use of org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2TokenEndpointTest method testGetAccessToken.
@Test(dataProvider = "testGetAccessTokenDataProvider")
public void testGetAccessToken(String grantType, String additionalParameters) throws Exception {
Map<String, String[]> requestParams = new HashMap<>();
requestParams.put(OAuth.OAUTH_CLIENT_ID, new String[] { CLIENT_ID_VALUE });
requestParams.put(OAuth.OAUTH_GRANT_TYPE, new String[] { grantType });
requestParams.put(OAuth.OAUTH_SCOPE, new String[] { "scope1" });
// Required params for authorization_code grant type
requestParams.put(OAuth.OAUTH_REDIRECT_URI, new String[] { APP_REDIRECT_URL });
requestParams.put(OAuth.OAUTH_CODE, new String[] { "auth_code" });
// Required params for password grant type
requestParams.put(OAuth.OAUTH_USERNAME, new String[] { USERNAME });
requestParams.put(OAuth.OAUTH_PASSWORD, new String[] { "password" });
// Required params for refresh token grant type
requestParams.put(OAuth.OAUTH_REFRESH_TOKEN, new String[] { REFRESH_TOKEN });
// Required params for saml2 bearer grant type
requestParams.put(OAuth.OAUTH_ASSERTION, new String[] { "dummyAssertion" });
// Required params for IWA_NLTM grant type
requestParams.put(OAuthConstants.WINDOWS_TOKEN, new String[] { "dummyWindowsToken" });
HttpServletRequest request = mockHttpRequest(requestParams, new HashMap<String, Object>());
when(request.getHeader(OAuthConstants.HTTP_REQ_HEADER_AUTHZ)).thenReturn(AUTHORIZATION_HEADER);
when(request.getHeaderNames()).thenReturn(Collections.enumeration(new ArrayList<String>() {
{
add(OAuthConstants.HTTP_REQ_HEADER_AUTHZ);
}
}));
Map<String, Class<? extends OAuthValidator<HttpServletRequest>>> grantTypeValidators = new Hashtable<>();
grantTypeValidators.put(GrantType.PASSWORD.toString(), PasswordValidator.class);
grantTypeValidators.put(GrantType.CLIENT_CREDENTIALS.toString(), ClientCredentialValidator.class);
grantTypeValidators.put(GrantType.AUTHORIZATION_CODE.toString(), AuthorizationCodeValidator.class);
grantTypeValidators.put(GrantType.REFRESH_TOKEN.toString(), RefreshTokenValidator.class);
grantTypeValidators.put(org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString(), NTLMAuthenticationValidator.class);
grantTypeValidators.put(org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString(), SAML2GrantValidator.class);
mockOAuthServerConfiguration();
when(oAuthServerConfiguration.getSupportedGrantTypeValidators()).thenReturn(grantTypeValidators);
spy(EndpointUtil.class);
doReturn(oAuth2Service).when(EndpointUtil.class, "getOAuth2Service");
final Map<String, String> parametersSetToRequest = new HashMap<>();
doAnswer(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocation) throws Throwable {
OAuth2AccessTokenReqDTO request = (OAuth2AccessTokenReqDTO) invocation.getArguments()[0];
parametersSetToRequest.put(OAuth.OAUTH_CODE, request.getAuthorizationCode());
parametersSetToRequest.put(OAuth.OAUTH_USERNAME, request.getResourceOwnerUsername());
parametersSetToRequest.put(OAuth.OAUTH_PASSWORD, request.getResourceOwnerPassword());
parametersSetToRequest.put(OAuth.OAUTH_REFRESH_TOKEN, request.getRefreshToken());
parametersSetToRequest.put(OAuth.OAUTH_ASSERTION, request.getAssertion());
parametersSetToRequest.put(OAuthConstants.WINDOWS_TOKEN, request.getWindowsToken());
parametersSetToRequest.put(OAuth.OAUTH_GRANT_TYPE, request.getGrantType());
OAuth2AccessTokenRespDTO tokenRespDTO = new OAuth2AccessTokenRespDTO();
return tokenRespDTO;
}
}).when(oAuth2Service).issueAccessToken(any(OAuth2AccessTokenReqDTO.class));
CarbonOAuthTokenRequest oauthRequest = new CarbonOAuthTokenRequest(request);
HttpServletRequestWrapper httpServletRequestWrapper = new HttpServletRequestWrapper(request);
Class<?> clazz = OAuth2TokenEndpoint.class;
Object tokenEndpointObj = clazz.newInstance();
Method getAccessToken = tokenEndpointObj.getClass().getDeclaredMethod("issueAccessToken", CarbonOAuthTokenRequest.class, HttpServletRequestWrapper.class);
getAccessToken.setAccessible(true);
OAuth2AccessTokenRespDTO tokenRespDTO = (OAuth2AccessTokenRespDTO) getAccessToken.invoke(tokenEndpointObj, oauthRequest, httpServletRequestWrapper);
assertNotNull(tokenRespDTO, "ResponseDTO is null");
String[] paramsToCheck = additionalParameters.split(",");
for (String param : paramsToCheck) {
assertNotNull(parametersSetToRequest.get(param), "Required parameter " + param + " is not set for " + grantType + "grant type");
}
}
use of org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2TokenEndpoint method buildAccessTokenReqDTO.
private OAuth2AccessTokenReqDTO buildAccessTokenReqDTO(CarbonOAuthTokenRequest oauthRequest, HttpServletRequestWrapper httpServletRequestWrapper) {
OAuth2AccessTokenReqDTO tokenReqDTO = new OAuth2AccessTokenReqDTO();
OAuthClientAuthnContext oauthClientAuthnContext = oauthRequest.getoAuthClientAuthnContext();
tokenReqDTO.setoAuthClientAuthnContext(oauthClientAuthnContext);
String grantType = oauthRequest.getGrantType();
tokenReqDTO.setGrantType(grantType);
tokenReqDTO.setClientId(oauthClientAuthnContext.getClientId());
tokenReqDTO.setClientSecret(oauthRequest.getClientSecret());
tokenReqDTO.setCallbackURI(oauthRequest.getRedirectURI());
tokenReqDTO.setScope(oauthRequest.getScopes().toArray(new String[0]));
tokenReqDTO.setTenantDomain(oauthRequest.getTenantDomain());
tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
// Set all request parameters to the OAuth2AccessTokenReqDTO
tokenReqDTO.setRequestParameters(oauthRequest.getRequestParameters());
// Set all request headers to the OAuth2AccessTokenReqDTO
tokenReqDTO.setHttpRequestHeaders(oauthRequest.getHttpRequestHeaders());
// Set the request wrapper so we can get remote information later.
tokenReqDTO.setHttpServletRequestWrapper(httpServletRequestWrapper);
// Check the grant type and set the corresponding parameters
if (GrantType.AUTHORIZATION_CODE.toString().equals(grantType)) {
tokenReqDTO.setAuthorizationCode(oauthRequest.getCode());
tokenReqDTO.setPkceCodeVerifier(oauthRequest.getPkceCodeVerifier());
} else if (GrantType.PASSWORD.toString().equals(grantType)) {
tokenReqDTO.setResourceOwnerUsername(oauthRequest.getUsername());
tokenReqDTO.setResourceOwnerPassword(oauthRequest.getPassword());
} else if (GrantType.REFRESH_TOKEN.toString().equals(grantType)) {
tokenReqDTO.setRefreshToken(oauthRequest.getRefreshToken());
} else if (org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString().equals(grantType)) {
tokenReqDTO.setAssertion(oauthRequest.getAssertion());
} else if (org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString().equals(grantType)) {
tokenReqDTO.setWindowsToken(oauthRequest.getWindowsToken());
}
tokenReqDTO.addAuthenticationMethodReference(grantType);
return tokenReqDTO;
}
use of org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2TokenEndpoint method issueAccessToken.
protected Response issueAccessToken(HttpServletRequest request, Map<String, List<String>> paramMap) throws OAuthSystemException, InvalidRequestParentException {
try {
startSuperTenantFlow();
validateRepeatedParams(request, paramMap);
HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap);
CarbonOAuthTokenRequest oauthRequest = buildCarbonOAuthTokenRequest(httpRequest);
validateOAuthApplication(oauthRequest.getoAuthClientAuthnContext());
OAuth2AccessTokenRespDTO oauth2AccessTokenResp = issueAccessToken(oauthRequest, httpRequest);
if (oauth2AccessTokenResp.getErrorMsg() != null) {
return handleErrorResponse(oauth2AccessTokenResp);
} else {
return buildTokenResponse(oauth2AccessTokenResp);
}
} catch (TokenEndpointBadRequestException | OAuthSystemException | InvalidApplicationClientException e) {
triggerOnTokenExceptionListeners(e, request, paramMap);
throw e;
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
Aggregations