    // Required params for refresh token grant type
    requestParams.put(OAuth.OAUTH_REFRESH_TOKEN, new String[] { REFRESH_TOKEN });
    // Required params for saml2 bearer grant type
    requestParams.put(OAuth.OAUTH_ASSERTION, new String[] { "dummyAssertion" });
    // Required params for IWA_NLTM grant type
    requestParams.put(OAuthConstants.WINDOWS_TOKEN, new String[] { "dummyWindowsToken" });
    HttpServletRequest request = mockHttpRequest(requestParams, new HashMap<String, Object>());
    when(request.getHeader(OAuthConstants.HTTP_REQ_HEADER_AUTHZ)).thenReturn(AUTHORIZATION_HEADER);
    when(request.getHeaderNames()).thenReturn(Collections.enumeration(new ArrayList<String>() {

        {
            add(OAuthConstants.HTTP_REQ_HEADER_AUTHZ);
        }
    }));
    Map<String, Class<? extends OAuthValidator<HttpServletRequest>>> grantTypeValidators = new Hashtable<>();
    grantTypeValidators.put(GrantType.PASSWORD.toString(), PasswordValidator.class);
    grantTypeValidators.put(GrantType.CLIENT_CREDENTIALS.toString(), ClientCredentialValidator.class);
    grantTypeValidators.put(GrantType.AUTHORIZATION_CODE.toString(), AuthorizationCodeValidator.class);
    grantTypeValidators.put(GrantType.REFRESH_TOKEN.toString(), RefreshTokenValidator.class);
    grantTypeValidators.put(org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString(), NTLMAuthenticationValidator.class);
    grantTypeValidators.put(org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString(), SAML2GrantValidator.class);
    mockOAuthServerConfiguration();
    when(oAuthServerConfiguration.getSupportedGrantTypeValidators()).thenReturn(grantTypeValidators);
    spy(EndpointUtil.class);
    doReturn(oAuth2Service).when(EndpointUtil.class, "getOAuth2Service");
    final Map<String, String> parametersSetToRequest = new HashMap<>();
    doAnswer(new Answer<Object>() {

        @Override
        public Object answer(InvocationOnMock invocation) throws Throwable {
            OAuth2AccessTokenReqDTO request = (OAuth2AccessTokenReqDTO) invocation.getArguments()[0];
            parametersSetToRequest.put(OAuth.OAUTH_CODE, request.getAuthorizationCode());
            parametersSetToRequest.put(OAuth.OAUTH_USERNAME, request.getResourceOwnerUsername());
            parametersSetToRequest.put(OAuth.OAUTH_PASSWORD, request.getResourceOwnerPassword());
            parametersSetToRequest.put(OAuth.OAUTH_REFRESH_TOKEN, request.getRefreshToken());
            parametersSetToRequest.put(OAuth.OAUTH_ASSERTION, request.getAssertion());
            parametersSetToRequest.put(OAuthConstants.WINDOWS_TOKEN, request.getWindowsToken());
            parametersSetToRequest.put(OAuth.OAUTH_GRANT_TYPE, request.getGrantType());
            OAuth2AccessTokenRespDTO tokenRespDTO = new OAuth2AccessTokenRespDTO();
            return tokenRespDTO;
        }
    }).when(oAuth2Service).issueAccessToken(any(OAuth2AccessTokenReqDTO.class));
    CarbonOAuthTokenRequest oauthRequest = new CarbonOAuthTokenRequest(request);
    HttpServletRequestWrapper httpServletRequestWrapper = new HttpServletRequestWrapper(request);
    Class<?> clazz = OAuth2TokenEndpoint.class;
    Object tokenEndpointObj = clazz.newInstance();
    Method getAccessToken = tokenEndpointObj.getClass().getDeclaredMethod("issueAccessToken", CarbonOAuthTokenRequest.class, HttpServletRequestWrapper.class);
    getAccessToken.setAccessible(true);
    OAuth2AccessTokenRespDTO tokenRespDTO = (OAuth2AccessTokenRespDTO) getAccessToken.invoke(tokenEndpointObj, oauthRequest, httpServletRequestWrapper);
    assertNotNull(tokenRespDTO, "ResponseDTO is null");
    String[] paramsToCheck = additionalParameters.split(",");
    for (String param : paramsToCheck) {
        assertNotNull(parametersSetToRequest.get(param), "Required parameter " + param + " is not set for " + grantType + "grant type");
    }
}
Also used : HashMap(java.util.HashMap) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) Hashtable(java.util.Hashtable) ArrayList(java.util.ArrayList) Matchers.anyString(org.mockito.Matchers.anyString) Method(java.lang.reflect.Method) HttpMethod(javax.ws.rs.HttpMethod) CarbonOAuthTokenRequest(org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) HttpServletRequest(javax.servlet.http.HttpServletRequest) OAuthValidator(org.apache.oltu.oauth2.common.validators.OAuthValidator) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) InvocationOnMock(org.mockito.invocation.InvocationOnMock) Test(org.testng.annotations.Test) AfterTest(org.testng.annotations.AfterTest) BeforeTest(org.testng.annotations.BeforeTest) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 2 with CarbonOAuthTokenRequest

use of org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2TokenEndpoint method buildAccessTokenReqDTO.

private OAuth2AccessTokenReqDTO buildAccessTokenReqDTO(CarbonOAuthTokenRequest oauthRequest, HttpServletRequestWrapper httpServletRequestWrapper) {
    OAuth2AccessTokenReqDTO tokenReqDTO = new OAuth2AccessTokenReqDTO();
    OAuthClientAuthnContext oauthClientAuthnContext = oauthRequest.getoAuthClientAuthnContext();
    tokenReqDTO.setoAuthClientAuthnContext(oauthClientAuthnContext);
    String grantType = oauthRequest.getGrantType();
    tokenReqDTO.setGrantType(grantType);
    tokenReqDTO.setClientId(oauthClientAuthnContext.getClientId());
    tokenReqDTO.setClientSecret(oauthRequest.getClientSecret());
    tokenReqDTO.setCallbackURI(oauthRequest.getRedirectURI());
    tokenReqDTO.setScope(oauthRequest.getScopes().toArray(new String[0]));
    tokenReqDTO.setTenantDomain(oauthRequest.getTenantDomain());
    tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
    // Set all request parameters to the OAuth2AccessTokenReqDTO
    tokenReqDTO.setRequestParameters(oauthRequest.getRequestParameters());
    // Set all request headers to the OAuth2AccessTokenReqDTO
    tokenReqDTO.setHttpRequestHeaders(oauthRequest.getHttpRequestHeaders());
    // Set the request wrapper so we can get remote information later.
    tokenReqDTO.setHttpServletRequestWrapper(httpServletRequestWrapper);
    // Check the grant type and set the corresponding parameters
    if (GrantType.AUTHORIZATION_CODE.toString().equals(grantType)) {
        tokenReqDTO.setAuthorizationCode(oauthRequest.getCode());
        tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
    } else if (GrantType.PASSWORD.toString().equals(grantType)) {
        tokenReqDTO.setResourceOwnerUsername(oauthRequest.getUsername());
        tokenReqDTO.setResourceOwnerPassword(oauthRequest.getPassword());
    } else if (GrantType.REFRESH_TOKEN.toString().equals(grantType)) {
        tokenReqDTO.setRefreshToken(oauthRequest.getRefreshToken());
    } else if (org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString().equals(grantType)) {
        tokenReqDTO.setAssertion(oauthRequest.getAssertion());
    } else if (org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString().equals(grantType)) {
        tokenReqDTO.setWindowsToken(oauthRequest.getWindowsToken());
    }
    tokenReqDTO.addAuthenticationMethodReference(grantType);
    return tokenReqDTO;
}
Also used : OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)

Example 3 with CarbonOAuthTokenRequest

use of org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2TokenEndpoint method issueAccessToken.

protected Response issueAccessToken(HttpServletRequest request, Map<String, List<String>> paramMap) throws OAuthSystemException, InvalidRequestParentException {
    try {
        startSuperTenantFlow();
        validateRepeatedParams(request, paramMap);
        HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap);
        CarbonOAuthTokenRequest oauthRequest = buildCarbonOAuthTokenRequest(httpRequest);
        validateOAuthApplication(oauthRequest.getoAuthClientAuthnContext());
        OAuth2AccessTokenRespDTO oauth2AccessTokenResp = issueAccessToken(oauthRequest, httpRequest);
        if (oauth2AccessTokenResp.getErrorMsg() != null) {
            return handleErrorResponse(oauth2AccessTokenResp);
        } else {
            return buildTokenResponse(oauth2AccessTokenResp);
        }
    } catch (TokenEndpointBadRequestException | OAuthSystemException | InvalidApplicationClientException e) {
        triggerOnTokenExceptionListeners(e, request, paramMap);
        throw e;
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}
Also used : OAuthRequestWrapper(org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) TokenEndpointBadRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) InvalidApplicationClientException(org.wso2.carbon.identity.oauth.endpoint.exception.InvalidApplicationClientException) CarbonOAuthTokenRequest(org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest)

Aggregations

HttpServletRequestWrapper (javax.servlet.http.HttpServletRequestWrapper)2 OAuth2AccessTokenReqDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)2 OAuth2AccessTokenRespDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)2 CarbonOAuthTokenRequest (org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest)2 Method (java.lang.reflect.Method)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 Hashtable (java.util.Hashtable)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpMethod (javax.ws.rs.HttpMethod)1 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)1 OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)1 OAuthValidator (org.apache.oltu.oauth2.common.validators.OAuthValidator)1 Matchers.anyString (org.mockito.Matchers.anyString)1 InvocationOnMock (org.mockito.invocation.InvocationOnMock)1 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)1 AfterTest (org.testng.annotations.AfterTest)1 BeforeTest (org.testng.annotations.BeforeTest)1 Test (org.testng.annotations.Test)1 OAuthRequestWrapper (org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper)1