Add InlineAccessTokenInvoker unit test

src/main/java/com/monkeyk/sos/service/business/InlineAccessTokenInvoker.java

@@ -1,6 +1,7 @@
 package com.monkeyk.sos.service.business;
 
 import com.monkeyk.sos.service.dto.AccessTokenDto;
+import com.monkeyk.sos.web.context.SOSContextHolder;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -31,10 +32,11 @@ public abstract class InlineAccessTokenInvoker implements InitializingBean {
     private static final Logger LOG = LoggerFactory.getLogger(InlineAccessTokenInvoker.class);
 
 
-    protected transient AuthenticationManager authenticationManager;
+    protected transient AuthenticationManager authenticationManager = SOSContextHolder.getBean(AuthenticationManager.class);
 
-    protected transient AuthorizationServerTokenServices tokenServices;
-    protected transient ClientDetailsService clientDetailsService;
+    protected transient AuthorizationServerTokenServices tokenServices = SOSContextHolder.getBean(AuthorizationServerTokenServices.class);
+    ;
+    protected transient ClientDetailsService clientDetailsService = SOSContextHolder.getBean(ClientDetailsService.class);
 
 
     public InlineAccessTokenInvoker() {
@@ -73,6 +75,10 @@ public abstract class InlineAccessTokenInvoker implements InitializingBean {
         TokenRequest tokenRequest = oAuth2RequestFactory.createTokenRequest(params, clientDetails);
         final OAuth2AccessToken oAuth2AccessToken = tokenGranter.grant(getGrantType(params), tokenRequest);
 
+        if (oAuth2AccessToken == null) {
+            LOG.warn("TokenGranter: {} grant OAuth2AccessToken null", tokenGranter);
+            return null;
+        }
         AccessTokenDto accessTokenDto = new AccessTokenDto(oAuth2AccessToken);
         LOG.debug("Invoked accessTokenDto: {}", accessTokenDto);
         return accessTokenDto;

src/test/java/com/monkeyk/sos/service/business/AbstractInlineAccessTokenInvokerTest.java

@@ -0,0 +1,70 @@
+package com.monkeyk.sos.service.business;
+
+import com.monkeyk.sos.domain.oauth.OauthClientDetails;
+import com.monkeyk.sos.domain.oauth.OauthRepository;
+import com.monkeyk.sos.domain.user.Privilege;
+import com.monkeyk.sos.domain.user.User;
+import com.monkeyk.sos.domain.user.UserRepository;
+import com.monkeyk.sos.infrastructure.AbstractRepositoryTest;
+import com.monkeyk.sos.infrastructure.PasswordHandler;
+import org.apache.commons.lang.RandomStringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import static com.monkeyk.sos.config.OAuth2ServerConfiguration.RESOURCE_ID;
+
+/**
+ * 2019/7/6
+ *
+ * @author Shengzhao Li
+ */
+public abstract class AbstractInlineAccessTokenInvokerTest extends AbstractRepositoryTest {
+
+
+    @Autowired
+    OauthRepository oauthRepository;
+
+    @Autowired
+    UserRepository userRepository;
+
+
+    String clientId = "client_id_" + RandomStringUtils.random(6, true, true);
+    String clientSecret = "client_secret_" + RandomStringUtils.random(6, true, true);
+
+
+    String username = "user_" + RandomStringUtils.random(6, true, true);
+    String password = "password_" + RandomStringUtils.random(6, true, true);
+
+
+    User createUser() {
+
+
+        User user = new User(username, PasswordHandler.encode(password), "13300001111", "test@ssss.com");
+        user.privileges().add(Privilege.UNITY);
+        user.privileges().add(Privilege.USER);
+        user.privileges().add(Privilege.MOBILE);
+
+        userRepository.saveUser(user);
+
+        return user;
+    }
+
+
+    OauthClientDetails createClientDetails() {
+        OauthClientDetails clientDetails = new OauthClientDetails();
+        clientDetails.clientId(clientId)
+                .clientSecret(PasswordHandler.encode(clientSecret))
+                .authorizedGrantTypes(grantTypes())
+                .scope("read")
+                .accessTokenValidity(200)
+                .resourceIds(RESOURCE_ID);
+
+
+        oauthRepository.saveOauthClientDetails(clientDetails);
+        return clientDetails;
+    }
+
+    String grantTypes() {
+        return "authorization_code,password,implicit,client_credentials,refresh_token";
+    }
+
+}

src/test/java/com/monkeyk/sos/service/business/ClientCredentialsInlineAccessTokenInvokerTest.java

@@ -0,0 +1,86 @@
+package com.monkeyk.sos.service.business;
+
+import com.monkeyk.sos.service.dto.AccessTokenDto;
+import org.junit.Test;
+import org.springframework.security.oauth2.provider.NoSuchClientException;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.Assert.assertNotNull;
+
+/**
+ * 2019/7/6
+ *
+ * @author Shengzhao Li
+ */
+public class ClientCredentialsInlineAccessTokenInvokerTest extends AbstractInlineAccessTokenInvokerTest {
+
+
+    @Test
+    public void invokeNormal() {
+
+        createClientDetails();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId);
+        params.put("client_secret", clientSecret);
+        params.put("grant_type", "client_credentials");
+        params.put("scope", "read");
+
+
+        ClientCredentialsInlineAccessTokenInvoker accessTokenInvoker = new ClientCredentialsInlineAccessTokenInvoker();
+        final AccessTokenDto accessTokenDto = accessTokenInvoker.invoke(params);
+
+        assertNotNull(accessTokenDto);
+        assertNotNull(accessTokenDto.getAccessToken());
+
+//        System.out.println(accessTokenDto);
+
+    }
+
+    @Test(expected = NoSuchClientException.class)
+    public void invalidClientId() {
+
+        createClientDetails();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId + "ssoso");
+        params.put("client_secret", clientSecret);
+        params.put("grant_type", "client_credentials");
+        params.put("scope", "read");
+
+
+        ClientCredentialsInlineAccessTokenInvoker accessTokenInvoker = new ClientCredentialsInlineAccessTokenInvoker();
+        final AccessTokenDto accessTokenDto = accessTokenInvoker.invoke(params);
+
+        assertNotNull(accessTokenDto);
+        assertNotNull(accessTokenDto.getAccessToken());
+
+//        System.out.println(accessTokenDto);
+
+    }
+
+    @Test()
+    public void invalidClientSecret() {
+
+        createClientDetails();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId);
+        params.put("client_secret", clientSecret + "sooe");
+        params.put("grant_type", "client_credentials");
+        params.put("scope", "read");
+
+
+        ClientCredentialsInlineAccessTokenInvoker accessTokenInvoker = new ClientCredentialsInlineAccessTokenInvoker();
+        final AccessTokenDto accessTokenDto = accessTokenInvoker.invoke(params);
+
+        assertNotNull(accessTokenDto);
+        assertNotNull(accessTokenDto.getAccessToken());
+
+//        System.out.println(accessTokenDto);
+
+    }
+
+}

src/test/java/com/monkeyk/sos/service/business/PasswordInlineAccessTokenInvokerTest.java

@@ -0,0 +1,98 @@
+package com.monkeyk.sos.service.business;
+
+import com.monkeyk.sos.service.dto.AccessTokenDto;
+import org.junit.Test;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+/**
+ * 2019/7/6
+ *
+ * @author Shengzhao Li
+ */
+public class PasswordInlineAccessTokenInvokerTest extends AbstractInlineAccessTokenInvokerTest {
+
+
+    @Test
+    public void invokeNormal() {
+
+        createClientDetails();
+
+        createUser();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId);
+        params.put("client_secret", clientSecret);
+        params.put("grant_type", "password");
+        params.put("scope", "read");
+        params.put("username", username);
+        params.put("password", password);
+
+
+        PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker();
+        final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params);
+
+        assertNotNull(tokenDto);
+        assertNotNull(tokenDto.getAccessToken());
+        assertNotNull(tokenDto.getRefreshToken());
+
+//        System.out.println(accessTokenDto);
+
+    }
+
+
+    @Test(expected = InvalidGrantException.class)
+    public void invalidUsername() {
+
+        createClientDetails();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId);
+        params.put("client_secret", clientSecret);
+        params.put("grant_type", "password");
+        params.put("scope", "read");
+
+        params.put("username", "useraaa");
+        params.put("password", "password");
+
+        PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker();
+        final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params);
+
+        assertNull(tokenDto);
+
+//        System.out.println(accessTokenDto);
+
+    }
+
+
+    @Test(expected = IllegalStateException.class)
+    public void invalidScope() {
+
+        createClientDetails();
+        createUser();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId);
+        params.put("client_secret", clientSecret);
+        params.put("grant_type", "password");
+//        params.put("scope", "read");
+
+        params.put("username", username);
+        params.put("password", password);
+
+        PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker();
+        final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params);
+
+        assertNull(tokenDto);
+
+//        System.out.println(accessTokenDto);
+
+    }
+
+
+}

src/test/java/com/monkeyk/sos/service/business/RefreshTokenInlineAccessTokenInvokerTest.java

@@ -0,0 +1,110 @@
+package com.monkeyk.sos.service.business;
+
+import com.monkeyk.sos.service.dto.AccessTokenDto;
+import org.junit.Test;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.Assert.*;
+
+/**
+ * 2019/7/6
+ *
+ * @author Shengzhao Li
+ */
+public class RefreshTokenInlineAccessTokenInvokerTest extends AbstractInlineAccessTokenInvokerTest {
+
+
+    @Test
+    public void invokeNormal() {
+
+        createClientDetails();
+
+        createUser();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId);
+        params.put("client_secret", clientSecret);
+        params.put("grant_type", "password");
+        params.put("scope", "read");
+        params.put("username", username);
+        params.put("password", password);
+
+
+        PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker();
+        final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params);
+
+        assertNotNull(tokenDto);
+        assertNotNull(tokenDto.getRefreshToken());
+        assertNotNull(tokenDto.getAccessToken());
+
+
+        Map<String, String> params2 = new HashMap<>();
+        params2.put("client_id", clientId);
+        params2.put("client_secret", clientSecret);
+        params2.put("grant_type", "refresh_token");
+        params2.put("scope", "read");
+        params2.put("refresh_token", tokenDto.getRefreshToken());
+
+
+        RefreshTokenInlineAccessTokenInvoker refreshTokenInlineAccessTokenInvoker = new RefreshTokenInlineAccessTokenInvoker();
+        final AccessTokenDto accessTokenDto = refreshTokenInlineAccessTokenInvoker.invoke(params2);
+
+
+        assertNotNull(accessTokenDto);
+        assertNotNull(accessTokenDto.getAccessToken());
+
+        assertNotEquals(accessTokenDto.getAccessToken(), tokenDto.getAccessToken());
+        assertEquals(accessTokenDto.getRefreshToken(), tokenDto.getRefreshToken());
+
+    }
+
+
+    @Test(expected = InvalidGrantException.class)
+    public void invalidRefreshToken() {
+
+        createClientDetails();
+
+        createUser();
+
+        Map<String, String> params = new HashMap<>();
+        params.put("client_id", clientId);
+        params.put("client_secret", clientSecret);
+        params.put("grant_type", "password");
+        params.put("scope", "read");
+        params.put("username", username);
+        params.put("password", password);
+
+
+        PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker();
+        final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params);
+
+        assertNotNull(tokenDto);
+        assertNotNull(tokenDto.getRefreshToken());
+        assertNotNull(tokenDto.getAccessToken());
+
+
+        Map<String, String> params2 = new HashMap<>();
+        params2.put("client_id", clientId);
+        params2.put("client_secret", clientSecret);
+        params2.put("grant_type", "refresh_token");
+        params2.put("scope", "read");
+        params2.put("refresh_token", tokenDto.getRefreshToken() + "sss");
+
+
+        RefreshTokenInlineAccessTokenInvoker refreshTokenInlineAccessTokenInvoker = new RefreshTokenInlineAccessTokenInvoker();
+        final AccessTokenDto accessTokenDto = refreshTokenInlineAccessTokenInvoker.invoke(params2);
+
+
+        assertNotNull(accessTokenDto);
+        assertNotNull(accessTokenDto.getAccessToken());
+
+        assertNotEquals(accessTokenDto.getAccessToken(), tokenDto.getAccessToken());
+        assertEquals(accessTokenDto.getRefreshToken(), tokenDto.getRefreshToken());
+
+    }
+
+
+}