From 700074a9f9993246e67dff16a927470275a65e14 Mon Sep 17 00:00:00 2001 From: monkeyk7 Date: Sat, 6 Jul 2019 23:03:25 +0800 Subject: [PATCH] Add InlineAccessTokenInvoker unit test --- .../business/InlineAccessTokenInvoker.java | 12 +- .../AbstractInlineAccessTokenInvokerTest.java | 70 +++++++++++ ...edentialsInlineAccessTokenInvokerTest.java | 86 ++++++++++++++ .../PasswordInlineAccessTokenInvokerTest.java | 98 ++++++++++++++++ ...reshTokenInlineAccessTokenInvokerTest.java | 110 ++++++++++++++++++ 5 files changed, 373 insertions(+), 3 deletions(-) create mode 100644 src/test/java/com/monkeyk/sos/service/business/AbstractInlineAccessTokenInvokerTest.java create mode 100644 src/test/java/com/monkeyk/sos/service/business/ClientCredentialsInlineAccessTokenInvokerTest.java create mode 100644 src/test/java/com/monkeyk/sos/service/business/PasswordInlineAccessTokenInvokerTest.java create mode 100644 src/test/java/com/monkeyk/sos/service/business/RefreshTokenInlineAccessTokenInvokerTest.java diff --git a/src/main/java/com/monkeyk/sos/service/business/InlineAccessTokenInvoker.java b/src/main/java/com/monkeyk/sos/service/business/InlineAccessTokenInvoker.java index f91c4d1..a79a624 100644 --- a/src/main/java/com/monkeyk/sos/service/business/InlineAccessTokenInvoker.java +++ b/src/main/java/com/monkeyk/sos/service/business/InlineAccessTokenInvoker.java @@ -1,6 +1,7 @@ package com.monkeyk.sos.service.business; import com.monkeyk.sos.service.dto.AccessTokenDto; +import com.monkeyk.sos.web.context.SOSContextHolder; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -31,10 +32,11 @@ public abstract class InlineAccessTokenInvoker implements InitializingBean { private static final Logger LOG = LoggerFactory.getLogger(InlineAccessTokenInvoker.class); - protected transient AuthenticationManager authenticationManager; + protected transient AuthenticationManager authenticationManager = SOSContextHolder.getBean(AuthenticationManager.class); - protected transient AuthorizationServerTokenServices tokenServices; - protected transient ClientDetailsService clientDetailsService; + protected transient AuthorizationServerTokenServices tokenServices = SOSContextHolder.getBean(AuthorizationServerTokenServices.class); + ; + protected transient ClientDetailsService clientDetailsService = SOSContextHolder.getBean(ClientDetailsService.class); public InlineAccessTokenInvoker() { @@ -73,6 +75,10 @@ public abstract class InlineAccessTokenInvoker implements InitializingBean { TokenRequest tokenRequest = oAuth2RequestFactory.createTokenRequest(params, clientDetails); final OAuth2AccessToken oAuth2AccessToken = tokenGranter.grant(getGrantType(params), tokenRequest); + if (oAuth2AccessToken == null) { + LOG.warn("TokenGranter: {} grant OAuth2AccessToken null", tokenGranter); + return null; + } AccessTokenDto accessTokenDto = new AccessTokenDto(oAuth2AccessToken); LOG.debug("Invoked accessTokenDto: {}", accessTokenDto); return accessTokenDto; diff --git a/src/test/java/com/monkeyk/sos/service/business/AbstractInlineAccessTokenInvokerTest.java b/src/test/java/com/monkeyk/sos/service/business/AbstractInlineAccessTokenInvokerTest.java new file mode 100644 index 0000000..1c06632 --- /dev/null +++ b/src/test/java/com/monkeyk/sos/service/business/AbstractInlineAccessTokenInvokerTest.java @@ -0,0 +1,70 @@ +package com.monkeyk.sos.service.business; + +import com.monkeyk.sos.domain.oauth.OauthClientDetails; +import com.monkeyk.sos.domain.oauth.OauthRepository; +import com.monkeyk.sos.domain.user.Privilege; +import com.monkeyk.sos.domain.user.User; +import com.monkeyk.sos.domain.user.UserRepository; +import com.monkeyk.sos.infrastructure.AbstractRepositoryTest; +import com.monkeyk.sos.infrastructure.PasswordHandler; +import org.apache.commons.lang.RandomStringUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import static com.monkeyk.sos.config.OAuth2ServerConfiguration.RESOURCE_ID; + +/** + * 2019/7/6 + * + * @author Shengzhao Li + */ +public abstract class AbstractInlineAccessTokenInvokerTest extends AbstractRepositoryTest { + + + @Autowired + OauthRepository oauthRepository; + + @Autowired + UserRepository userRepository; + + + String clientId = "client_id_" + RandomStringUtils.random(6, true, true); + String clientSecret = "client_secret_" + RandomStringUtils.random(6, true, true); + + + String username = "user_" + RandomStringUtils.random(6, true, true); + String password = "password_" + RandomStringUtils.random(6, true, true); + + + User createUser() { + + + User user = new User(username, PasswordHandler.encode(password), "13300001111", "test@ssss.com"); + user.privileges().add(Privilege.UNITY); + user.privileges().add(Privilege.USER); + user.privileges().add(Privilege.MOBILE); + + userRepository.saveUser(user); + + return user; + } + + + OauthClientDetails createClientDetails() { + OauthClientDetails clientDetails = new OauthClientDetails(); + clientDetails.clientId(clientId) + .clientSecret(PasswordHandler.encode(clientSecret)) + .authorizedGrantTypes(grantTypes()) + .scope("read") + .accessTokenValidity(200) + .resourceIds(RESOURCE_ID); + + + oauthRepository.saveOauthClientDetails(clientDetails); + return clientDetails; + } + + String grantTypes() { + return "authorization_code,password,implicit,client_credentials,refresh_token"; + } + +} diff --git a/src/test/java/com/monkeyk/sos/service/business/ClientCredentialsInlineAccessTokenInvokerTest.java b/src/test/java/com/monkeyk/sos/service/business/ClientCredentialsInlineAccessTokenInvokerTest.java new file mode 100644 index 0000000..7d1e13d --- /dev/null +++ b/src/test/java/com/monkeyk/sos/service/business/ClientCredentialsInlineAccessTokenInvokerTest.java @@ -0,0 +1,86 @@ +package com.monkeyk.sos.service.business; + +import com.monkeyk.sos.service.dto.AccessTokenDto; +import org.junit.Test; +import org.springframework.security.oauth2.provider.NoSuchClientException; + +import java.util.HashMap; +import java.util.Map; + +import static org.junit.Assert.assertNotNull; + +/** + * 2019/7/6 + * + * @author Shengzhao Li + */ +public class ClientCredentialsInlineAccessTokenInvokerTest extends AbstractInlineAccessTokenInvokerTest { + + + @Test + public void invokeNormal() { + + createClientDetails(); + + Map params = new HashMap<>(); + params.put("client_id", clientId); + params.put("client_secret", clientSecret); + params.put("grant_type", "client_credentials"); + params.put("scope", "read"); + + + ClientCredentialsInlineAccessTokenInvoker accessTokenInvoker = new ClientCredentialsInlineAccessTokenInvoker(); + final AccessTokenDto accessTokenDto = accessTokenInvoker.invoke(params); + + assertNotNull(accessTokenDto); + assertNotNull(accessTokenDto.getAccessToken()); + +// System.out.println(accessTokenDto); + + } + + @Test(expected = NoSuchClientException.class) + public void invalidClientId() { + + createClientDetails(); + + Map params = new HashMap<>(); + params.put("client_id", clientId + "ssoso"); + params.put("client_secret", clientSecret); + params.put("grant_type", "client_credentials"); + params.put("scope", "read"); + + + ClientCredentialsInlineAccessTokenInvoker accessTokenInvoker = new ClientCredentialsInlineAccessTokenInvoker(); + final AccessTokenDto accessTokenDto = accessTokenInvoker.invoke(params); + + assertNotNull(accessTokenDto); + assertNotNull(accessTokenDto.getAccessToken()); + +// System.out.println(accessTokenDto); + + } + + @Test() + public void invalidClientSecret() { + + createClientDetails(); + + Map params = new HashMap<>(); + params.put("client_id", clientId); + params.put("client_secret", clientSecret + "sooe"); + params.put("grant_type", "client_credentials"); + params.put("scope", "read"); + + + ClientCredentialsInlineAccessTokenInvoker accessTokenInvoker = new ClientCredentialsInlineAccessTokenInvoker(); + final AccessTokenDto accessTokenDto = accessTokenInvoker.invoke(params); + + assertNotNull(accessTokenDto); + assertNotNull(accessTokenDto.getAccessToken()); + +// System.out.println(accessTokenDto); + + } + +} \ No newline at end of file diff --git a/src/test/java/com/monkeyk/sos/service/business/PasswordInlineAccessTokenInvokerTest.java b/src/test/java/com/monkeyk/sos/service/business/PasswordInlineAccessTokenInvokerTest.java new file mode 100644 index 0000000..c49944e --- /dev/null +++ b/src/test/java/com/monkeyk/sos/service/business/PasswordInlineAccessTokenInvokerTest.java @@ -0,0 +1,98 @@ +package com.monkeyk.sos.service.business; + +import com.monkeyk.sos.service.dto.AccessTokenDto; +import org.junit.Test; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; + +import java.util.HashMap; +import java.util.Map; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +/** + * 2019/7/6 + * + * @author Shengzhao Li + */ +public class PasswordInlineAccessTokenInvokerTest extends AbstractInlineAccessTokenInvokerTest { + + + @Test + public void invokeNormal() { + + createClientDetails(); + + createUser(); + + Map params = new HashMap<>(); + params.put("client_id", clientId); + params.put("client_secret", clientSecret); + params.put("grant_type", "password"); + params.put("scope", "read"); + params.put("username", username); + params.put("password", password); + + + PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker(); + final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params); + + assertNotNull(tokenDto); + assertNotNull(tokenDto.getAccessToken()); + assertNotNull(tokenDto.getRefreshToken()); + +// System.out.println(accessTokenDto); + + } + + + @Test(expected = InvalidGrantException.class) + public void invalidUsername() { + + createClientDetails(); + + Map params = new HashMap<>(); + params.put("client_id", clientId); + params.put("client_secret", clientSecret); + params.put("grant_type", "password"); + params.put("scope", "read"); + + params.put("username", "useraaa"); + params.put("password", "password"); + + PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker(); + final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params); + + assertNull(tokenDto); + +// System.out.println(accessTokenDto); + + } + + + @Test(expected = IllegalStateException.class) + public void invalidScope() { + + createClientDetails(); + createUser(); + + Map params = new HashMap<>(); + params.put("client_id", clientId); + params.put("client_secret", clientSecret); + params.put("grant_type", "password"); +// params.put("scope", "read"); + + params.put("username", username); + params.put("password", password); + + PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker(); + final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params); + + assertNull(tokenDto); + +// System.out.println(accessTokenDto); + + } + + +} \ No newline at end of file diff --git a/src/test/java/com/monkeyk/sos/service/business/RefreshTokenInlineAccessTokenInvokerTest.java b/src/test/java/com/monkeyk/sos/service/business/RefreshTokenInlineAccessTokenInvokerTest.java new file mode 100644 index 0000000..cd04c81 --- /dev/null +++ b/src/test/java/com/monkeyk/sos/service/business/RefreshTokenInlineAccessTokenInvokerTest.java @@ -0,0 +1,110 @@ +package com.monkeyk.sos.service.business; + +import com.monkeyk.sos.service.dto.AccessTokenDto; +import org.junit.Test; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; + +import java.util.HashMap; +import java.util.Map; + +import static org.junit.Assert.*; + +/** + * 2019/7/6 + * + * @author Shengzhao Li + */ +public class RefreshTokenInlineAccessTokenInvokerTest extends AbstractInlineAccessTokenInvokerTest { + + + @Test + public void invokeNormal() { + + createClientDetails(); + + createUser(); + + Map params = new HashMap<>(); + params.put("client_id", clientId); + params.put("client_secret", clientSecret); + params.put("grant_type", "password"); + params.put("scope", "read"); + params.put("username", username); + params.put("password", password); + + + PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker(); + final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params); + + assertNotNull(tokenDto); + assertNotNull(tokenDto.getRefreshToken()); + assertNotNull(tokenDto.getAccessToken()); + + + Map params2 = new HashMap<>(); + params2.put("client_id", clientId); + params2.put("client_secret", clientSecret); + params2.put("grant_type", "refresh_token"); + params2.put("scope", "read"); + params2.put("refresh_token", tokenDto.getRefreshToken()); + + + RefreshTokenInlineAccessTokenInvoker refreshTokenInlineAccessTokenInvoker = new RefreshTokenInlineAccessTokenInvoker(); + final AccessTokenDto accessTokenDto = refreshTokenInlineAccessTokenInvoker.invoke(params2); + + + assertNotNull(accessTokenDto); + assertNotNull(accessTokenDto.getAccessToken()); + + assertNotEquals(accessTokenDto.getAccessToken(), tokenDto.getAccessToken()); + assertEquals(accessTokenDto.getRefreshToken(), tokenDto.getRefreshToken()); + + } + + + @Test(expected = InvalidGrantException.class) + public void invalidRefreshToken() { + + createClientDetails(); + + createUser(); + + Map params = new HashMap<>(); + params.put("client_id", clientId); + params.put("client_secret", clientSecret); + params.put("grant_type", "password"); + params.put("scope", "read"); + params.put("username", username); + params.put("password", password); + + + PasswordInlineAccessTokenInvoker accessTokenInvoker = new PasswordInlineAccessTokenInvoker(); + final AccessTokenDto tokenDto = accessTokenInvoker.invoke(params); + + assertNotNull(tokenDto); + assertNotNull(tokenDto.getRefreshToken()); + assertNotNull(tokenDto.getAccessToken()); + + + Map params2 = new HashMap<>(); + params2.put("client_id", clientId); + params2.put("client_secret", clientSecret); + params2.put("grant_type", "refresh_token"); + params2.put("scope", "read"); + params2.put("refresh_token", tokenDto.getRefreshToken() + "sss"); + + + RefreshTokenInlineAccessTokenInvoker refreshTokenInlineAccessTokenInvoker = new RefreshTokenInlineAccessTokenInvoker(); + final AccessTokenDto accessTokenDto = refreshTokenInlineAccessTokenInvoker.invoke(params2); + + + assertNotNull(accessTokenDto); + assertNotNull(accessTokenDto.getAccessToken()); + + assertNotEquals(accessTokenDto.getAccessToken(), tokenDto.getAccessToken()); + assertEquals(accessTokenDto.getRefreshToken(), tokenDto.getRefreshToken()); + + } + + +} \ No newline at end of file