Example 1 with AuthorizationGrantHandler
use of org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthServerConfiguration method getSupportedGrantTypes.
public Map<String, AuthorizationGrantHandler> getSupportedGrantTypes() {
if (supportedGrantTypes == null) {
synchronized (this) {
if (supportedGrantTypes == null) {
Map<String, AuthorizationGrantHandler> supportedGrantTypesTemp = new HashMap<>();
for (Map.Entry<String, String> entry : supportedGrantTypeClassNames.entrySet()) {
AuthorizationGrantHandler authzGrantHandler = null;
try {
authzGrantHandler = (AuthorizationGrantHandler) Class.forName(entry.getValue()).newInstance();
authzGrantHandler.init();
} catch (InstantiationException e) {
log.error("Error instantiating " + entry.getValue(), e);
} catch (IllegalAccessException e) {
log.error("Illegal access to " + entry.getValue(), e);
} catch (ClassNotFoundException e) {
log.error("Cannot find class: " + entry.getValue(), e);
} catch (IdentityOAuth2Exception e) {
log.error("Error while initializing " + entry.getValue(), e);
}
if (authzGrantHandler != null) {
supportedGrantTypesTemp.put(entry.getKey(), authzGrantHandler);
} else {
log.warn("Grant type : " + entry.getKey() + ", is not added as a supported grant type. " + "Relevant grant handler failed to initiate properly.");
}
}
supportedGrantTypes = supportedGrantTypesTemp;
}
}
}
return supportedGrantTypes;
}
Also used :
IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)
AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)
HashMap(java.util.HashMap)
Map(java.util.Map)
HashMap(java.util.HashMap)
Example 2 with AuthorizationGrantHandler
use of org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testIssueValidateGrantError.
@Test(dataProvider = "invalidGrantErrorDataProvider")
public void testIssueValidateGrantError(boolean throwException, String exceptionMsg) throws Exception {
AuthorizationGrantHandler dummyGrantHandler = mock(AuthorizationGrantHandler.class);
when(dummyGrantHandler.isConfidentialClient()).thenReturn(false);
// Not a confidential client
when(dummyGrantHandler.isOfTypeApplicationUser()).thenReturn(true);
when(dummyGrantHandler.isAuthorizedClient(any(OAuthTokenReqMessageContext.class))).thenReturn(true);
if (throwException) {
// validate grant will throw an exception
when(dummyGrantHandler.validateGrant(any(OAuthTokenReqMessageContext.class))).thenThrow(new IdentityOAuth2Exception(exceptionMsg));
} else {
// validate grant will return false
when(dummyGrantHandler.validateGrant(any(OAuthTokenReqMessageContext.class))).thenReturn(false);
}
HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
authorizationGrantHandlers.put(DUMMY_GRANT_TYPE, dummyGrantHandler);
mockOAuth2ServerConfiguration(authorizationGrantHandlers);
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(DUMMY_GRANT_TYPE);
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertTrue(tokenRespDTO.isError());
assertEquals(tokenRespDTO.getErrorCode(), OAuthError.TokenResponse.INVALID_GRANT);
assertEquals(tokenRespDTO.getErrorMsg(), exceptionMsg);
}
Also used :
IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)
OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)
AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)
HashMap(java.util.HashMap)
Matchers.anyString(org.mockito.Matchers.anyString)
OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)
OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)
Example 3 with AuthorizationGrantHandler
use of org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method getMockGrantHandlerForSuccess.
private AuthorizationGrantHandler getMockGrantHandlerForSuccess(boolean isOfTypeApplicationUser) throws IdentityOAuth2Exception {
AuthorizationGrantHandler dummyGrantHandler = mock(AuthorizationGrantHandler.class);
// Not a confidential client
when(dummyGrantHandler.isConfidentialClient()).thenReturn(false);
// This grant issue token for an APPLICATION
when(dummyGrantHandler.isOfTypeApplicationUser()).thenReturn(isOfTypeApplicationUser);
// Unauthorized client
when(dummyGrantHandler.isAuthorizedClient(any(OAuthTokenReqMessageContext.class))).thenReturn(true);
when(dummyGrantHandler.validateGrant(any(OAuthTokenReqMessageContext.class))).thenReturn(true);
when(dummyGrantHandler.validateScope(any(OAuthTokenReqMessageContext.class))).thenReturn(true);
when(dummyGrantHandler.authorizeAccessDelegation(any(OAuthTokenReqMessageContext.class))).thenReturn(true);
return dummyGrantHandler;
}
Also used :
AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)
Example 4 with AuthorizationGrantHandler
use of org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testClientAuthenticaion.
/**
* Make sure oauth client authenticaion is done with context data.
*
* @throws Exception
*/
@Test(dataProvider = "clientAuthContextDataProvider")
public void testClientAuthenticaion(String clientId, String errorCode, boolean isAuthenticated, String authenticator1, String authenticator2, String expectedErrorCode, boolean isConfidential, boolean authnResult) throws Exception {
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setClientId(clientId);
oAuthClientAuthnContext.setErrorCode(errorCode);
oAuthClientAuthnContext.setAuthenticated(isAuthenticated);
if (StringUtils.isNotEmpty(authenticator1)) {
oAuthClientAuthnContext.addAuthenticator(authenticator1);
}
if (StringUtils.isNotEmpty(authenticator2)) {
oAuthClientAuthnContext.addAuthenticator(authenticator2);
}
AuthorizationGrantHandler dummyGrantHandler = getMockGrantHandlerForSuccess(true);
final ResponseHeader responseHeader = new ResponseHeader();
responseHeader.setKey("Header");
responseHeader.setValue("HeaderValue");
final ResponseHeader[] responseHeaders = new ResponseHeader[] { responseHeader };
when(dummyGrantHandler.issue(any(OAuthTokenReqMessageContext.class))).then(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
OAuthTokenReqMessageContext context = invocationOnMock.getArgumentAt(0, OAuthTokenReqMessageContext.class);
// set some response headers
context.addProperty(OAuthConstants.RESPONSE_HEADERS_PROPERTY, responseHeaders);
String[] scopeArray = context.getOauth2AccessTokenReqDTO().getScope();
context.setScope(scopeArray);
return new OAuth2AccessTokenRespDTO();
}
});
when(dummyGrantHandler.isConfidentialClient()).thenReturn(isConfidential);
HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
authorizationGrantHandlers.put(DUMMY_GRANT_TYPE, dummyGrantHandler);
mockOAuth2ServerConfiguration(authorizationGrantHandlers);
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(DUMMY_GRANT_TYPE);
reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertEquals(tokenRespDTO.isError(), !authnResult);
assertEquals(tokenRespDTO.getErrorCode(), expectedErrorCode);
}
Also used :
ResponseHeader(org.wso2.carbon.identity.oauth2.ResponseHeader)
AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)
HashMap(java.util.HashMap)
Matchers.anyString(org.mockito.Matchers.anyString)
OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)
OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)
OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)
Example 5 with AuthorizationGrantHandler
use of org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testIssueWithNoClientAuthentication.
/**
* No client authenticators to handle authentication but the grant type is restricted to confidential clients.
*
* @throws Exception
*/
@Test
public void testIssueWithNoClientAuthentication() throws Exception {
AuthorizationGrantHandler dummyGrantHandler = mock(AuthorizationGrantHandler.class);
when(dummyGrantHandler.isConfidentialClient()).thenReturn(true);
HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
authorizationGrantHandlers.put(DUMMY_GRANT_TYPE, dummyGrantHandler);
mockOAuth2ServerConfiguration(authorizationGrantHandlers);
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(DUMMY_GRANT_TYPE);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertTrue(tokenRespDTO.isError());
assertEquals(tokenRespDTO.getErrorCode(), OAuth2ErrorCodes.INVALID_CLIENT);
}
Also used :
OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)
AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)
HashMap(java.util.HashMap)
Matchers.anyString(org.mockito.Matchers.anyString)
OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)
Test(org.testng.annotations.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)
Aggregations
AuthorizationGrantHandler (org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)13
HashMap (java.util.HashMap)11
OAuth2AccessTokenRespDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)11
Matchers.anyString (org.mockito.Matchers.anyString)10
Test (org.testng.annotations.Test)8
OAuth2AccessTokenReqDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)8
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)7
PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)7
OAuthClientAuthnContext (org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)6
InvocationOnMock (org.mockito.invocation.InvocationOnMock)4
IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)4
Map (java.util.Map)2
ResponseHeader (org.wso2.carbon.identity.oauth2.ResponseHeader)2
IDTokenBuilder (org.wso2.carbon.identity.openidconnect.IDTokenBuilder)2
ArrayList (java.util.ArrayList)1
Hashtable (java.util.Hashtable)1
AuthenticatedUser (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser)1
OAuthAppDO (org.wso2.carbon.identity.oauth.dao.OAuthAppDO)1
IDTokenValidationFailureException (org.wso2.carbon.identity.oauth2.IDTokenValidationFailureException)1
OAuthTokenReqMessageContext (org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext)1
