use of org.wso2.carbon.identity.oauth2.util.OAuth2Util in project identity-inbound-auth-oauth by wso2-extensions.
the class RequestObjectValidatorImplTest method testValidateRequestObj.
@Test(dataProvider = "provideJWT")
public void testValidateRequestObj(String jwt, boolean isSigned, boolean isEncrypted, boolean validSignature, boolean validRequestObj, String errorMsg) throws Exception {
OAuth2Parameters oAuth2Parameters = new OAuth2Parameters();
oAuth2Parameters.setTenantDomain(SUPER_TENANT_DOMAIN_NAME);
oAuth2Parameters.setClientId(TEST_CLIENT_ID_1);
mockStatic(IdentityUtil.class);
when(IdentityUtil.getServerURL(anyString(), anyBoolean(), anyBoolean())).thenReturn("some-server-url");
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
IdentityEventService eventServiceMock = mock(IdentityEventService.class);
mockStatic(CentralLogMgtServiceComponentHolder.class);
when(CentralLogMgtServiceComponentHolder.getInstance()).thenReturn(centralLogMgtServiceComponentHolderMock);
when(centralLogMgtServiceComponentHolderMock.getIdentityEventService()).thenReturn(eventServiceMock);
PowerMockito.doNothing().when(eventServiceMock).handleEvent(any());
OAuthServerConfiguration oauthServerConfigurationMock = mock(OAuthServerConfiguration.class);
mockStatic(OAuthServerConfiguration.class);
when(OAuthServerConfiguration.getInstance()).thenReturn(oauthServerConfigurationMock);
rsaPrivateKey = (RSAPrivateKey) wso2KeyStore.getKey("wso2carbon", "wso2carbon".toCharArray());
mockStatic(OAuth2Util.class);
when(OAuth2Util.getTenantId(SUPER_TENANT_DOMAIN_NAME)).thenReturn(SUPER_TENANT_ID);
when((OAuth2Util.getPrivateKey(anyString(), anyInt()))).thenReturn(rsaPrivateKey);
// Mock OAuth2Util returning public cert of the service provider
when(OAuth2Util.getX509CertOfOAuthApp(TEST_CLIENT_ID_1, SUPER_TENANT_DOMAIN_NAME)).thenReturn(clientKeyStore.getCertificate(CLIENT_PUBLIC_CERT_ALIAS));
RequestObjectValidatorImpl requestObjectValidator = PowerMockito.spy(new RequestObjectValidatorImpl());
RequestParamRequestObjectBuilder requestParamRequestObjectBuilder = new RequestParamRequestObjectBuilder();
when((oauthServerConfigurationMock.getRequestObjectValidator())).thenReturn(requestObjectValidator);
mockIdentityProviderManager();
PowerMockito.mockStatic(IdentityApplicationManagementUtil.class);
FederatedAuthenticatorConfig config = new FederatedAuthenticatorConfig();
when(IdentityApplicationManagementUtil.getFederatedAuthenticator(any(), any())).thenReturn(config);
Property property = new Property();
property.setValue(SOME_SERVER_URL);
when(IdentityApplicationManagementUtil.getProperty(config.getProperties(), "IdPEntityId")).thenReturn(property);
RequestObject requestObject = requestParamRequestObjectBuilder.buildRequestObject(jwt, oAuth2Parameters);
Assert.assertEquals(requestParamRequestObjectBuilder.isEncrypted(jwt), isEncrypted, "Payload is encrypted:" + isEncrypted);
Assert.assertEquals(requestObjectValidator.isSigned(requestObject), isSigned, "Request object isSigned: " + isSigned);
if (isSigned) {
Assert.assertEquals(requestObjectValidator.validateSignature(requestObject, oAuth2Parameters), validSignature, errorMsg + "Request Object Signature Validation failed.");
}
boolean validObject;
try {
validObject = requestObjectValidator.validateRequestObject(requestObject, oAuth2Parameters);
} catch (Exception e) {
validObject = false;
}
Assert.assertEquals(validObject, validRequestObj, errorMsg);
}
Aggregations