diff --git a/openid-connect-server/pom.xml b/openid-connect-server/pom.xml
index 611b1e49e..8b116e302 100644
--- a/openid-connect-server/pom.xml
+++ b/openid-connect-server/pom.xml
@@ -32,6 +32,12 @@
 			<artifactId>openid-connect-common</artifactId>
 			<version>1.0.2-SNAPSHOT</version>
 		</dependency>
+		<dependency>
+			<groupId>org.mockito</groupId>
+			<artifactId>mockito-all</artifactId>
+			<version>1.9.0</version>
+			<scope>test</scope>
+		</dependency>
 	</dependencies>
     <description>Reference implementation of OpenID Connect spec (http://openid.net/connect/).
     </description>
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
index 0c360fef1..9511d8065 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
@@ -47,6 +47,15 @@ public class DefaultUserInfoUserDetailsService implements UserDetailsService {
 
 	private List<String> admins = new ArrayList<String>();
 
+	/**
+	 * Parameterized constructor for use in test harnesses.
+	 * 
+	 * @param repository the UserInfoRepository to set
+	 */
+	public DefaultUserInfoUserDetailsService(UserInfoRepository repository) {
+		this.repository = repository;
+	}
+	
 	@Override
 	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
 		UserInfo userInfo = repository.getByUsername(username);
diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java
new file mode 100644
index 000000000..f5db4037b
--- /dev/null
+++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java
@@ -0,0 +1,80 @@
+package org.mitre.openid.connect.service.impl;
+
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.times;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mitre.oauth2.model.ClientDetailsEntity;
+import org.mitre.openid.connect.model.ApprovedSite;
+import org.mitre.openid.connect.repository.ApprovedSiteRepository;
+import org.mitre.openid.connect.service.ApprovedSiteService;
+import org.mockito.Mockito;
+import org.springframework.test.annotation.Rollback;
+
+import com.google.common.collect.Sets;
+
+public class TestDefaultApprovedSiteService {
+
+	private ApprovedSite site1;
+	private ApprovedSite site2;
+	private ApprovedSite site3;
+	
+	private ClientDetailsEntity client;
+	private final String clientId = "client";
+	
+	private ApprovedSiteService service;
+	private ApprovedSiteRepository repository;
+	
+	@Before
+	public void prepare() {
+		
+		client = new ClientDetailsEntity();
+		client.setClientId(clientId);
+		
+		site1 = new ApprovedSite();
+		site1.setId(1L);
+		site1.setUserId("user1");
+		site1.setClientId("other");
+		
+		site2 = new ApprovedSite();
+		site2.setId(2L);
+		site2.setUserId("user1");
+		site2.setClientId(clientId);
+		
+		site3 = new ApprovedSite();
+		site3.setId(3L);
+		site3.setUserId("user2");
+		site3.setClientId(clientId);
+		
+		repository = Mockito.mock(ApprovedSiteRepository.class);
+		
+		service = new DefaultApprovedSiteService(repository);
+	}
+	
+	@Test
+	public void clearApprovedSitesForClient_success() {
+		Set<ApprovedSite> setToReturn = Sets.newHashSet(site2, site3);
+		Mockito.when(repository.getByClientId(client.getClientId())).thenReturn(setToReturn);
+		
+		service.clearApprovedSitesForClient(client);
+		
+		Mockito.verify(repository, times(2)).remove(any(ApprovedSite.class));
+	}
+	
+	@Test
+	@Rollback
+	public void clearApprovedSitesForClient_null() {
+		String otherId = "a different id";
+		client.setClientId(otherId);
+		service.clearApprovedSitesForClient(client);
+		Mockito.when(repository.getByClientId(otherId)).thenReturn(new HashSet<ApprovedSite>());
+		Mockito.verify(repository, never()).remove(any(ApprovedSite.class));
+	}
+	
+	
+}
diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoUserDetailsService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoUserDetailsService.java
new file mode 100644
index 000000000..d15a8e97f
--- /dev/null
+++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoUserDetailsService.java
@@ -0,0 +1,80 @@
+package org.mitre.openid.connect.service.impl;
+
+import static org.hamcrest.core.IsNot.not;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThat;
+import static org.junit.matchers.JUnitMatchers.hasItem;
+
+import java.util.ArrayList;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mitre.openid.connect.model.DefaultUserInfo;
+import org.mitre.openid.connect.model.UserInfo;
+import org.mitre.openid.connect.repository.UserInfoRepository;
+import org.mockito.Mockito;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+import com.google.common.collect.Lists;
+
+public class TestDefaultUserInfoUserDetailsService {
+
+	private DefaultUserInfoUserDetailsService service;
+	private UserInfoRepository userInfoRepository;
+	private UserInfo userInfoAdmin;
+	private UserInfo userInfoRegular;
+	private String adminUsername = "username";
+	private String regularUsername = "regular";
+	private String adminSub = "adminSub12d3a1f34a2";
+	private String regularSub = "regularSub652ha23b";
+	
+	@Before
+	public void prepare() {
+		userInfoRepository = Mockito.mock(UserInfoRepository.class);
+		service = new DefaultUserInfoUserDetailsService(userInfoRepository);
+		service.setAdmins(Lists.newArrayList(adminUsername));
+		
+		userInfoAdmin = new DefaultUserInfo();
+		userInfoAdmin.setPreferredUsername(adminUsername);
+		userInfoAdmin.setSub(adminSub);
+		
+		userInfoRegular = new DefaultUserInfo();
+		userInfoRegular.setPreferredUsername(regularUsername);
+		userInfoRegular.setSub(regularSub);	
+	}
+	
+	@Test
+	public void loadByUsername_admin_success() {
+		
+		Mockito.when(userInfoRepository.getByUsername(adminUsername)).thenReturn(userInfoAdmin);
+		UserDetails user = service.loadUserByUsername(adminUsername);
+		ArrayList<GrantedAuthority> userAuthorities = Lists.newArrayList(user.getAuthorities());
+		assertThat(userAuthorities, hasItem(DefaultUserInfoUserDetailsService.ROLE_ADMIN));
+		assertThat(userAuthorities, hasItem(DefaultUserInfoUserDetailsService.ROLE_USER));
+		assertEquals(user.getUsername(), adminSub);
+		
+	}
+	
+	@Test
+	public void loadByUsername_regular_success() {
+		
+		Mockito.when(userInfoRepository.getByUsername(regularUsername)).thenReturn(userInfoRegular);
+		UserDetails user = service.loadUserByUsername(regularUsername);
+		ArrayList<GrantedAuthority> userAuthorities = Lists.newArrayList(user.getAuthorities());
+		assertThat(userAuthorities, not(hasItem(DefaultUserInfoUserDetailsService.ROLE_ADMIN)));
+		assertThat(userAuthorities, hasItem(DefaultUserInfoUserDetailsService.ROLE_USER));
+		assertEquals(user.getUsername(), regularSub);
+		
+	}	
+	
+	@Test(expected = UsernameNotFoundException.class)
+	public void loadByUsername_nullUser() {
+		
+		Mockito.when(userInfoRepository.getByUsername(adminUsername)).thenReturn(null);
+		service.loadUserByUsername(adminUsername);
+		
+	}
+	
+}