augmented introspection unit tests with one for new permissions mode

2015-03-18 08:45:05 -04:00 · 2015-03-18 08:45:05 -04:00 · 6daeeefb33
parent 9f913244a0
commit 6daeeefb33
1 changed files with 51 additions and 0 deletions
--- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionResultAssembler.java
+++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionResultAssembler.java
@ -34,6 +34,7 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.OAuth2Request;

 import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;

 import static com.google.common.collect.Sets.newHashSet;

@ -82,6 +83,45 @@ public class TestDefaultIntrospectionResultAssembler {
 		assertThat(result, is(equalTo(expected)));
 	}

+	@Test
+	public void shouldAssembleExpectedResultForAccessToken_withPermissions() throws ParseException {
+
+		// given
+		OAuth2AccessTokenEntity accessToken = accessToken(new Date(123 * 1000L), scopes("foo", "bar"), 
+				permissions(permission(1L, "foo", "bar")),
+				"Bearer", authentication("name", request("clientId")));
+
+		UserInfo userInfo = userInfo("sub");
+		
+		Set<String> authScopes = scopes("foo", "bar", "baz");
+
+		// when
+		Map<String, Object> result = assembler.assembleFrom(accessToken, userInfo, authScopes);
+
+
+		// then
+		Map<String, Object> expected = new ImmutableMap.Builder<String, Object>()
+				.put("sub", "sub")
+				.put("exp", 123L)
+				.put("expires_at", dateFormat.valueToString(new Date(123 * 1000L)))
+				.put("permissions", new ImmutableSet.Builder<Object>()
+						.add(new ImmutableMap.Builder<String, Object>()
+								.put("resource_set_id", "1") // note that the resource ID comes out as a string
+								.put("scopes", new ImmutableSet.Builder<>()
+										.add("bar")
+										.add("foo")
+										.build())
+								.build())
+						.build())
+				// note that scopes are not included if permissions are included
+				.put("active", Boolean.TRUE)
+				.put("user_id", "name")
+				.put("client_id", "clientId")
+				.put("token_type", "Bearer")
+				.build();
+		assertThat(result, is(equalTo(expected)));
+	}
+
 	@Test
 	public void shouldAssembleExpectedResultForAccessTokenWithoutUserInfo() throws ParseException {

@ -257,4 +297,15 @@ public class TestDefaultIntrospectionResultAssembler {
 	private Set<String> scopes(String... scopes) {
 		return newHashSet(scopes);
 	}
+	
+	private Set<Permission> permissions(Permission... permissions) {
+		return newHashSet(permissions);
+	}
+	
+	private Permission permission(Long resourceSetId, String... scopes) {
+		Permission permission = mock(Permission.class, RETURNS_DEEP_STUBS);
+		given(permission.getResourceSet().getId()).willReturn(resourceSetId);
+		given(permission.getScopes()).willReturn(scopes(scopes));
+		return permission;
+	}
 }