added unit tests for nonce-less url builders (exception cases)

2014-12-19 20:55:40 -05:00 · 2014-12-19 20:55:40 -05:00 · ada1b0d24e
parent ba97fcb88a
commit ada1b0d24e
2 changed files with 62 additions and 0 deletions
--- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java
+++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java
@ -82,5 +82,25 @@ public class TestPlainAuthRequestUrlBuilder {

 		urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "example.com", "", "", options);
 	}
+	
+	@Test
+	public void buildAuthRequestUrl_withNoNonce() {
+		Mockito.when(serverConfig.isNonceEnabled()).thenReturn(false);
+		
+		String expectedUrl = "https://server.example.com/authorize?" +
+				"response_type=code" +
+				"&client_id=s6BhdRkqt3" +
+				"&scope=openid+profile" + // plus sign used for space per application/x-www-form-encoded standard
+				"&redirect_uri=https%3A%2F%2Fclient.example.org%2F" +
+				"&state=af0ifjsldkj" +
+				"&foo=bar";
+
+		Map<String, String> options = ImmutableMap.of("foo", "bar");
+
+		String actualUrl = urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "https://client.example.org/", null, "af0ifjsldkj", options);
+
+		assertThat(actualUrl, equalTo(expectedUrl));
+		
+	}

 }
--- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java
+++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java
@ -159,4 +159,46 @@ public class TestSignedAuthRequestUrlBuilder {

 		urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "example.com", "", "", options);
 	}
+
+	@Test
+	public void buildAuthRequestUrl_withNoNonce() {
+
+		Mockito.when(serverConfig.isNonceEnabled()).thenReturn(false);
+
+		String requestUri = urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, redirectUri, null, state, options);
+
+		// parsing the result
+		UriComponentsBuilder builder = null;
+
+		try {
+			builder = UriComponentsBuilder.fromUri(new URI(requestUri));
+		} catch (URISyntaxException e1) {
+			fail("URISyntaxException was thrown.");
+		}
+
+		UriComponents components = builder.build();
+		String jwtString = components.getQueryParams().get("request").get(0);
+		ReadOnlyJWTClaimsSet claims = null;
+
+		try {
+			SignedJWT jwt = SignedJWT.parse(jwtString);
+			claims = jwt.getJWTClaimsSet();
+		} catch (ParseException e) {
+			fail("ParseException was thrown.");
+		}
+
+		assertEquals(responseType, claims.getClaim("response_type"));
+		assertEquals(clientConfig.getClientId(), claims.getClaim("client_id"));
+
+		List<String> scopeList = Arrays.asList(((String) claims.getClaim("scope")).split(" "));
+		assertTrue(scopeList.containsAll(clientConfig.getScope()));
+
+		assertEquals(redirectUri, claims.getClaim("redirect_uri"));
+		assertEquals(null, claims.getClaim("nonce"));
+		assertEquals(state, claims.getClaim("state"));
+		for (String claim : options.keySet()) {
+			assertEquals(options.get(claim), claims.getClaim(claim));
+		}
+	}
+
 }