From c5743dc810337077e4ca693b73e58ecec81ed67a Mon Sep 17 00:00:00 2001 From: William Kim Date: Fri, 12 Jul 2013 10:55:14 -0400 Subject: [PATCH] updated unit tests to reflect new exception-throwing behavior. --- ...TestDefaultOAuth2ProviderTokenService.java | 25 +++++++++---------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java index 1b3164e38..290b5df5b 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java @@ -16,8 +16,13 @@ ******************************************************************************/ package org.mitre.oauth2.service.impl; -import static org.hamcrest.CoreMatchers.*; -import static org.junit.Assert.*; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.notNullValue; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; import java.util.Date; import java.util.Set; @@ -38,6 +43,7 @@ import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException; import org.springframework.security.oauth2.common.exceptions.InvalidClientException; +import org.springframework.security.oauth2.common.exceptions.InvalidScopeException; import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.OAuth2Authentication; @@ -310,8 +316,7 @@ public class TestDefaultOAuth2ProviderTokenService { assertThat(token.getScope(), equalTo(lessScope)); } - // Note: attempt at upscoping may throw an exception in future implementation. - @Test + @Test(expected = InvalidScopeException.class) public void refreshAccessToken_requestingMoreScope() { Set moreScope = Sets.newHashSet(storedScope); @@ -320,27 +325,21 @@ public class TestDefaultOAuth2ProviderTokenService { Mockito.when(authRequest.getScope()).thenReturn(moreScope); - OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, authRequest); - - assertThat(token.getScope(), not(equalTo(moreScope))); - assertThat(token.getScope(), equalTo(storedScope)); + service.refreshAccessToken(refreshTokenValue, authRequest); } /** * Tests the case where only some of the valid scope values are being requested along with * other extra unauthorized scope values. */ - @Test + @Test(expected = InvalidScopeException.class) public void refreshAccessToken_requestingMixedScope() { Set mixedScope = Sets.newHashSet("openid", "profile", "address", "phone"); // no email or offline_access Mockito.when(authRequest.getScope()).thenReturn(mixedScope); - OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, authRequest); - - // Current behavior is to simply return the set scope values stored in the initial authorization. - assertThat(token.getScope(), equalTo(storedScope)); + service.refreshAccessToken(refreshTokenValue, authRequest); } @Test