Package org.mitre.oauth2.model

Examples of org.mitre.oauth2.model.ClientDetailsEntity


  public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException {
    if (authentication != null && authentication.getOAuth2Request() != null) {
      // look up our client
      OAuth2Request clientAuth = authentication.getOAuth2Request();

      ClientDetailsEntity client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());

      if (client == null) {
        throw new InvalidClientException("Client not found: " + clientAuth.getClientId());
      }

      OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken();

      // attach the client
      token.setClient(client);

      // inherit the scope from the auth, but make a new set so it is
      //not unmodifiable. Unmodifiables don't play nicely with Eclipselink, which
      //wants to use the clone operation.
      Set<String> scopes = Sets.newHashSet(clientAuth.getScope());
      // remove any of the special system scopes
      scopes = scopeService.removeRestrictedScopes(scopes);
      token.setScope(scopes);

      // make it expire if necessary
      if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) {
        Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
        token.setExpiration(expiration);
      }

      // attach the authorization so that we can look it up later
      AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity();
      authHolder.setAuthentication(authentication);
      authHolder = authenticationHolderRepository.save(authHolder);

      token.setAuthenticationHolder(authHolder);

      // attach a refresh token, if this client is allowed to request them and the user gets the offline scope
      if (client.isAllowRefresh() && scopes.contains(SystemScopeService.OFFLINE_ACCESS)) {
        OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken();
        JWTClaimsSet refreshClaims = new JWTClaimsSet();


        // make it expire if necessary
        if (client.getRefreshTokenValiditySeconds() != null) {
          Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L));
          refreshToken.setExpiration(expiration);
          refreshClaims.setExpirationTime(expiration);
        }

        // set a random identifier
View Full Code Here


    if (refreshToken == null) {
      throw new InvalidTokenException("Invalid refresh token: " + refreshTokenValue);
    }

    ClientDetailsEntity client = refreshToken.getClient();

    AuthenticationHolderEntity authHolder = refreshToken.getAuthenticationHolder();

    //Make sure this client allows access token refreshing
    if (!client.isAllowRefresh()) {
      throw new InvalidClientException("Client does not allow refreshing access token!");
    }

    // clear out any access tokens
    // TODO: make this a configurable option
    tokenRepository.clearAccessTokensForRefreshToken(refreshToken);

    if (refreshToken.isExpired()) {
      tokenRepository.removeRefreshToken(refreshToken);
      throw new InvalidTokenException("Expired refresh token: " + refreshTokenValue);
    }

    // TODO: have the option to recycle the refresh token here, too
    // for now, we just reuse it as long as it's valid, which is the original intent

    OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();

    // get the stored scopes from the authentication holder's authorization request; these are the scopes associated with the refresh token
    Set<String> refreshScopes = new HashSet<String>(refreshToken.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope());
    // remove any of the special system scopes
    refreshScopes = scopeService.removeRestrictedScopes(refreshScopes);

    Set<String> scope = authRequest.getScope() == null ? new HashSet<String>() : new HashSet<String>(authRequest.getScope());
    // remove any of the special system scopes
    scope = scopeService.removeRestrictedScopes(scope);

    if (scope != null && !scope.isEmpty()) {
      // ensure a proper subset of scopes
      if (refreshScopes != null && refreshScopes.containsAll(scope)) {
        // set the scope of the new access token if requested
        token.setScope(scope);
      } else {
        String errorMsg = "Up-scoping is not allowed.";
        logger.error(errorMsg);
        throw new InvalidScopeException(errorMsg);
      }
    } else {
      // otherwise inherit the scope of the refresh token (if it's there -- this can return a null scope set)
      token.setScope(refreshScopes);
    }

    token.setClient(client);

    if (client.getAccessTokenValiditySeconds() != null) {
      Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
      token.setExpiration(expiration);
    }

    token.setRefreshToken(refreshToken);

 
View Full Code Here

    userInfoRegular = new DefaultUserInfo();
    userInfoRegular.setPreferredUsername(regularUsername);
    userInfoRegular.setSub(regularSub);

    // pairwise set 1
    pairwiseClient1 = new ClientDetailsEntity();
    pairwiseClient1.setClientId(pairwiseClientId1);
    pairwiseClient1.setSubjectType(SubjectType.PAIRWISE);
    pairwiseClient1.setSectorIdentifierUri(sectorIdentifier1);

    pairwiseClient2 = new ClientDetailsEntity();
    pairwiseClient2.setClientId(pairwiseClientId2);
    pairwiseClient2.setSubjectType(SubjectType.PAIRWISE);
    pairwiseClient2.setSectorIdentifierUri(sectorIdentifier2);

    // pairwise set 2
    pairwiseClient3 = new ClientDetailsEntity();
    pairwiseClient3.setClientId(pairwiseClientId3);
    pairwiseClient3.setSubjectType(SubjectType.PAIRWISE);
    pairwiseClient3.setSectorIdentifierUri(sectorIdentifier3);
    pairwiseClient3.setRedirectUris(pairwiseClient3RedirectUris);

    // pairwise with null sector
    pairwiseClient4 = new ClientDetailsEntity();
    pairwiseClient4.setClientId(pairwiseClientId4);
    pairwiseClient4.setSubjectType(SubjectType.PAIRWISE);
    pairwiseClient4.setRedirectUris(pairwiseClient4RedirectUris);

    // pairwise with multiple redirects and no sector (error)
    pairwiseClient5 = new ClientDetailsEntity();
    pairwiseClient5.setClientId(pairwiseClientId5);
    pairwiseClient5.setSubjectType(SubjectType.PAIRWISE);
    pairwiseClient5.setRedirectUris(pairwiseClient5RedirectUris);

    // saved pairwise identifier from repository
View Full Code Here

    @Test
    public void testImportRefreshTokens() throws IOException, ParseException {
        String expiration1 = "2014-09-10T22:49:44.090+0000";
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder1.getId()).thenReturn(1L);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(mockedAuthHolder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder2.getId()).thenReturn(2L);
       
        OAuth2RefreshTokenEntity token2 = new OAuth2RefreshTokenEntity();
        token2.setId(2L);
        token2.setClient(mockedClient2);
        token2.setExpiration(expirationDate2);
        token2.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.");
        token2.setAuthenticationHolder(mockedAuthHolder2);
       
    String configJson = "{" +
        "\"" + MITREidDataService.SYSTEMSCOPES + "\": [], " +
        "\"" + MITREidDataService.ACCESSTOKENS + "\": [], " +
                "\"" + MITREidDataService.CLIENTS + "\": [], " +
        "\"" + MITREidDataService.GRANTS + "\": [], " +
        "\"" + MITREidDataService.WHITELISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.BLACKLISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.AUTHENTICATIONHOLDERS + "\": [], " +  
        "\"" + MITREidDataService.REFRESHTOKENS + "\": [" +
     
        "{\"id\":1,\"clientId\":\"mocked_client_1\",\"expiration\":\"2014-09-10T22:49:44.090+0000\","
                + "\"authenticationHolderId\":1,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.\"}," +
        "{\"id\":2,\"clientId\":\"mocked_client_2\",\"expiration\":\"2015-01-07T18:31:50.079+0000\","
                + "\"authenticationHolderId\":2,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.\"}" +
       
        "  ]" +
        "}";
     
    System.err.println(configJson);
        JsonReader reader = new JsonReader(new StringReader(configJson));
       
        final Map<Long, OAuth2RefreshTokenEntity> fakeDb = new HashMap<Long, OAuth2RefreshTokenEntity>();
        when(tokenRepository.saveRefreshToken(isA(OAuth2RefreshTokenEntity.class))).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            Long id = 343L;
            @Override
            public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                OAuth2RefreshTokenEntity _token = (OAuth2RefreshTokenEntity) invocation.getArguments()[0];
                if(_token.getId() == null) {
                    _token.setId(id++);
                }
                fakeDb.put(_token.getId(), _token);
                return _token;
            }
        });
        when(tokenRepository.getRefreshTokenById(anyLong())).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            @Override
            public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                Long _id = (Long) invocation.getArguments()[0];
                return fakeDb.get(_id);
            }
        });
        when(clientRepository.getClientByClientId(anyString())).thenAnswer(new Answer<ClientDetailsEntity>() {
           @Override
           public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
               String _clientId = (String) invocation.getArguments()[0];
               ClientDetailsEntity _client = mock(ClientDetailsEntity.class);
               when(_client.getClientId()).thenReturn(_clientId);
               return _client;
           }
        });
        when(authHolderRepository.getById(isNull(Long.class))).thenAnswer(new Answer<AuthenticationHolderEntity>() {
           Long id = 678L;
View Full Code Here

    @Test
    public void testImportAccessTokens() throws IOException, ParseException {
        String expiration1 = "2014-09-10T22:49:44.090+0000";
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");

        AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder1.getId()).thenReturn(1L);
       
        OAuth2AccessTokenEntity token1 = new OAuth2AccessTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MTI3ODk5NjgsInN1YiI6IjkwMzQyLkFTREZKV0ZBIiwiYXRfaGFzaCI6InptTmt1QmNRSmNYQktNaVpFODZqY0EiLCJhdWQiOlsiY2xpZW50Il0sImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDgwXC9vcGVuaWQtY29ubmVjdC1zZXJ2ZXItd2ViYXBwXC8iLCJpYXQiOjE0MTI3ODkzNjh9.xkEJ9IMXpH7qybWXomfq9WOOlpGYnrvGPgey9UQ4GLzbQx7JC0XgJK83PmrmBZosvFPCmota7FzI_BtwoZLgAZfFiH6w3WIlxuogoH-TxmYbxEpTHoTsszZppkq9mNgOlArV4jrR9y3TPo4MovsH71dDhS_ck-CvAlJunHlqhs0");
        token1.setAuthenticationHolder(mockedAuthHolder1);
        token1.setScope(ImmutableSet.of("id-token"));
        token1.setTokenType("Bearer");
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");

        AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder2.getId()).thenReturn(2L);
       
        OAuth2RefreshTokenEntity mockRefreshToken2 = mock(OAuth2RefreshTokenEntity.class);
        when(mockRefreshToken2.getId()).thenReturn(1L);
       
        OAuth2AccessTokenEntity token2 = new OAuth2AccessTokenEntity();
        token2.setId(2L);
        token2.setClient(mockedClient2);
        token2.setExpiration(expirationDate2);
        token2.setValue("eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MTI3OTI5NjgsImF1ZCI6WyJjbGllbnQiXSwiaXNzIjoiaHR0cDpcL1wvbG9jYWxob3N0OjgwODBcL29wZW5pZC1jb25uZWN0LXNlcnZlci13ZWJhcHBcLyIsImp0aSI6IjBmZGE5ZmRiLTYyYzItNGIzZS05OTdiLWU0M2VhMDUwMzNiOSIsImlhdCI6MTQxMjc4OTM2OH0.xgaVpRLYE5MzbgXfE0tZt823tjAm6Oh3_kdR1P2I9jRLR6gnTlBQFlYi3Y_0pWNnZSerbAE8Tn6SJHZ9k-curVG0-ByKichV7CNvgsE5X_2wpEaUzejvKf8eZ-BammRY-ie6yxSkAarcUGMvGGOLbkFcz5CtrBpZhfd75J49BIQ");
        token2.setAuthenticationHolder(mockedAuthHolder2);
        token2.setIdToken(token1);
        token2.setRefreshToken(mockRefreshToken2);
        token2.setScope(ImmutableSet.of("openid", "offline_access", "email", "profile"));
        token2.setTokenType("Bearer");
       
    String configJson = "{" +
        "\"" + MITREidDataService.SYSTEMSCOPES + "\": [], " +
        "\"" + MITREidDataService.REFRESHTOKENS + "\": [], " +
                "\"" + MITREidDataService.CLIENTS + "\": [], " +
        "\"" + MITREidDataService.GRANTS + "\": [], " +
        "\"" + MITREidDataService.WHITELISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.BLACKLISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.AUTHENTICATIONHOLDERS + "\": [], " +  
        "\"" + MITREidDataService.ACCESSTOKENS + "\": [" +
     
        "{\"id\":1,\"clientId\":\"mocked_client_1\",\"expiration\":\"2014-09-10T22:49:44.090+0000\","
                + "\"refreshTokenId\":null,\"idTokenId\":null,\"scope\":[\"id-token\"],\"type\":\"Bearer\","
                + "\"authenticationHolderId\":1,\"value\":\"eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MTI3ODk5NjgsInN1YiI6IjkwMzQyLkFTREZKV0ZBIiwiYXRfaGFzaCI6InptTmt1QmNRSmNYQktNaVpFODZqY0EiLCJhdWQiOlsiY2xpZW50Il0sImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDgwXC9vcGVuaWQtY29ubmVjdC1zZXJ2ZXItd2ViYXBwXC8iLCJpYXQiOjE0MTI3ODkzNjh9.xkEJ9IMXpH7qybWXomfq9WOOlpGYnrvGPgey9UQ4GLzbQx7JC0XgJK83PmrmBZosvFPCmota7FzI_BtwoZLgAZfFiH6w3WIlxuogoH-TxmYbxEpTHoTsszZppkq9mNgOlArV4jrR9y3TPo4MovsH71dDhS_ck-CvAlJunHlqhs0\"}," +
        "{\"id\":2,\"clientId\":\"mocked_client_2\",\"expiration\":\"2015-01-07T18:31:50.079+0000\","
                + "\"refreshTokenId\":1,\"idTokenId\":1,\"scope\":[\"openid\",\"offline_access\",\"email\",\"profile\"],\"type\":\"Bearer\","
                + "\"authenticationHolderId\":2,\"value\":\"eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MTI3OTI5NjgsImF1ZCI6WyJjbGllbnQiXSwiaXNzIjoiaHR0cDpcL1wvbG9jYWxob3N0OjgwODBcL29wZW5pZC1jb25uZWN0LXNlcnZlci13ZWJhcHBcLyIsImp0aSI6IjBmZGE5ZmRiLTYyYzItNGIzZS05OTdiLWU0M2VhMDUwMzNiOSIsImlhdCI6MTQxMjc4OTM2OH0.xgaVpRLYE5MzbgXfE0tZt823tjAm6Oh3_kdR1P2I9jRLR6gnTlBQFlYi3Y_0pWNnZSerbAE8Tn6SJHZ9k-curVG0-ByKichV7CNvgsE5X_2wpEaUzejvKf8eZ-BammRY-ie6yxSkAarcUGMvGGOLbkFcz5CtrBpZhfd75J49BIQ\"}" +
       
        "  ]" +
        "}";
   
   
    System.err.println(configJson);
   
    JsonReader reader = new JsonReader(new StringReader(configJson));

        final Map<Long, OAuth2AccessTokenEntity> fakeDb = new HashMap<Long, OAuth2AccessTokenEntity>();
        when(tokenRepository.saveAccessToken(isA(OAuth2AccessTokenEntity.class))).thenAnswer(new Answer<OAuth2AccessTokenEntity>() {
            Long id = 343L;
            @Override
            public OAuth2AccessTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                OAuth2AccessTokenEntity _token = (OAuth2AccessTokenEntity) invocation.getArguments()[0];
                if(_token.getId() == null) {
                    _token.setId(id++);
                }
                fakeDb.put(_token.getId(), _token);
                return _token;
            }
        });
        when(tokenRepository.getAccessTokenById(anyLong())).thenAnswer(new Answer<OAuth2AccessTokenEntity>() {
            @Override
            public OAuth2AccessTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                Long _id = (Long) invocation.getArguments()[0];
                return fakeDb.get(_id);
            }
        });
        when(clientRepository.getClientByClientId(anyString())).thenAnswer(new Answer<ClientDetailsEntity>() {
           @Override
           public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
               String _clientId = (String) invocation.getArguments()[0];
               ClientDetailsEntity _client = mock(ClientDetailsEntity.class);
               when(_client.getClientId()).thenReturn(_clientId);
               return _client;
           }
        });
        when(authHolderRepository.getById(isNull(Long.class))).thenAnswer(new Answer<AuthenticationHolderEntity>() {
           Long id = 234L;
View Full Code Here

   
   
    //several new client fields added in 1.1, perhaps additional tests for these should be added
  @Test
  public void testImportClients() throws IOException {
    ClientDetailsEntity client1 = new ClientDetailsEntity();
    client1.setId(1L);
    client1.setAccessTokenValiditySeconds(3600);
    client1.setClientId("client1");
    client1.setClientSecret("clientsecret1");
    client1.setRedirectUris(ImmutableSet.of("http://foo.com/"));
    client1.setScope(ImmutableSet.of("foo", "bar", "baz", "dolphin"));
    client1.setGrantTypes(ImmutableSet.of("implicit", "authorization_code", "urn:ietf:params:oauth:grant_type:redelegate", "refresh_token"));
    client1.setAllowIntrospection(true);

    ClientDetailsEntity client2 = new ClientDetailsEntity();
    client2.setId(2L);
    client2.setAccessTokenValiditySeconds(3600);
    client2.setClientId("client2");
    client2.setClientSecret("clientsecret2");
    client2.setRedirectUris(ImmutableSet.of("http://bar.baz.com/"));
    client2.setScope(ImmutableSet.of("foo", "dolphin", "electric-wombat"));
    client2.setGrantTypes(ImmutableSet.of("client_credentials", "urn:ietf:params:oauth:grant_type:redelegate"));
    client2.setAllowIntrospection(false);

    String configJson = "{" +
        "\"" + MITREidDataService.SYSTEMSCOPES + "\": [], " +
        "\"" + MITREidDataService.ACCESSTOKENS + "\": [], " +
        "\"" + MITREidDataService.REFRESHTOKENS + "\": [], " +
        "\"" + MITREidDataService.GRANTS + "\": [], " +
        "\"" + MITREidDataService.WHITELISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.BLACKLISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.AUTHENTICATIONHOLDERS + "\": [], " +
        "\"" + MITREidDataService.CLIENTS + "\": [" +
     
        "{\"id\":1,\"accessTokenValiditySeconds\":3600,\"clientId\":\"client1\",\"secret\":\"clientsecret1\","
                + "\"redirectUris\":[\"http://foo.com/\"],"
                + "\"scope\":[\"foo\",\"bar\",\"baz\",\"dolphin\"],"
                + "\"grantTypes\":[\"implicit\",\"authorization_code\",\"urn:ietf:params:oauth:grant_type:redelegate\",\"refresh_token\"],"
                + "\"allowIntrospection\":true}," +
        "{\"id\":2,\"accessTokenValiditySeconds\":3600,\"clientId\":\"client2\",\"secret\":\"clientsecret2\","
                + "\"redirectUris\":[\"http://bar.baz.com/\"],"
                + "\"scope\":[\"foo\",\"dolphin\",\"electric-wombat\"],"
                + "\"grantTypes\":[\"client_credentials\",\"urn:ietf:params:oauth:grant_type:redelegate\"],"
                + "\"allowIntrospection\":false}" +
       
        "  ]" +
        "}"
   
    System.err.println(configJson);
   
    JsonReader reader = new JsonReader(new StringReader(configJson));
   
    dataService.importData(reader);
    verify(clientRepository, times(2)).saveClient(capturedClients.capture());
   
    List<ClientDetailsEntity> savedClients = capturedClients.getAllValues();
   
    assertThat(savedClients.size(), is(2));
       
        assertThat(savedClients.get(0).getAccessTokenValiditySeconds(), equalTo(client1.getAccessTokenValiditySeconds()));
    assertThat(savedClients.get(0).getClientId(), equalTo(client1.getClientId()));
    assertThat(savedClients.get(0).getClientSecret(), equalTo(client1.getClientSecret()));
    assertThat(savedClients.get(0).getRedirectUris(), equalTo(client1.getRedirectUris()));
    assertThat(savedClients.get(0).getScope(), equalTo(client1.getScope()));
    assertThat(savedClients.get(0).getGrantTypes(), equalTo(client1.getGrantTypes()));
    assertThat(savedClients.get(0).isAllowIntrospection(), equalTo(client1.isAllowIntrospection()));

        assertThat(savedClients.get(1).getAccessTokenValiditySeconds(), equalTo(client2.getAccessTokenValiditySeconds()));
    assertThat(savedClients.get(1).getClientId(), equalTo(client2.getClientId()));
    assertThat(savedClients.get(1).getClientSecret(), equalTo(client2.getClientSecret()));
    assertThat(savedClients.get(1).getRedirectUris(), equalTo(client2.getRedirectUris()));
    assertThat(savedClients.get(1).getScope(), equalTo(client2.getScope()));
    assertThat(savedClients.get(1).getGrantTypes(), equalTo(client2.getGrantTypes()));
    assertThat(savedClients.get(1).isAllowIntrospection(), equalTo(client2.isAllowIntrospection()));
  }
View Full Code Here

    @Test
    public void testFixRefreshTokenAuthHolderReferencesOnImport() throws IOException, ParseException {
        String expiration1 = "2014-09-10T22:49:44.090+0000";
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
       
        AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
        holder1.setId(1L);
        holder1.setAuthentication(auth1);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(holder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
       
        AuthenticationHolderEntity holder2 = new AuthenticationHolderEntity();
        holder2.setId(2L);
        holder2.setAuthentication(auth2);
       
        OAuth2RefreshTokenEntity token2 = new OAuth2RefreshTokenEntity();
        token2.setId(2L);
        token2.setClient(mockedClient2);
        token2.setExpiration(expirationDate2);
        token2.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.");
        token2.setAuthenticationHolder(holder2);
       
    String configJson = "{" +
        "\"" + MITREidDataService.SYSTEMSCOPES + "\": [], " +
        "\"" + MITREidDataService.ACCESSTOKENS + "\": [], " +
                "\"" + MITREidDataService.CLIENTS + "\": [], " +
        "\"" + MITREidDataService.GRANTS + "\": [], " +
        "\"" + MITREidDataService.WHITELISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.BLACKLISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.AUTHENTICATIONHOLDERS + "\": [" +
       
        "{\"id\":1,\"authentication\":{\"clientAuthorization\":{\"clientId\":\"client1\",\"redirectUri\":\"http://foo.com\"},"
                + "\"userAuthentication\":null}}," +
        "{\"id\":2,\"authentication\":{\"clientAuthorization\":{\"clientId\":\"client2\",\"redirectUri\":\"http://bar.com\"},"
        + "\"userAuthentication\":null}}" +
        "  ]," +
        "\"" + MITREidDataService.REFRESHTOKENS + "\": [" +
     
        "{\"id\":1,\"clientId\":\"mocked_client_1\",\"expiration\":\"2014-09-10T22:49:44.090+0000\","
                + "\"authenticationHolderId\":1,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.\"}," +
        "{\"id\":2,\"clientId\":\"mocked_client_2\",\"expiration\":\"2015-01-07T18:31:50.079+0000\","
                + "\"authenticationHolderId\":2,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.\"}" +
       
        "  ]" +
        "}";
    System.err.println(configJson);
   
    JsonReader reader = new JsonReader(new StringReader(configJson));
        final Map<Long, OAuth2RefreshTokenEntity> fakeRefreshTokenTable = new HashMap<Long, OAuth2RefreshTokenEntity>();
        final Map<Long, AuthenticationHolderEntity> fakeAuthHolderTable = new HashMap<Long, AuthenticationHolderEntity>();
        when(tokenRepository.saveRefreshToken(isA(OAuth2RefreshTokenEntity.class))).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            Long id = 343L;
            @Override
            public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                OAuth2RefreshTokenEntity _token = (OAuth2RefreshTokenEntity) invocation.getArguments()[0];
                if(_token.getId() == null) {
                    _token.setId(id++);
                }
                fakeRefreshTokenTable.put(_token.getId(), _token);
                return _token;
            }
        });
        when(tokenRepository.getRefreshTokenById(anyLong())).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            @Override
            public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                Long _id = (Long) invocation.getArguments()[0];
                return fakeRefreshTokenTable.get(_id);
            }
        });
        when(clientRepository.getClientByClientId(anyString())).thenAnswer(new Answer<ClientDetailsEntity>() {
           @Override
           public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
               String _clientId = (String) invocation.getArguments()[0];
               ClientDetailsEntity _client = mock(ClientDetailsEntity.class);
               when(_client.getClientId()).thenReturn(_clientId);
               return _client;
           }
        });
        when(authHolderRepository.save(isA(AuthenticationHolderEntity.class))).thenAnswer(new Answer<AuthenticationHolderEntity>() {
            Long id = 356L;
View Full Code Here

    @Test
    public void testExportRefreshTokens() throws IOException, ParseException {
        String expiration1 = "2014-09-10T22:49:44.090+0000";
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder1.getId()).thenReturn(1L);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(mockedAuthHolder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder2.getId()).thenReturn(2L);
       
        OAuth2RefreshTokenEntity token2 = new OAuth2RefreshTokenEntity();
View Full Code Here

    @Test
    public void testImportRefreshTokens() throws IOException, ParseException {
        String expiration1 = "2014-09-10T22:49:44.090+0000";
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder1.getId()).thenReturn(1L);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(mockedAuthHolder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder2.getId()).thenReturn(2L);
       
        OAuth2RefreshTokenEntity token2 = new OAuth2RefreshTokenEntity();
        token2.setId(2L);
        token2.setClient(mockedClient2);
        token2.setExpiration(expirationDate2);
        token2.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.");
        token2.setAuthenticationHolder(mockedAuthHolder2);
       
    String configJson = "{" +
        "\"" + MITREidDataService.SYSTEMSCOPES + "\": [], " +
        "\"" + MITREidDataService.ACCESSTOKENS + "\": [], " +
                "\"" + MITREidDataService.CLIENTS + "\": [], " +
        "\"" + MITREidDataService.GRANTS + "\": [], " +
        "\"" + MITREidDataService.WHITELISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.BLACKLISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.AUTHENTICATIONHOLDERS + "\": [], " +  
        "\"" + MITREidDataService.REFRESHTOKENS + "\": [" +
     
        "{\"id\":1,\"clientId\":\"mocked_client_1\",\"expiration\":\"2014-09-10T22:49:44.090+0000\","
                + "\"authenticationHolderId\":1,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.\"}," +
        "{\"id\":2,\"clientId\":\"mocked_client_2\",\"expiration\":\"2015-01-07T18:31:50.079+0000\","
                + "\"authenticationHolderId\":2,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.\"}" +
       
        "  ]" +
        "}";
     
    System.err.println(configJson);
        JsonReader reader = new JsonReader(new StringReader(configJson));
       
        final Map<Long, OAuth2RefreshTokenEntity> fakeDb = new HashMap<Long, OAuth2RefreshTokenEntity>();
        when(tokenRepository.saveRefreshToken(isA(OAuth2RefreshTokenEntity.class))).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            Long id = 332L;
            @Override
            public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                OAuth2RefreshTokenEntity _token = (OAuth2RefreshTokenEntity) invocation.getArguments()[0];
                if(_token.getId() == null) {
                    _token.setId(id++);
                }
                fakeDb.put(_token.getId(), _token);
                return _token;
            }
        });
        when(tokenRepository.getRefreshTokenById(anyLong())).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            @Override
            public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                Long _id = (Long) invocation.getArguments()[0];
                return fakeDb.get(_id);
            }
        });
        when(clientRepository.getClientByClientId(anyString())).thenAnswer(new Answer<ClientDetailsEntity>() {
           @Override
           public ClientDetailsEntity answer(InvocationOnMock invocation) throws Throwable {
               String _clientId = (String) invocation.getArguments()[0];
               ClientDetailsEntity _client = mock(ClientDetailsEntity.class);
               when(_client.getClientId()).thenReturn(_clientId);
               return _client;
           }
        });
        when(authHolderRepository.getById(isNull(Long.class))).thenAnswer(new Answer<AuthenticationHolderEntity>() {
           Long id = 131L;
View Full Code Here

    @Test
    public void testExportAccessTokens() throws IOException, ParseException {
        String expiration1 = "2014-09-10T22:49:44.090+0000";
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");

        AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder1.getId()).thenReturn(1L);
       
        OAuth2AccessTokenEntity token1 = new OAuth2AccessTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MTI3ODk5NjgsInN1YiI6IjkwMzQyLkFTREZKV0ZBIiwiYXRfaGFzaCI6InptTmt1QmNRSmNYQktNaVpFODZqY0EiLCJhdWQiOlsiY2xpZW50Il0sImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDgwXC9vcGVuaWQtY29ubmVjdC1zZXJ2ZXItd2ViYXBwXC8iLCJpYXQiOjE0MTI3ODkzNjh9.xkEJ9IMXpH7qybWXomfq9WOOlpGYnrvGPgey9UQ4GLzbQx7JC0XgJK83PmrmBZosvFPCmota7FzI_BtwoZLgAZfFiH6w3WIlxuogoH-TxmYbxEpTHoTsszZppkq9mNgOlArV4jrR9y3TPo4MovsH71dDhS_ck-CvAlJunHlqhs0");
        token1.setAuthenticationHolder(mockedAuthHolder1);
        token1.setScope(ImmutableSet.of("id-token"));
        token1.setTokenType("Bearer");
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");

        AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder2.getId()).thenReturn(2L);
       
        OAuth2RefreshTokenEntity mockRefreshToken2 = mock(OAuth2RefreshTokenEntity.class);
View Full Code Here

TOP

Related Classes of org.mitre.oauth2.model.ClientDetailsEntity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.