formatting cleanup
Justin Richer
parent
e2349984b8
commit
685960358c
|
|
@ -32,21 +32,21 @@ import com.google.gson.JsonObject;
|
||||||
|
|
||||||
public class OAuth2AccessTokenImpl implements OAuth2AccessToken {
|
public class OAuth2AccessTokenImpl implements OAuth2AccessToken {
|
||||||
|
|
||||||
private JsonObject token;
|
private JsonObject introspectionResponse;
|
||||||
private String tokenString;
|
private String tokenString;
|
||||||
private Set<String> scopes = new HashSet<String>();
|
private Set<String> scopes = new HashSet<String>();
|
||||||
private Date expireDate;
|
private Date expireDate;
|
||||||
|
|
||||||
|
|
||||||
public OAuth2AccessTokenImpl(JsonObject token, String tokenString) {
|
public OAuth2AccessTokenImpl(JsonObject introspectionResponse, String tokenString) {
|
||||||
this.token = token;
|
this.setIntrospectionResponse(introspectionResponse);
|
||||||
this.tokenString = tokenString;
|
this.tokenString = tokenString;
|
||||||
if (token.get("scope") != null) {
|
if (introspectionResponse.get("scope") != null) {
|
||||||
scopes = Sets.newHashSet(Splitter.on(" ").split(token.get("scope").getAsString()));
|
scopes = Sets.newHashSet(Splitter.on(" ").split(introspectionResponse.get("scope").getAsString()));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (token.get("exp") != null) {
|
if (introspectionResponse.get("exp") != null) {
|
||||||
expireDate = new Date(token.get("exp").getAsLong() * 1000L);
|
expireDate = new Date(introspectionResponse.get("exp").getAsLong() * 1000L);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -97,4 +97,20 @@ public class OAuth2AccessTokenImpl implements OAuth2AccessToken {
|
||||||
return tokenString;
|
return tokenString;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the token
|
||||||
|
*/
|
||||||
|
public JsonObject getIntrospectionResponse() {
|
||||||
|
return introspectionResponse;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param token the token to set
|
||||||
|
*/
|
||||||
|
public void setIntrospectionResponse(JsonObject token) {
|
||||||
|
this.introspectionResponse = token;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -490,7 +490,7 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
|
||||||
throw new AuthenticationServiceException("Unsigned ID tokens can only be used if explicitly configured in client.");
|
throw new AuthenticationServiceException("Unsigned ID tokens can only be used if explicitly configured in client.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (tokenAlg != null && !tokenAlg.equals(JWSAlgorithm.NONE)) {
|
if (tokenAlg != null && !tokenAlg.equals(Algorithm.NONE)) {
|
||||||
throw new AuthenticationServiceException("Unsigned token received, expected signature with " + tokenAlg);
|
throw new AuthenticationServiceException("Unsigned token received, expected signature with " + tokenAlg);
|
||||||
}
|
}
|
||||||
} else if (idToken instanceof SignedJWT) {
|
} else if (idToken instanceof SignedJWT) {
|
||||||
|
|
|
||||||
|
|
@ -16,12 +16,12 @@
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
package org.mitre.oauth2.service;
|
package org.mitre.oauth2.service;
|
||||||
|
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
||||||
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
|
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
|
||||||
import org.mitre.openid.connect.model.UserInfo;
|
import org.mitre.openid.connect.model.UserInfo;
|
||||||
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Strategy interface for assembling a token introspection result.
|
* Strategy interface for assembling a token introspection result.
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,10 @@ import com.google.gson.JsonObject;
|
||||||
})
|
})
|
||||||
public class DefaultUserInfo implements UserInfo {
|
public class DefaultUserInfo implements UserInfo {
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
private static final long serialVersionUID = 6078310513185681918L;
|
||||||
private Long id;
|
private Long id;
|
||||||
private String sub;
|
private String sub;
|
||||||
private String preferredUsername;
|
private String preferredUsername;
|
||||||
|
|
|
||||||
|
|
@ -126,7 +126,7 @@ public class TestJWKSetKeyStore {
|
||||||
|
|
||||||
boolean thrown = false;
|
boolean thrown = false;
|
||||||
try {
|
try {
|
||||||
JWKSetKeyStore ks_null = new JWKSetKeyStore(null);
|
new JWKSetKeyStore(null);
|
||||||
} catch (IllegalArgumentException e) {
|
} catch (IllegalArgumentException e) {
|
||||||
thrown = true;
|
thrown = true;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,8 @@ public class TestDefaultJwtEncryptionAndDecryptionService {
|
||||||
"XFBoMYUZodetZdvTiFvSkQ";
|
"XFBoMYUZodetZdvTiFvSkQ";
|
||||||
|
|
||||||
private String RSAkid = "rsa321";
|
private String RSAkid = "rsa321";
|
||||||
private JWK RSAjwk = new RSAKey(new Base64URL("oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUW" +
|
private JWK RSAjwk = new RSAKey(
|
||||||
|
new Base64URL("oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUW" +
|
||||||
"cJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3S" +
|
"cJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3S" +
|
||||||
"psk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2a" +
|
"psk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2a" +
|
||||||
"sbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMS" +
|
"sbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMS" +
|
||||||
|
|
|
||||||
|
|
@ -263,7 +263,7 @@ public class DiscoveryEndpoint {
|
||||||
Collection<JWSAlgorithm> serverSigningAlgs = signService.getAllSigningAlgsSupported();
|
Collection<JWSAlgorithm> serverSigningAlgs = signService.getAllSigningAlgsSupported();
|
||||||
Collection<JWSAlgorithm> clientSymmetricSigningAlgs = Lists.newArrayList(JWSAlgorithm.HS256, JWSAlgorithm.HS384, JWSAlgorithm.HS512);
|
Collection<JWSAlgorithm> clientSymmetricSigningAlgs = Lists.newArrayList(JWSAlgorithm.HS256, JWSAlgorithm.HS384, JWSAlgorithm.HS512);
|
||||||
Collection<JWSAlgorithm> clientSymmetricAndAsymmetricSigningAlgs = Lists.newArrayList(JWSAlgorithm.HS256, JWSAlgorithm.HS384, JWSAlgorithm.HS512, JWSAlgorithm.RS256, JWSAlgorithm.RS384, JWSAlgorithm.RS512);
|
Collection<JWSAlgorithm> clientSymmetricAndAsymmetricSigningAlgs = Lists.newArrayList(JWSAlgorithm.HS256, JWSAlgorithm.HS384, JWSAlgorithm.HS512, JWSAlgorithm.RS256, JWSAlgorithm.RS384, JWSAlgorithm.RS512);
|
||||||
Collection<Algorithm> clientSymmetricAndAsymmetricSigningAlgsWithNone = Lists.newArrayList(JWSAlgorithm.HS256, JWSAlgorithm.HS384, JWSAlgorithm.HS512, JWSAlgorithm.RS256, JWSAlgorithm.RS384, JWSAlgorithm.RS512, JWSAlgorithm.NONE);
|
Collection<Algorithm> clientSymmetricAndAsymmetricSigningAlgsWithNone = Lists.newArrayList(JWSAlgorithm.HS256, JWSAlgorithm.HS384, JWSAlgorithm.HS512, JWSAlgorithm.RS256, JWSAlgorithm.RS384, JWSAlgorithm.RS512, Algorithm.NONE);
|
||||||
|
|
||||||
Map<String, Object> m = new HashMap<String, Object>();
|
Map<String, Object> m = new HashMap<String, Object>();
|
||||||
m.put("issuer", config.getIssuer());
|
m.put("issuer", config.getIssuer());
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,6 @@ import com.google.common.base.Strings;
|
||||||
import com.google.common.cache.CacheBuilder;
|
import com.google.common.cache.CacheBuilder;
|
||||||
import com.google.common.cache.CacheLoader;
|
import com.google.common.cache.CacheLoader;
|
||||||
import com.google.common.cache.LoadingCache;
|
import com.google.common.cache.LoadingCache;
|
||||||
import com.google.common.util.concurrent.UncheckedExecutionException;
|
|
||||||
import com.google.gson.JsonElement;
|
import com.google.gson.JsonElement;
|
||||||
import com.google.gson.JsonParser;
|
import com.google.gson.JsonParser;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -16,8 +16,10 @@
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
package org.mitre.oauth2.web;
|
package org.mitre.oauth2.web;
|
||||||
|
|
||||||
import com.google.common.base.Strings;
|
import java.security.Principal;
|
||||||
import com.google.common.collect.ImmutableMap;
|
import java.util.Map;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||||
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
||||||
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
|
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
|
||||||
|
|
@ -40,9 +42,8 @@ import org.springframework.ui.Model;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestParam;
|
import org.springframework.web.bind.annotation.RequestParam;
|
||||||
|
|
||||||
import java.security.Principal;
|
import com.google.common.base.Strings;
|
||||||
import java.util.Map;
|
import com.google.common.collect.ImmutableMap;
|
||||||
import java.util.Set;
|
|
||||||
|
|
||||||
@Controller
|
@Controller
|
||||||
public class IntrospectionEndpoint {
|
public class IntrospectionEndpoint {
|
||||||
|
|
|
||||||
|
|
@ -19,8 +19,6 @@ package org.mitre.openid.connect.repository.impl;
|
||||||
import static org.mitre.util.jpa.JpaUtil.getSingleResult;
|
import static org.mitre.util.jpa.JpaUtil.getSingleResult;
|
||||||
import static org.mitre.util.jpa.JpaUtil.saveOrUpdate;
|
import static org.mitre.util.jpa.JpaUtil.saveOrUpdate;
|
||||||
|
|
||||||
import java.util.Collection;
|
|
||||||
|
|
||||||
import javax.persistence.EntityManager;
|
import javax.persistence.EntityManager;
|
||||||
import javax.persistence.PersistenceContext;
|
import javax.persistence.PersistenceContext;
|
||||||
import javax.persistence.TypedQuery;
|
import javax.persistence.TypedQuery;
|
||||||
|
|
|
||||||
|
|
@ -159,7 +159,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
|
||||||
|
|
||||||
JWT idToken;
|
JWT idToken;
|
||||||
|
|
||||||
if (signingAlg.equals(JWSAlgorithm.NONE)) {
|
if (signingAlg.equals(Algorithm.NONE)) {
|
||||||
// unsigned ID token
|
// unsigned ID token
|
||||||
idToken = new PlainJWT(idClaims);
|
idToken = new PlainJWT(idClaims);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -16,10 +16,6 @@
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
package org.mitre.openid.connect.service.impl;
|
package org.mitre.openid.connect.service.impl;
|
||||||
|
|
||||||
import com.google.common.collect.Sets;
|
|
||||||
import com.google.gson.stream.JsonReader;
|
|
||||||
import com.google.gson.stream.JsonToken;
|
|
||||||
import com.google.gson.stream.JsonWriter;
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.text.ParseException;
|
import java.text.ParseException;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
|
|
@ -29,6 +25,7 @@ import java.util.HashSet;
|
||||||
import java.util.LinkedHashSet;
|
import java.util.LinkedHashSet;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
import org.mitre.jose.JWEAlgorithmEmbed;
|
import org.mitre.jose.JWEAlgorithmEmbed;
|
||||||
import org.mitre.jose.JWEEncryptionMethodEmbed;
|
import org.mitre.jose.JWEEncryptionMethodEmbed;
|
||||||
import org.mitre.jose.JWSAlgorithmEmbed;
|
import org.mitre.jose.JWSAlgorithmEmbed;
|
||||||
|
|
@ -60,6 +57,11 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Request;
|
import org.springframework.security.oauth2.provider.OAuth2Request;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
import com.google.common.collect.Sets;
|
||||||
|
import com.google.gson.stream.JsonReader;
|
||||||
|
import com.google.gson.stream.JsonToken;
|
||||||
|
import com.google.gson.stream.JsonWriter;
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Data service to import MITREid 1.0 configuration.
|
* Data service to import MITREid 1.0 configuration.
|
||||||
|
|
|
||||||
|
|
@ -16,9 +16,6 @@
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
package org.mitre.openid.connect.service.impl;
|
package org.mitre.openid.connect.service.impl;
|
||||||
|
|
||||||
import com.google.common.io.BaseEncoding;
|
|
||||||
import com.google.gson.stream.JsonReader;
|
|
||||||
import com.google.gson.stream.JsonWriter;
|
|
||||||
import java.io.ByteArrayInputStream;
|
import java.io.ByteArrayInputStream;
|
||||||
import java.io.ByteArrayOutputStream;
|
import java.io.ByteArrayOutputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
|
@ -29,10 +26,15 @@ import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
import org.mitre.openid.connect.service.MITREidDataService;
|
import org.mitre.openid.connect.service.MITREidDataService;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
import com.google.common.io.BaseEncoding;
|
||||||
|
import com.google.gson.stream.JsonReader;
|
||||||
|
import com.google.gson.stream.JsonWriter;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @author arielak
|
* @author arielak
|
||||||
|
|
|
||||||
|
|
@ -20,6 +20,7 @@ import java.text.ParseException;
|
||||||
import java.text.SimpleDateFormat;
|
import java.text.SimpleDateFormat;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.TimeZone;
|
import java.util.TimeZone;
|
||||||
|
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -55,7 +55,6 @@ import org.springframework.web.bind.annotation.RequestMethod;
|
||||||
import org.springframework.web.util.UriUtils;
|
import org.springframework.web.util.UriUtils;
|
||||||
|
|
||||||
import com.google.common.base.Strings;
|
import com.google.common.base.Strings;
|
||||||
import com.google.common.collect.Sets;
|
|
||||||
import com.google.gson.JsonSyntaxException;
|
import com.google.gson.JsonSyntaxException;
|
||||||
|
|
||||||
@Controller
|
@Controller
|
||||||
|
|
|
||||||
|
|
@ -83,8 +83,7 @@ public class TestDefaultIntrospectionAuthorizer {
|
||||||
String tokenClient = "token";
|
String tokenClient = "token";
|
||||||
Set<String> authScope = scope("scope1", "scope2");
|
Set<String> authScope = scope("scope1", "scope2");
|
||||||
Set<String> tokenScope = scope("scope1", "scope2", "scope3");
|
Set<String> tokenScope = scope("scope1", "scope2", "scope3");
|
||||||
given(scopeService.scopesMatch(authScope, tokenScope))
|
given(scopeService.scopesMatch(authScope, tokenScope)).willReturn(false);
|
||||||
.willReturn(false);
|
|
||||||
|
|
||||||
// when
|
// when
|
||||||
boolean permitted = introspectionPermitter.isIntrospectionPermitted(
|
boolean permitted = introspectionPermitter.isIntrospectionPermitted(
|
||||||
|
|
@ -101,8 +100,7 @@ public class TestDefaultIntrospectionAuthorizer {
|
||||||
return client;
|
return client;
|
||||||
}
|
}
|
||||||
|
|
||||||
private ClientDetails clientWithIdAndScope(String clientId,
|
private ClientDetails clientWithIdAndScope(String clientId, Set<String> scope) {
|
||||||
Set<String> scope) {
|
|
||||||
ClientDetails client = clientWithId(clientId);
|
ClientDetails client = clientWithId(clientId);
|
||||||
given(client.getScope()).willReturn(scope);
|
given(client.getScope()).willReturn(scope);
|
||||||
return client;
|
return client;
|
||||||
|
|
|
||||||
|
|
@ -16,13 +16,13 @@
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
package org.mitre.oauth2.service.impl;
|
package org.mitre.oauth2.service.impl;
|
||||||
|
|
||||||
import com.google.common.collect.ImmutableMap;
|
import static com.google.common.collect.Sets.newHashSet;
|
||||||
import org.junit.Test;
|
import static org.hamcrest.CoreMatchers.equalTo;
|
||||||
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
import static org.hamcrest.CoreMatchers.is;
|
||||||
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
|
import static org.junit.Assert.assertThat;
|
||||||
import org.mitre.openid.connect.model.UserInfo;
|
import static org.mockito.BDDMockito.given;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import static org.mockito.Mockito.RETURNS_DEEP_STUBS;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Request;
|
import static org.mockito.Mockito.mock;
|
||||||
|
|
||||||
import java.text.ParseException;
|
import java.text.ParseException;
|
||||||
import java.text.SimpleDateFormat;
|
import java.text.SimpleDateFormat;
|
||||||
|
|
@ -32,13 +32,14 @@ import java.util.Set;
|
||||||
|
|
||||||
import javax.swing.text.DateFormatter;
|
import javax.swing.text.DateFormatter;
|
||||||
|
|
||||||
import static com.google.common.collect.Sets.newHashSet;
|
import org.junit.Test;
|
||||||
import static org.hamcrest.CoreMatchers.equalTo;
|
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
||||||
import static org.hamcrest.CoreMatchers.is;
|
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
|
||||||
import static org.junit.Assert.assertThat;
|
import org.mitre.openid.connect.model.UserInfo;
|
||||||
import static org.mockito.BDDMockito.given;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||||
import static org.mockito.Mockito.RETURNS_DEEP_STUBS;
|
import org.springframework.security.oauth2.provider.OAuth2Request;
|
||||||
import static org.mockito.Mockito.mock;
|
|
||||||
|
import com.google.common.collect.ImmutableMap;
|
||||||
|
|
||||||
public class TestDefaultIntrospectionResultAssembler {
|
public class TestDefaultIntrospectionResultAssembler {
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -83,7 +83,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService {
|
||||||
public void prepare() {
|
public void prepare() {
|
||||||
Mockito.reset(clientRepository, tokenRepository, approvedSiteService, whitelistedSiteService, blacklistedSiteService, scopeService, statsService);
|
Mockito.reset(clientRepository, tokenRepository, approvedSiteService, whitelistedSiteService, blacklistedSiteService, scopeService, statsService);
|
||||||
|
|
||||||
Mockito.when(clientRepository.saveClient(Mockito.any(ClientDetailsEntity.class))).thenAnswer(new Answer<ClientDetailsEntity>() {
|
Mockito.when(clientRepository.saveClient(Matchers.any(ClientDetailsEntity.class))).thenAnswer(new Answer<ClientDetailsEntity>() {
|
||||||
@Override
|
@Override
|
||||||
public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
|
public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
|
||||||
Object[] args = invocation.getArguments();
|
Object[] args = invocation.getArguments();
|
||||||
|
|
@ -91,7 +91,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Mockito.when(clientRepository.updateClient(Mockito.anyLong(), Mockito.any(ClientDetailsEntity.class))).thenAnswer(new Answer<ClientDetailsEntity>() {
|
Mockito.when(clientRepository.updateClient(Matchers.anyLong(), Matchers.any(ClientDetailsEntity.class))).thenAnswer(new Answer<ClientDetailsEntity>() {
|
||||||
@Override
|
@Override
|
||||||
public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
|
public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
|
||||||
Object[] args = invocation.getArguments();
|
Object[] args = invocation.getArguments();
|
||||||
|
|
@ -99,7 +99,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Mockito.when(scopeService.removeRestrictedScopes(Mockito.anySet())).thenAnswer(new Answer<Set<String>>() {
|
Mockito.when(scopeService.removeRestrictedScopes(Matchers.anySet())).thenAnswer(new Answer<Set<String>>() {
|
||||||
@Override
|
@Override
|
||||||
public Set<String> answer(InvocationOnMock invocation) throws Throwable {
|
public Set<String> answer(InvocationOnMock invocation) throws Throwable {
|
||||||
Object[] args = invocation.getArguments();
|
Object[] args = invocation.getArguments();
|
||||||
|
|
|
||||||
|
|
@ -222,7 +222,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
|
|
||||||
Mockito.verify(clientDetailsService).loadClientByClientId(Matchers.anyString());
|
Mockito.verify(clientDetailsService).loadClientByClientId(Matchers.anyString());
|
||||||
Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class));
|
Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class));
|
||||||
Mockito.verify(tokenEnhancer).enhance(Matchers.any(OAuth2AccessTokenEntity.class), Mockito.eq(authentication));
|
Mockito.verify(tokenEnhancer).enhance(Matchers.any(OAuth2AccessTokenEntity.class), Matchers.eq(authentication));
|
||||||
Mockito.verify(tokenRepository).saveAccessToken(Matchers.any(OAuth2AccessTokenEntity.class));
|
Mockito.verify(tokenRepository).saveAccessToken(Matchers.any(OAuth2AccessTokenEntity.class));
|
||||||
|
|
||||||
Mockito.verify(tokenRepository, Mockito.never()).saveRefreshToken(Matchers.any(OAuth2RefreshTokenEntity.class));
|
Mockito.verify(tokenRepository, Mockito.never()).saveRefreshToken(Matchers.any(OAuth2RefreshTokenEntity.class));
|
||||||
|
|
|
||||||
|
|
@ -16,14 +16,19 @@
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
package org.mitre.openid.connect.service.impl;
|
package org.mitre.openid.connect.service.impl;
|
||||||
|
|
||||||
import com.google.common.collect.ImmutableList;
|
import static org.hamcrest.CoreMatchers.equalTo;
|
||||||
import com.google.common.collect.ImmutableSet;
|
import static org.hamcrest.CoreMatchers.is;
|
||||||
import com.google.gson.JsonArray;
|
import static org.junit.Assert.assertThat;
|
||||||
import com.google.gson.JsonElement;
|
import static org.mockito.Matchers.anyLong;
|
||||||
import com.google.gson.JsonObject;
|
import static org.mockito.Matchers.anyString;
|
||||||
import com.google.gson.JsonParser;
|
import static org.mockito.Matchers.isA;
|
||||||
import com.google.gson.stream.JsonReader;
|
import static org.mockito.Matchers.isNull;
|
||||||
import com.google.gson.stream.JsonWriter;
|
import static org.mockito.Mockito.mock;
|
||||||
|
import static org.mockito.Mockito.times;
|
||||||
|
import static org.mockito.Mockito.verify;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
import static org.mockito.Mockito.withSettings;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.StringReader;
|
import java.io.StringReader;
|
||||||
import java.io.StringWriter;
|
import java.io.StringWriter;
|
||||||
|
|
@ -36,13 +41,7 @@ import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
|
||||||
import static org.hamcrest.CoreMatchers.*;
|
|
||||||
import static org.junit.Assert.assertNull;
|
|
||||||
import static org.junit.Assert.assertNotNull;
|
|
||||||
import static org.junit.Assert.assertThat;
|
|
||||||
import static org.junit.Assert.assertTrue;
|
|
||||||
import static org.junit.Assert.fail;
|
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.junit.runner.RunWith;
|
import org.junit.runner.RunWith;
|
||||||
|
|
@ -68,7 +67,6 @@ import org.mockito.Captor;
|
||||||
import org.mockito.InjectMocks;
|
import org.mockito.InjectMocks;
|
||||||
import org.mockito.Mock;
|
import org.mockito.Mock;
|
||||||
import org.mockito.Mockito;
|
import org.mockito.Mockito;
|
||||||
import static org.mockito.Mockito.*;
|
|
||||||
import org.mockito.invocation.InvocationOnMock;
|
import org.mockito.invocation.InvocationOnMock;
|
||||||
import org.mockito.runners.MockitoJUnitRunner;
|
import org.mockito.runners.MockitoJUnitRunner;
|
||||||
import org.mockito.stubbing.Answer;
|
import org.mockito.stubbing.Answer;
|
||||||
|
|
@ -77,6 +75,10 @@ import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Request;
|
import org.springframework.security.oauth2.provider.OAuth2Request;
|
||||||
|
|
||||||
|
import com.google.common.collect.ImmutableSet;
|
||||||
|
import com.google.gson.stream.JsonReader;
|
||||||
|
import com.google.gson.stream.JsonWriter;
|
||||||
|
|
||||||
@RunWith(MockitoJUnitRunner.class)
|
@RunWith(MockitoJUnitRunner.class)
|
||||||
public class TestMITREidDataService_1_1 {
|
public class TestMITREidDataService_1_1 {
|
||||||
|
|
||||||
|
|
@ -958,14 +960,6 @@ public class TestMITREidDataService_1_1 {
|
||||||
assertThat(savedRefreshTokens.get(1).getAuthenticationHolder().getId(), equalTo(357L));
|
assertThat(savedRefreshTokens.get(1).getAuthenticationHolder().getId(), equalTo(357L));
|
||||||
}
|
}
|
||||||
|
|
||||||
private Set<String> jsonArrayToStringSet(JsonArray a) {
|
|
||||||
Set<String> s = new HashSet<String>();
|
|
||||||
for (JsonElement jsonElement : a) {
|
|
||||||
s.add(jsonElement.getAsString());
|
|
||||||
}
|
|
||||||
return s;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test(expected = UnsupportedOperationException.class)
|
@Test(expected = UnsupportedOperationException.class)
|
||||||
public void testExportDisabled() throws IOException {
|
public void testExportDisabled() throws IOException {
|
||||||
JsonWriter writer = new JsonWriter(new StringWriter());
|
JsonWriter writer = new JsonWriter(new StringWriter());
|
||||||
|
|
|
||||||
|
|
@ -16,14 +16,23 @@
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
package org.mitre.openid.connect.service.impl;
|
package org.mitre.openid.connect.service.impl;
|
||||||
|
|
||||||
import com.google.common.collect.ImmutableList;
|
import static org.hamcrest.CoreMatchers.equalTo;
|
||||||
import com.google.common.collect.ImmutableSet;
|
import static org.hamcrest.CoreMatchers.is;
|
||||||
import com.google.gson.JsonArray;
|
import static org.junit.Assert.assertNotNull;
|
||||||
import com.google.gson.JsonElement;
|
import static org.junit.Assert.assertNull;
|
||||||
import com.google.gson.JsonObject;
|
import static org.junit.Assert.assertThat;
|
||||||
import com.google.gson.JsonParser;
|
import static org.junit.Assert.assertTrue;
|
||||||
import com.google.gson.stream.JsonReader;
|
import static org.junit.Assert.fail;
|
||||||
import com.google.gson.stream.JsonWriter;
|
import static org.mockito.Matchers.anyLong;
|
||||||
|
import static org.mockito.Matchers.anyString;
|
||||||
|
import static org.mockito.Matchers.isA;
|
||||||
|
import static org.mockito.Matchers.isNull;
|
||||||
|
import static org.mockito.Mockito.mock;
|
||||||
|
import static org.mockito.Mockito.times;
|
||||||
|
import static org.mockito.Mockito.verify;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
import static org.mockito.Mockito.withSettings;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.StringReader;
|
import java.io.StringReader;
|
||||||
import java.io.StringWriter;
|
import java.io.StringWriter;
|
||||||
|
|
@ -37,12 +46,7 @@ import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import static org.hamcrest.CoreMatchers.*;
|
|
||||||
import static org.junit.Assert.assertNull;
|
|
||||||
import static org.junit.Assert.assertNotNull;
|
|
||||||
import static org.junit.Assert.assertThat;
|
|
||||||
import static org.junit.Assert.assertTrue;
|
|
||||||
import static org.junit.Assert.fail;
|
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.junit.runner.RunWith;
|
import org.junit.runner.RunWith;
|
||||||
|
|
@ -68,7 +72,6 @@ import org.mockito.Captor;
|
||||||
import org.mockito.InjectMocks;
|
import org.mockito.InjectMocks;
|
||||||
import org.mockito.Mock;
|
import org.mockito.Mock;
|
||||||
import org.mockito.Mockito;
|
import org.mockito.Mockito;
|
||||||
import static org.mockito.Mockito.*;
|
|
||||||
import org.mockito.invocation.InvocationOnMock;
|
import org.mockito.invocation.InvocationOnMock;
|
||||||
import org.mockito.runners.MockitoJUnitRunner;
|
import org.mockito.runners.MockitoJUnitRunner;
|
||||||
import org.mockito.stubbing.Answer;
|
import org.mockito.stubbing.Answer;
|
||||||
|
|
@ -77,6 +80,15 @@ import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Request;
|
import org.springframework.security.oauth2.provider.OAuth2Request;
|
||||||
|
|
||||||
|
import com.google.common.collect.ImmutableList;
|
||||||
|
import com.google.common.collect.ImmutableSet;
|
||||||
|
import com.google.gson.JsonArray;
|
||||||
|
import com.google.gson.JsonElement;
|
||||||
|
import com.google.gson.JsonObject;
|
||||||
|
import com.google.gson.JsonParser;
|
||||||
|
import com.google.gson.stream.JsonReader;
|
||||||
|
import com.google.gson.stream.JsonWriter;
|
||||||
|
|
||||||
@RunWith(MockitoJUnitRunner.class)
|
@RunWith(MockitoJUnitRunner.class)
|
||||||
public class TestMITREidDataService_1_2 {
|
public class TestMITREidDataService_1_2 {
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -85,12 +85,7 @@ public class TestIdTokenHashUtils {
|
||||||
@Test
|
@Test
|
||||||
public void getAccessTokenHash256() {
|
public void getAccessTokenHash256() {
|
||||||
|
|
||||||
/*
|
mockToken256.getJwt().serialize();
|
||||||
* independently generate hash
|
|
||||||
ascii of token = eyJhbGciOiJub25lIn0.eyJhbGciOiJIUzI1NiIsInN1YiI6ImV4YW1wbGVfdXNlciIsImlzcyI6Ind3dy5leGFtcGxlLmNvbSIsInR5cCI6IkpXVCJ9.
|
|
||||||
base64url of hash = EP1gXNeESRH-n57baopfTQ
|
|
||||||
*/
|
|
||||||
String token = mockToken256.getJwt().serialize();
|
|
||||||
Base64URL expectedHash = new Base64URL("EP1gXNeESRH-n57baopfTQ");
|
Base64URL expectedHash = new Base64URL("EP1gXNeESRH-n57baopfTQ");
|
||||||
|
|
||||||
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.HS256, mockToken256);
|
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.HS256, mockToken256);
|
||||||
|
|
@ -107,7 +102,7 @@ public class TestIdTokenHashUtils {
|
||||||
base64url of hash = BWfFK73PQI36M1rg9R6VjMyWOE0-XvBK
|
base64url of hash = BWfFK73PQI36M1rg9R6VjMyWOE0-XvBK
|
||||||
*/
|
*/
|
||||||
|
|
||||||
String token = mockToken384.getJwt().serialize();
|
mockToken384.getJwt().serialize();
|
||||||
Base64URL expectedHash = new Base64URL("BWfFK73PQI36M1rg9R6VjMyWOE0-XvBK");
|
Base64URL expectedHash = new Base64URL("BWfFK73PQI36M1rg9R6VjMyWOE0-XvBK");
|
||||||
|
|
||||||
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.ES384, mockToken384);
|
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.ES384, mockToken384);
|
||||||
|
|
@ -124,7 +119,7 @@ public class TestIdTokenHashUtils {
|
||||||
base64url of hash = vGH3QMY-knpACkLgzdkTqu3C9jtvbf2Wk_RSu2vAx8k
|
base64url of hash = vGH3QMY-knpACkLgzdkTqu3C9jtvbf2Wk_RSu2vAx8k
|
||||||
*/
|
*/
|
||||||
|
|
||||||
String token = mockToken512.getJwt().serialize();
|
mockToken512.getJwt().serialize();
|
||||||
Base64URL expectedHash = new Base64URL("vGH3QMY-knpACkLgzdkTqu3C9jtvbf2Wk_RSu2vAx8k");
|
Base64URL expectedHash = new Base64URL("vGH3QMY-knpACkLgzdkTqu3C9jtvbf2Wk_RSu2vAx8k");
|
||||||
|
|
||||||
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.RS512, mockToken512);
|
Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.RS512, mockToken512);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue