Clean up code in modified classes, remove line breaks, add static imports
Sauli Ketola
parent
51b580aa18
commit
a070f61edf
|
|
@ -170,7 +170,6 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
|
||||||
throw new InvalidClientException("Client not found: " + request.getClientId());
|
throw new InvalidClientException("Client not found: " + request.getClientId());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// handle the PKCE code challenge if present
|
// handle the PKCE code challenge if present
|
||||||
if (request.getExtensions().containsKey(CODE_CHALLENGE)) {
|
if (request.getExtensions().containsKey(CODE_CHALLENGE)) {
|
||||||
String challenge = (String) request.getExtensions().get(CODE_CHALLENGE);
|
String challenge = (String) request.getExtensions().get(CODE_CHALLENGE);
|
||||||
|
|
@ -198,7 +197,6 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken();
|
OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken();
|
||||||
|
|
||||||
// attach the client
|
// attach the client
|
||||||
|
|
@ -284,8 +282,6 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
|
||||||
refreshToken.setAuthenticationHolder(authHolder);
|
refreshToken.setAuthenticationHolder(authHolder);
|
||||||
refreshToken.setClient(client);
|
refreshToken.setClient(client);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?)
|
// save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?)
|
||||||
OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken);
|
OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken);
|
||||||
return savedRefreshToken;
|
return savedRefreshToken;
|
||||||
|
|
@ -388,12 +384,10 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
|
||||||
tokenRepository.saveAccessToken(token);
|
tokenRepository.saveAccessToken(token);
|
||||||
|
|
||||||
return token;
|
return token;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public OAuth2Authentication loadAuthentication(String accessTokenValue) throws AuthenticationException {
|
public OAuth2Authentication loadAuthentication(String accessTokenValue) throws AuthenticationException {
|
||||||
|
|
||||||
OAuth2AccessTokenEntity accessToken = clearExpiredAccessToken(tokenRepository.getAccessTokenByValue(accessTokenValue));
|
OAuth2AccessTokenEntity accessToken = clearExpiredAccessToken(tokenRepository.getAccessTokenByValue(accessTokenValue));
|
||||||
|
|
||||||
if (accessToken == null) {
|
if (accessToken == null) {
|
||||||
|
|
@ -459,18 +453,11 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
|
||||||
tokenRepository.removeAccessToken(accessToken);
|
tokenRepository.removeAccessToken(accessToken);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* (non-Javadoc)
|
|
||||||
* @see org.mitre.oauth2.service.OAuth2TokenEntityService#getAccessTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
|
|
||||||
*/
|
|
||||||
@Override
|
@Override
|
||||||
public List<OAuth2AccessTokenEntity> getAccessTokensForClient(ClientDetailsEntity client) {
|
public List<OAuth2AccessTokenEntity> getAccessTokensForClient(ClientDetailsEntity client) {
|
||||||
return tokenRepository.getAccessTokensForClient(client);
|
return tokenRepository.getAccessTokensForClient(client);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* (non-Javadoc)
|
|
||||||
* @see org.mitre.oauth2.service.OAuth2TokenEntityService#getRefreshTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
|
|
||||||
*/
|
|
||||||
@Override
|
@Override
|
||||||
public List<OAuth2RefreshTokenEntity> getRefreshTokensForClient(ClientDetailsEntity client) {
|
public List<OAuth2RefreshTokenEntity> getRefreshTokensForClient(ClientDetailsEntity client) {
|
||||||
return tokenRepository.getRefreshTokensForClient(client);
|
return tokenRepository.getRefreshTokensForClient(client);
|
||||||
|
|
@ -573,7 +560,4 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,6 @@ import org.mitre.oauth2.repository.AuthenticationHolderRepository;
|
||||||
import org.mitre.oauth2.repository.OAuth2TokenRepository;
|
import org.mitre.oauth2.repository.OAuth2TokenRepository;
|
||||||
import org.mitre.oauth2.service.ClientDetailsEntityService;
|
import org.mitre.oauth2.service.ClientDetailsEntityService;
|
||||||
import org.mitre.oauth2.service.SystemScopeService;
|
import org.mitre.oauth2.service.SystemScopeService;
|
||||||
import org.mockito.AdditionalAnswers;
|
|
||||||
import org.mockito.InjectMocks;
|
import org.mockito.InjectMocks;
|
||||||
import org.mockito.Matchers;
|
import org.mockito.Matchers;
|
||||||
import org.mockito.Mock;
|
import org.mockito.Mock;
|
||||||
|
|
@ -50,16 +49,21 @@ import org.springframework.security.oauth2.provider.OAuth2Request;
|
||||||
import org.springframework.security.oauth2.provider.TokenRequest;
|
import org.springframework.security.oauth2.provider.TokenRequest;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
|
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
|
||||||
|
|
||||||
import com.google.common.collect.Sets;
|
|
||||||
|
|
||||||
import static com.google.common.collect.Sets.newHashSet;
|
import static com.google.common.collect.Sets.newHashSet;
|
||||||
import static org.hamcrest.CoreMatchers.equalTo;
|
import static org.hamcrest.CoreMatchers.equalTo;
|
||||||
import static org.hamcrest.CoreMatchers.is;
|
import static org.hamcrest.CoreMatchers.is;
|
||||||
import static org.hamcrest.CoreMatchers.not;
|
import static org.hamcrest.CoreMatchers.not;
|
||||||
import static org.hamcrest.CoreMatchers.notNullValue;
|
import static org.hamcrest.CoreMatchers.notNullValue;
|
||||||
import static org.hamcrest.CoreMatchers.nullValue;
|
import static org.hamcrest.CoreMatchers.nullValue;
|
||||||
|
import static org.mockito.AdditionalAnswers.returnsFirstArg;
|
||||||
|
import static org.mockito.Matchers.any;
|
||||||
|
import static org.mockito.Matchers.anySet;
|
||||||
|
import static org.mockito.Matchers.anyString;
|
||||||
|
import static org.mockito.Mockito.atLeastOnce;
|
||||||
|
import static org.mockito.Mockito.mock;
|
||||||
import static org.mockito.Mockito.never;
|
import static org.mockito.Mockito.never;
|
||||||
|
import static org.mockito.Mockito.reset;
|
||||||
|
import static org.mockito.Mockito.verify;
|
||||||
import static org.mockito.Mockito.when;
|
import static org.mockito.Mockito.when;
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.assertThat;
|
import static org.junit.Assert.assertThat;
|
||||||
|
|
@ -82,7 +86,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
private ClientDetailsEntity badClient;
|
private ClientDetailsEntity badClient;
|
||||||
private String clientId = "test_client";
|
private String clientId = "test_client";
|
||||||
private String badClientId = "bad_client";
|
private String badClientId = "bad_client";
|
||||||
private Set<String> scope = Sets.newHashSet("openid", "profile", "email", "offline_access");
|
private Set<String> scope = newHashSet("openid", "profile", "email", "offline_access");
|
||||||
private OAuth2RefreshTokenEntity refreshToken;
|
private OAuth2RefreshTokenEntity refreshToken;
|
||||||
private OAuth2AccessTokenEntity accessToken;
|
private OAuth2AccessTokenEntity accessToken;
|
||||||
private String refreshTokenValue = "refresh_token_value";
|
private String refreshTokenValue = "refresh_token_value";
|
||||||
|
|
@ -118,33 +122,31 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Before
|
@Before
|
||||||
public void prepare() {
|
public void prepare() {
|
||||||
Mockito.reset(tokenRepository, authenticationHolderRepository, clientDetailsService, tokenEnhancer);
|
reset(tokenRepository, authenticationHolderRepository, clientDetailsService, tokenEnhancer);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
authentication = Mockito.mock(OAuth2Authentication.class);
|
authentication = Mockito.mock(OAuth2Authentication.class);
|
||||||
OAuth2Request clientAuth = new OAuth2Request(null, clientId, null, true, scope, null, null, null, null);
|
OAuth2Request clientAuth = new OAuth2Request(null, clientId, null, true, scope, null, null, null, null);
|
||||||
Mockito.when(authentication.getOAuth2Request()).thenReturn(clientAuth);
|
when(authentication.getOAuth2Request()).thenReturn(clientAuth);
|
||||||
|
|
||||||
client = Mockito.mock(ClientDetailsEntity.class);
|
client = Mockito.mock(ClientDetailsEntity.class);
|
||||||
Mockito.when(client.getClientId()).thenReturn(clientId);
|
when(client.getClientId()).thenReturn(clientId);
|
||||||
Mockito.when(clientDetailsService.loadClientByClientId(clientId)).thenReturn(client);
|
when(clientDetailsService.loadClientByClientId(clientId)).thenReturn(client);
|
||||||
Mockito.when(client.isReuseRefreshToken()).thenReturn(true);
|
when(client.isReuseRefreshToken()).thenReturn(true);
|
||||||
|
|
||||||
// by default in tests, allow refresh tokens
|
// by default in tests, allow refresh tokens
|
||||||
Mockito.when(client.isAllowRefresh()).thenReturn(true);
|
when(client.isAllowRefresh()).thenReturn(true);
|
||||||
|
|
||||||
// by default, clear access tokens on refresh
|
// by default, clear access tokens on refresh
|
||||||
Mockito.when(client.isClearAccessTokensOnRefresh()).thenReturn(true);
|
when(client.isClearAccessTokensOnRefresh()).thenReturn(true);
|
||||||
|
|
||||||
badClient = Mockito.mock(ClientDetailsEntity.class);
|
badClient = Mockito.mock(ClientDetailsEntity.class);
|
||||||
Mockito.when(badClient.getClientId()).thenReturn(badClientId);
|
when(badClient.getClientId()).thenReturn(badClientId);
|
||||||
Mockito.when(clientDetailsService.loadClientByClientId(badClientId)).thenReturn(badClient);
|
when(clientDetailsService.loadClientByClientId(badClientId)).thenReturn(badClient);
|
||||||
|
|
||||||
refreshToken = Mockito.mock(OAuth2RefreshTokenEntity.class);
|
refreshToken = Mockito.mock(OAuth2RefreshTokenEntity.class);
|
||||||
Mockito.when(tokenRepository.getRefreshTokenByValue(refreshTokenValue)).thenReturn(refreshToken);
|
when(tokenRepository.getRefreshTokenByValue(refreshTokenValue)).thenReturn(refreshToken);
|
||||||
Mockito.when(refreshToken.getClient()).thenReturn(client);
|
when(refreshToken.getClient()).thenReturn(client);
|
||||||
Mockito.when(refreshToken.isExpired()).thenReturn(false);
|
when(refreshToken.isExpired()).thenReturn(false);
|
||||||
|
|
||||||
accessToken = Mockito.mock(OAuth2AccessTokenEntity.class);
|
accessToken = Mockito.mock(OAuth2AccessTokenEntity.class);
|
||||||
|
|
||||||
|
|
@ -152,16 +154,16 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
|
|
||||||
storedAuthentication = authentication;
|
storedAuthentication = authentication;
|
||||||
storedAuthRequest = clientAuth;
|
storedAuthRequest = clientAuth;
|
||||||
storedAuthHolder = Mockito.mock(AuthenticationHolderEntity.class);
|
storedAuthHolder = mock(AuthenticationHolderEntity.class);
|
||||||
storedScope = Sets.newHashSet(scope);
|
storedScope = newHashSet(scope);
|
||||||
|
|
||||||
Mockito.when(refreshToken.getAuthenticationHolder()).thenReturn(storedAuthHolder);
|
when(refreshToken.getAuthenticationHolder()).thenReturn(storedAuthHolder);
|
||||||
Mockito.when(storedAuthHolder.getAuthentication()).thenReturn(storedAuthentication);
|
when(storedAuthHolder.getAuthentication()).thenReturn(storedAuthentication);
|
||||||
Mockito.when(storedAuthentication.getOAuth2Request()).thenReturn(storedAuthRequest);
|
when(storedAuthentication.getOAuth2Request()).thenReturn(storedAuthRequest);
|
||||||
|
|
||||||
Mockito.when(authenticationHolderRepository.save(Matchers.any(AuthenticationHolderEntity.class))).thenReturn(storedAuthHolder);
|
when(authenticationHolderRepository.save(any(AuthenticationHolderEntity.class))).thenReturn(storedAuthHolder);
|
||||||
|
|
||||||
Mockito.when(scopeService.fromStrings(Matchers.anySet())).thenAnswer(new Answer<Set<SystemScope>>() {
|
when(scopeService.fromStrings(anySet())).thenAnswer(new Answer<Set<SystemScope>>() {
|
||||||
@Override
|
@Override
|
||||||
public Set<SystemScope> answer(InvocationOnMock invocation) throws Throwable {
|
public Set<SystemScope> answer(InvocationOnMock invocation) throws Throwable {
|
||||||
Object[] args = invocation.getArguments();
|
Object[] args = invocation.getArguments();
|
||||||
|
|
@ -174,7 +176,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Mockito.when(scopeService.toStrings(Matchers.anySet())).thenAnswer(new Answer<Set<String>>() {
|
when(scopeService.toStrings(anySet())).thenAnswer(new Answer<Set<String>>() {
|
||||||
@Override
|
@Override
|
||||||
public Set<String> answer(InvocationOnMock invocation) throws Throwable {
|
public Set<String> answer(InvocationOnMock invocation) throws Throwable {
|
||||||
Object[] args = invocation.getArguments();
|
Object[] args = invocation.getArguments();
|
||||||
|
|
@ -188,10 +190,10 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
});
|
});
|
||||||
|
|
||||||
// we're not testing restricted or reserved scopes here, just pass through
|
// we're not testing restricted or reserved scopes here, just pass through
|
||||||
Mockito.when(scopeService.removeReservedScopes(Matchers.anySet())).then(AdditionalAnswers.returnsFirstArg());
|
when(scopeService.removeReservedScopes(anySet())).then(returnsFirstArg());
|
||||||
Mockito.when(scopeService.removeRestrictedAndReservedScopes(Matchers.anySet())).then(AdditionalAnswers.returnsFirstArg());
|
when(scopeService.removeRestrictedAndReservedScopes(anySet())).then(returnsFirstArg());
|
||||||
|
|
||||||
Mockito.when(tokenEnhancer.enhance(Matchers.any(OAuth2AccessTokenEntity.class), Matchers.any(OAuth2Authentication.class)))
|
when(tokenEnhancer.enhance(any(OAuth2AccessTokenEntity.class), any(OAuth2Authentication.class)))
|
||||||
.thenAnswer(new Answer<OAuth2AccessTokenEntity>(){
|
.thenAnswer(new Answer<OAuth2AccessTokenEntity>(){
|
||||||
@Override
|
@Override
|
||||||
public OAuth2AccessTokenEntity answer(InvocationOnMock invocation) throws Throwable {
|
public OAuth2AccessTokenEntity answer(InvocationOnMock invocation) throws Throwable {
|
||||||
|
|
@ -200,7 +202,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Mockito.when(tokenRepository.saveAccessToken(Matchers.any(OAuth2AccessTokenEntity.class)))
|
when(tokenRepository.saveAccessToken(any(OAuth2AccessTokenEntity.class)))
|
||||||
.thenAnswer(new Answer<OAuth2AccessTokenEntity>() {
|
.thenAnswer(new Answer<OAuth2AccessTokenEntity>() {
|
||||||
@Override
|
@Override
|
||||||
public OAuth2AccessTokenEntity answer(InvocationOnMock invocation) throws Throwable {
|
public OAuth2AccessTokenEntity answer(InvocationOnMock invocation) throws Throwable {
|
||||||
|
|
@ -210,7 +212,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
Mockito.when(tokenRepository.saveRefreshToken(Matchers.any(OAuth2RefreshTokenEntity.class)))
|
when(tokenRepository.saveRefreshToken(any(OAuth2RefreshTokenEntity.class)))
|
||||||
.thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
|
.thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
|
||||||
@Override
|
@Override
|
||||||
public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
|
public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
|
||||||
|
|
@ -226,8 +228,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void createAccessToken_nullAuth() {
|
public void createAccessToken_nullAuth() {
|
||||||
|
when(authentication.getOAuth2Request()).thenReturn(null);
|
||||||
Mockito.when(authentication.getOAuth2Request()).thenReturn(null);
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
service.createAccessToken(null);
|
service.createAccessToken(null);
|
||||||
|
|
@ -249,8 +250,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Test(expected = InvalidClientException.class)
|
@Test(expected = InvalidClientException.class)
|
||||||
public void createAccessToken_nullClient() {
|
public void createAccessToken_nullClient() {
|
||||||
|
when(clientDetailsService.loadClientByClientId(anyString())).thenReturn(null);
|
||||||
Mockito.when(clientDetailsService.loadClientByClientId(Matchers.anyString())).thenReturn(null);
|
|
||||||
|
|
||||||
service.createAccessToken(authentication);
|
service.createAccessToken(authentication);
|
||||||
}
|
}
|
||||||
|
|
@ -260,18 +260,17 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void createAccessToken_noRefresh() {
|
public void createAccessToken_noRefresh() {
|
||||||
|
when(client.isAllowRefresh()).thenReturn(false);
|
||||||
Mockito.when(client.isAllowRefresh()).thenReturn(false);
|
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
||||||
|
|
||||||
Mockito.verify(clientDetailsService).loadClientByClientId(Matchers.anyString());
|
verify(clientDetailsService).loadClientByClientId(anyString());
|
||||||
Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class));
|
verify(authenticationHolderRepository).save(any(AuthenticationHolderEntity.class));
|
||||||
Mockito.verify(tokenEnhancer).enhance(Matchers.any(OAuth2AccessTokenEntity.class), Matchers.eq(authentication));
|
verify(tokenEnhancer).enhance(any(OAuth2AccessTokenEntity.class), Matchers.eq(authentication));
|
||||||
Mockito.verify(tokenRepository).saveAccessToken(Matchers.any(OAuth2AccessTokenEntity.class));
|
verify(tokenRepository).saveAccessToken(any(OAuth2AccessTokenEntity.class));
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
Mockito.verify(tokenRepository, Mockito.never()).saveRefreshToken(Matchers.any(OAuth2RefreshTokenEntity.class));
|
verify(tokenRepository, Mockito.never()).saveRefreshToken(any(OAuth2RefreshTokenEntity.class));
|
||||||
|
|
||||||
assertThat(token.getRefreshToken(), is(nullValue()));
|
assertThat(token.getRefreshToken(), is(nullValue()));
|
||||||
}
|
}
|
||||||
|
|
@ -281,19 +280,17 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void createAccessToken_yesRefresh() {
|
public void createAccessToken_yesRefresh() {
|
||||||
|
OAuth2Request clientAuth = new OAuth2Request(null, clientId, null, true, newHashSet(SystemScopeService.OFFLINE_ACCESS), null, null, null, null);
|
||||||
OAuth2Request clientAuth = new OAuth2Request(null, clientId, null, true, Sets.newHashSet(SystemScopeService.OFFLINE_ACCESS), null, null, null, null);
|
when(authentication.getOAuth2Request()).thenReturn(clientAuth);
|
||||||
Mockito.when(authentication.getOAuth2Request()).thenReturn(clientAuth);
|
when(client.isAllowRefresh()).thenReturn(true);
|
||||||
Mockito.when(client.isAllowRefresh()).thenReturn(true);
|
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
||||||
|
|
||||||
// Note: a refactor may be appropriate to only save refresh tokens once to the repository during creation.
|
// Note: a refactor may be appropriate to only save refresh tokens once to the repository during creation.
|
||||||
Mockito.verify(tokenRepository, Mockito.atLeastOnce()).saveRefreshToken(Matchers.any(OAuth2RefreshTokenEntity.class));
|
verify(tokenRepository, atLeastOnce()).saveRefreshToken(any(OAuth2RefreshTokenEntity.class));
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertThat(token.getRefreshToken(), is(notNullValue()));
|
assertThat(token.getRefreshToken(), is(notNullValue()));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -301,12 +298,11 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void createAccessToken_expiration() {
|
public void createAccessToken_expiration() {
|
||||||
|
|
||||||
Integer accessTokenValiditySeconds = 3600;
|
Integer accessTokenValiditySeconds = 3600;
|
||||||
Integer refreshTokenValiditySeconds = 600;
|
Integer refreshTokenValiditySeconds = 600;
|
||||||
|
|
||||||
Mockito.when(client.getAccessTokenValiditySeconds()).thenReturn(accessTokenValiditySeconds);
|
when(client.getAccessTokenValiditySeconds()).thenReturn(accessTokenValiditySeconds);
|
||||||
Mockito.when(client.getRefreshTokenValiditySeconds()).thenReturn(refreshTokenValiditySeconds);
|
when(client.getRefreshTokenValiditySeconds()).thenReturn(refreshTokenValiditySeconds);
|
||||||
|
|
||||||
long start = System.currentTimeMillis();
|
long start = System.currentTimeMillis();
|
||||||
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
||||||
|
|
@ -318,7 +314,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
Date lowerBoundRefreshTokens = new Date(start + (refreshTokenValiditySeconds * 1000L) - DELTA);
|
Date lowerBoundRefreshTokens = new Date(start + (refreshTokenValiditySeconds * 1000L) - DELTA);
|
||||||
Date upperBoundRefreshTokens = new Date(end + (refreshTokenValiditySeconds * 1000L) + DELTA);
|
Date upperBoundRefreshTokens = new Date(end + (refreshTokenValiditySeconds * 1000L) + DELTA);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertTrue(token.getExpiration().after(lowerBoundAccessTokens) && token.getExpiration().before(upperBoundAccessTokens));
|
assertTrue(token.getExpiration().after(lowerBoundAccessTokens) && token.getExpiration().before(upperBoundAccessTokens));
|
||||||
assertTrue(token.getRefreshToken().getExpiration().after(lowerBoundRefreshTokens) && token.getRefreshToken().getExpiration().before(upperBoundRefreshTokens));
|
assertTrue(token.getRefreshToken().getExpiration().after(lowerBoundRefreshTokens) && token.getRefreshToken().getExpiration().before(upperBoundRefreshTokens));
|
||||||
|
|
@ -326,59 +322,52 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createAccessToken_checkClient() {
|
public void createAccessToken_checkClient() {
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertThat(token.getClient().getClientId(), equalTo(clientId));
|
assertThat(token.getClient().getClientId(), equalTo(clientId));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createAccessToken_checkScopes() {
|
public void createAccessToken_checkScopes() {
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertThat(token.getScope(), equalTo(scope));
|
assertThat(token.getScope(), equalTo(scope));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createAccessToken_checkAttachedAuthentication() {
|
public void createAccessToken_checkAttachedAuthentication() {
|
||||||
|
AuthenticationHolderEntity authHolder = mock(AuthenticationHolderEntity.class);
|
||||||
|
when(authHolder.getAuthentication()).thenReturn(authentication);
|
||||||
|
|
||||||
AuthenticationHolderEntity authHolder = Mockito.mock(AuthenticationHolderEntity.class);
|
when(authenticationHolderRepository.save(any(AuthenticationHolderEntity.class))).thenReturn(authHolder);
|
||||||
Mockito.when(authHolder.getAuthentication()).thenReturn(authentication);
|
|
||||||
|
|
||||||
Mockito.when(authenticationHolderRepository.save(Matchers.any(AuthenticationHolderEntity.class))).thenReturn(authHolder);
|
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
OAuth2AccessTokenEntity token = service.createAccessToken(authentication);
|
||||||
|
|
||||||
assertThat(token.getAuthenticationHolder().getAuthentication(), equalTo(authentication));
|
assertThat(token.getAuthenticationHolder().getAuthentication(), equalTo(authentication));
|
||||||
Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class));
|
verify(authenticationHolderRepository).save(any(AuthenticationHolderEntity.class));
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = InvalidTokenException.class)
|
@Test(expected = InvalidTokenException.class)
|
||||||
public void refreshAccessToken_noRefreshToken() {
|
public void refreshAccessToken_noRefreshToken() {
|
||||||
|
when(tokenRepository.getRefreshTokenByValue(anyString())).thenReturn(null);
|
||||||
Mockito.when(tokenRepository.getRefreshTokenByValue(Matchers.anyString())).thenReturn(null);
|
|
||||||
|
|
||||||
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = InvalidClientException.class)
|
@Test(expected = InvalidClientException.class)
|
||||||
public void refreshAccessToken_notAllowRefresh() {
|
public void refreshAccessToken_notAllowRefresh() {
|
||||||
|
when(client.isAllowRefresh()).thenReturn(false);
|
||||||
Mockito.when(client.isAllowRefresh()).thenReturn(false);
|
|
||||||
|
|
||||||
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = InvalidClientException.class)
|
@Test(expected = InvalidClientException.class)
|
||||||
public void refreshAccessToken_clientMismatch() {
|
public void refreshAccessToken_clientMismatch() {
|
||||||
|
|
||||||
tokenRequest = new TokenRequest(null, badClientId, null, null);
|
tokenRequest = new TokenRequest(null, badClientId, null, null);
|
||||||
|
|
||||||
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
@ -386,96 +375,89 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
|
|
||||||
@Test(expected = InvalidTokenException.class)
|
@Test(expected = InvalidTokenException.class)
|
||||||
public void refreshAccessToken_expired() {
|
public void refreshAccessToken_expired() {
|
||||||
|
when(refreshToken.isExpired()).thenReturn(true);
|
||||||
Mockito.when(refreshToken.isExpired()).thenReturn(true);
|
|
||||||
|
|
||||||
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_verifyAcessToken() {
|
public void refreshAccessToken_verifyAcessToken() {
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
||||||
Mockito.verify(tokenRepository).clearAccessTokensForRefreshToken(refreshToken);
|
verify(tokenRepository).clearAccessTokensForRefreshToken(refreshToken);
|
||||||
|
|
||||||
assertThat(token.getClient(), equalTo(client));
|
assertThat(token.getClient(), equalTo(client));
|
||||||
assertThat(token.getRefreshToken(), equalTo(refreshToken));
|
assertThat(token.getRefreshToken(), equalTo(refreshToken));
|
||||||
assertThat(token.getAuthenticationHolder(), equalTo(storedAuthHolder));
|
assertThat(token.getAuthenticationHolder(), equalTo(storedAuthHolder));
|
||||||
|
|
||||||
Mockito.verify(tokenEnhancer).enhance(token, storedAuthentication);
|
verify(tokenEnhancer).enhance(token, storedAuthentication);
|
||||||
Mockito.verify(tokenRepository).saveAccessToken(token);
|
verify(tokenRepository).saveAccessToken(token);
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_rotateRefreshToken() {
|
public void refreshAccessToken_rotateRefreshToken() {
|
||||||
|
|
||||||
when(client.isReuseRefreshToken()).thenReturn(false);
|
when(client.isReuseRefreshToken()).thenReturn(false);
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
||||||
Mockito.verify(tokenRepository).clearAccessTokensForRefreshToken(refreshToken);
|
verify(tokenRepository).clearAccessTokensForRefreshToken(refreshToken);
|
||||||
|
|
||||||
assertThat(token.getClient(), equalTo(client));
|
assertThat(token.getClient(), equalTo(client));
|
||||||
assertThat(token.getRefreshToken(), not(equalTo(refreshToken)));
|
assertThat(token.getRefreshToken(), not(equalTo(refreshToken)));
|
||||||
assertThat(token.getAuthenticationHolder(), equalTo(storedAuthHolder));
|
assertThat(token.getAuthenticationHolder(), equalTo(storedAuthHolder));
|
||||||
|
|
||||||
Mockito.verify(tokenEnhancer).enhance(token, storedAuthentication);
|
verify(tokenEnhancer).enhance(token, storedAuthentication);
|
||||||
Mockito.verify(tokenRepository).saveAccessToken(token);
|
verify(tokenRepository).saveAccessToken(token);
|
||||||
Mockito.verify(tokenRepository).removeRefreshToken(refreshToken);
|
verify(tokenRepository).removeRefreshToken(refreshToken);
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_keepAccessTokens() {
|
public void refreshAccessToken_keepAccessTokens() {
|
||||||
|
|
||||||
when(client.isClearAccessTokensOnRefresh()).thenReturn(false);
|
when(client.isClearAccessTokensOnRefresh()).thenReturn(false);
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
||||||
Mockito.verify(tokenRepository, never()).clearAccessTokensForRefreshToken(refreshToken);
|
verify(tokenRepository, never()).clearAccessTokensForRefreshToken(refreshToken);
|
||||||
|
|
||||||
assertThat(token.getClient(), equalTo(client));
|
assertThat(token.getClient(), equalTo(client));
|
||||||
assertThat(token.getRefreshToken(), equalTo(refreshToken));
|
assertThat(token.getRefreshToken(), equalTo(refreshToken));
|
||||||
assertThat(token.getAuthenticationHolder(), equalTo(storedAuthHolder));
|
assertThat(token.getAuthenticationHolder(), equalTo(storedAuthHolder));
|
||||||
|
|
||||||
Mockito.verify(tokenEnhancer).enhance(token, storedAuthentication);
|
verify(tokenEnhancer).enhance(token, storedAuthentication);
|
||||||
Mockito.verify(tokenRepository).saveAccessToken(token);
|
verify(tokenRepository).saveAccessToken(token);
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_requestingSameScope() {
|
public void refreshAccessToken_requestingSameScope() {
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertThat(token.getScope(), equalTo(storedScope));
|
assertThat(token.getScope(), equalTo(storedScope));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_requestingLessScope() {
|
public void refreshAccessToken_requestingLessScope() {
|
||||||
|
Set<String> lessScope = newHashSet("openid", "profile");
|
||||||
Set<String> lessScope = Sets.newHashSet("openid", "profile");
|
|
||||||
|
|
||||||
tokenRequest.setScope(lessScope);
|
tokenRequest.setScope(lessScope);
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertThat(token.getScope(), equalTo(lessScope));
|
assertThat(token.getScope(), equalTo(lessScope));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = InvalidScopeException.class)
|
@Test(expected = InvalidScopeException.class)
|
||||||
public void refreshAccessToken_requestingMoreScope() {
|
public void refreshAccessToken_requestingMoreScope() {
|
||||||
|
Set<String> moreScope = newHashSet(storedScope);
|
||||||
Set<String> moreScope = Sets.newHashSet(storedScope);
|
|
||||||
moreScope.add("address");
|
moreScope.add("address");
|
||||||
moreScope.add("phone");
|
moreScope.add("phone");
|
||||||
|
|
||||||
|
|
@ -490,8 +472,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Test(expected = InvalidScopeException.class)
|
@Test(expected = InvalidScopeException.class)
|
||||||
public void refreshAccessToken_requestingMixedScope() {
|
public void refreshAccessToken_requestingMixedScope() {
|
||||||
|
Set<String> mixedScope = newHashSet("openid", "profile", "address", "phone"); // no email or offline_access
|
||||||
Set<String> mixedScope = Sets.newHashSet("openid", "profile", "address", "phone"); // no email or offline_access
|
|
||||||
|
|
||||||
tokenRequest.setScope(mixedScope);
|
tokenRequest.setScope(mixedScope);
|
||||||
|
|
||||||
|
|
@ -500,26 +481,24 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_requestingEmptyScope() {
|
public void refreshAccessToken_requestingEmptyScope() {
|
||||||
|
Set<String> emptyScope = newHashSet();
|
||||||
Set<String> emptyScope = Sets.newHashSet();
|
|
||||||
|
|
||||||
tokenRequest.setScope(emptyScope);
|
tokenRequest.setScope(emptyScope);
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertThat(token.getScope(), equalTo(storedScope));
|
assertThat(token.getScope(), equalTo(storedScope));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_requestingNullScope() {
|
public void refreshAccessToken_requestingNullScope() {
|
||||||
|
|
||||||
tokenRequest.setScope(null);
|
tokenRequest.setScope(null);
|
||||||
|
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertThat(token.getScope(), equalTo(storedScope));
|
assertThat(token.getScope(), equalTo(storedScope));
|
||||||
|
|
||||||
|
|
@ -530,10 +509,9 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void refreshAccessToken_expiration() {
|
public void refreshAccessToken_expiration() {
|
||||||
|
|
||||||
Integer accessTokenValiditySeconds = 3600;
|
Integer accessTokenValiditySeconds = 3600;
|
||||||
|
|
||||||
Mockito.when(client.getAccessTokenValiditySeconds()).thenReturn(accessTokenValiditySeconds);
|
when(client.getAccessTokenValiditySeconds()).thenReturn(accessTokenValiditySeconds);
|
||||||
|
|
||||||
long start = System.currentTimeMillis();
|
long start = System.currentTimeMillis();
|
||||||
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
|
||||||
|
|
@ -543,14 +521,14 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
Date lowerBoundAccessTokens = new Date(start + (accessTokenValiditySeconds * 1000L) - DELTA);
|
Date lowerBoundAccessTokens = new Date(start + (accessTokenValiditySeconds * 1000L) - DELTA);
|
||||||
Date upperBoundAccessTokens = new Date(end + (accessTokenValiditySeconds * 1000L) + DELTA);
|
Date upperBoundAccessTokens = new Date(end + (accessTokenValiditySeconds * 1000L) + DELTA);
|
||||||
|
|
||||||
Mockito.verify(scopeService, Mockito.atLeastOnce()).removeReservedScopes(Matchers.anySet());
|
verify(scopeService, atLeastOnce()).removeReservedScopes(anySet());
|
||||||
|
|
||||||
assertTrue(token.getExpiration().after(lowerBoundAccessTokens) && token.getExpiration().before(upperBoundAccessTokens));
|
assertTrue(token.getExpiration().after(lowerBoundAccessTokens) && token.getExpiration().before(upperBoundAccessTokens));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getAllAccessTokensForUser(){
|
public void getAllAccessTokensForUser(){
|
||||||
Mockito.when(tokenRepository.getAccessTokensByUserName(userName)).thenReturn(newHashSet(accessToken));
|
when(tokenRepository.getAccessTokensByUserName(userName)).thenReturn(newHashSet(accessToken));
|
||||||
|
|
||||||
Set<OAuth2AccessTokenEntity> tokens = service.getAllAccessTokensForUser(userName);
|
Set<OAuth2AccessTokenEntity> tokens = service.getAllAccessTokensForUser(userName);
|
||||||
assertEquals(1, tokens.size());
|
assertEquals(1, tokens.size());
|
||||||
|
|
@ -559,7 +537,7 @@ public class TestDefaultOAuth2ProviderTokenService {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getAllRefreshTokensForUser(){
|
public void getAllRefreshTokensForUser(){
|
||||||
Mockito.when(tokenRepository.getRefreshTokensByUserName(userName)).thenReturn(newHashSet(refreshToken));
|
when(tokenRepository.getRefreshTokensByUserName(userName)).thenReturn(newHashSet(refreshToken));
|
||||||
|
|
||||||
Set<OAuth2RefreshTokenEntity> tokens = service.getAllRefreshTokensForUser(userName);
|
Set<OAuth2RefreshTokenEntity> tokens = service.getAllRefreshTokensForUser(userName);
|
||||||
assertEquals(1, tokens.size());
|
assertEquals(1, tokens.size());
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue