Example 1 with AccessToken
use of uk.nhs.digital.intranet.model.AccessToken in project hippo by NHS-digital-website.
the class AccessTokenValveTest method setsRequestContextAttributeIfAccessTokenNotExpired.
@Test
public void setsRequestContextAttributeIfAccessTokenNotExpired() throws Exception {
final AccessToken accessToken = new AccessToken("token", "refresh", 3600);
when(servletRequest.getCookies()).thenReturn(new Cookie[] { ACCESS_TOKEN_COOKIE });
when(encoder.decode(ENCODED_COOKIE_VALUE)).thenReturn(accessToken);
valve.invoke(valveContext);
verify(requestContext).setAttribute(Constants.ACCESS_TOKEN_PROPERTY_NAME, "token");
verify(valveContext).invokeNext();
}
Also used :
AccessToken(uk.nhs.digital.intranet.model.AccessToken)
Test(org.junit.Test)
Example 2 with AccessToken
use of uk.nhs.digital.intranet.model.AccessToken in project hippo by NHS-digital-website.
the class AccessTokenValveTest method failsGracefullyIfCannotRequestNewAccessToken.
@Test
public void failsGracefullyIfCannotRequestNewAccessToken() throws Exception {
final AccessToken expiredAccessToken = new AccessToken("token", null, -3600);
final AccessToken completeAccessToken = new AccessToken("token", REFRESH_TOKEN, -3600);
when(servletRequest.getCookies()).thenReturn(new Cookie[] { ACCESS_TOKEN_COOKIE, REFRESH_TOKEN_COOKIE });
when(encoder.decode(ENCODED_COOKIE_VALUE)).thenReturn(expiredAccessToken);
when(authorizationProvider.refreshAccessToken(completeAccessToken)).thenThrow(new AuthorizationException(HttpStatus.BAD_REQUEST, new RuntimeException()));
valve.invoke(valveContext);
verify(requestContext).removeAttribute(Constants.ACCESS_TOKEN_PROPERTY_NAME);
verify(servletResponse).addCookie(CookieProvider.EMPTY_ACCESS_TOKEN_COOKIE);
verify(servletResponse).addCookie(CookieProvider.EMPTY_REFRESH_TOKEN_COOKIE);
verify(valveContext).invokeNext();
}
Also used :
AuthorizationException(uk.nhs.digital.intranet.model.exception.AuthorizationException)
AccessToken(uk.nhs.digital.intranet.model.AccessToken)
Test(org.junit.Test)
Example 3 with AccessToken
use of uk.nhs.digital.intranet.model.AccessToken in project hippo by NHS-digital-website.
the class AccessTokenValveTest method usesNullRefreshTokenIfRefreshTokenCookieNotPresent.
@Test
public void usesNullRefreshTokenIfRefreshTokenCookieNotPresent() throws Exception {
final AccessToken expiredAccessToken = new AccessToken("token", null, -3600);
when(servletRequest.getCookies()).thenReturn(new Cookie[] { ACCESS_TOKEN_COOKIE });
when(encoder.decode(ENCODED_COOKIE_VALUE)).thenReturn(expiredAccessToken);
when(authorizationProvider.refreshAccessToken(expiredAccessToken)).thenThrow(new AuthorizationException(HttpStatus.BAD_REQUEST, new RuntimeException()));
valve.invoke(valveContext);
verify(requestContext).removeAttribute(Constants.ACCESS_TOKEN_PROPERTY_NAME);
verify(servletResponse).addCookie(CookieProvider.EMPTY_ACCESS_TOKEN_COOKIE);
verify(servletResponse).addCookie(CookieProvider.EMPTY_REFRESH_TOKEN_COOKIE);
verify(valveContext).invokeNext();
}
Also used :
AuthorizationException(uk.nhs.digital.intranet.model.exception.AuthorizationException)
AccessToken(uk.nhs.digital.intranet.model.AccessToken)
Test(org.junit.Test)
Example 4 with AccessToken
use of uk.nhs.digital.intranet.model.AccessToken in project hippo by NHS-digital-website.
the class MicrosoftGraphAuthorizationProviderTest method throwsExceptionIfAccessTokenResponseIsNullOnRefreshAccessToken.
@Test(expected = IllegalArgumentException.class)
public void throwsExceptionIfAccessTokenResponseIsNullOnRefreshAccessToken() throws Exception {
when(restTemplate.postForEntity(any(URI.class), any(HttpEntity.class), any())).thenReturn(ResponseEntity.ok().body(null));
final AccessToken oldAccessToken = new AccessToken(TOKEN, REFRESH_TOKEN, 1);
authorizationProvider.refreshAccessToken(oldAccessToken);
}
Also used :
AccessToken(uk.nhs.digital.intranet.model.AccessToken)
URI(java.net.URI)
Test(org.junit.Test)
Example 5 with AccessToken
use of uk.nhs.digital.intranet.model.AccessToken in project hippo by NHS-digital-website.
the class MicrosoftGraphAuthorizationProviderTest method callsGraphApiWithCorrectHeadersAndRefreshesAccessToken.
@Test
public void callsGraphApiWithCorrectHeadersAndRefreshesAccessToken() throws Exception {
when(restTemplate.postForEntity(any(URI.class), any(HttpEntity.class), any())).thenReturn(ResponseEntity.ok().body(TOKEN_RESPONSE));
final AccessToken oldAccessToken = new AccessToken(TOKEN, REFRESH_TOKEN, 1);
final MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("client_id", APP_ID);
map.add("scope", SCOPE);
map.add("redirect_uri", REDIRECT_URI);
map.add("grant_type", "refresh_token");
map.add("client_secret", CLIENT_SECRET);
map.add("refresh_token", REFRESH_TOKEN);
final HttpEntity<MultiValueMap<String, String>> httpRequest = getHttpRequest(map);
final AccessToken accessToken = authorizationProvider.refreshAccessToken(oldAccessToken);
verify(restTemplate).postForEntity(URI.create(TOKEN_URL), httpRequest, TokenResponse.class);
assertNotNull(accessToken);
assertEquals(TOKEN, accessToken.getToken());
assertEquals(REFRESH_TOKEN, accessToken.getRefreshToken());
assertTrue("Token expiration should be within 5 seconds of calculated time", timeWithin5Seconds(accessToken));
}
Also used :
LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)
AccessToken(uk.nhs.digital.intranet.model.AccessToken)
URI(java.net.URI)
MultiValueMap(org.springframework.util.MultiValueMap)
LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)
Test(org.junit.Test)
Aggregations
AccessToken (uk.nhs.digital.intranet.model.AccessToken)18
Test (org.junit.Test)12
Cookie (javax.servlet.http.Cookie)7
AuthorizationException (uk.nhs.digital.intranet.model.exception.AuthorizationException)6
URI (java.net.URI)4
LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)3
MultiValueMap (org.springframework.util.MultiValueMap)3
HstRequestContext (org.hippoecm.hst.core.request.HstRequestContext)1
HttpEntity (org.springframework.http.HttpEntity)1
HttpHeaders (org.springframework.http.HttpHeaders)1
HttpClientErrorException (org.springframework.web.client.HttpClientErrorException)1
HttpStatusCodeException (org.springframework.web.client.HttpStatusCodeException)1
TokenResponse (uk.nhs.digital.intranet.json.TokenResponse)1
