Package org.mitre.oauth2.model

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity


    @Test
    public void shouldAssembleExpectedResultForRefreshTokenWithoutExpiry() {

        // given
        OAuth2RefreshTokenEntity refreshToken = refreshToken(null,
                authentication("name", request("clientId", scopes("foo""bar"))));

        UserInfo userInfo = userInfo("sub");

        // when
View Full Code Here


        given(accessToken.getAuthenticationHolder().getAuthentication()).willReturn(authentication);
        return accessToken;
    }

    private OAuth2RefreshTokenEntity refreshToken(Date exp, OAuth2Authentication authentication) {
        OAuth2RefreshTokenEntity refreshToken = mock(OAuth2RefreshTokenEntity.class, RETURNS_DEEP_STUBS);
        given(refreshToken.getExpiration()).willReturn(exp);
        given(refreshToken.getAuthenticationHolder().getAuthentication()).willReturn(authentication);
        return refreshToken;
    }
View Full Code Here

     * @throws IOException
     */
    private void readRefreshTokens(JsonReader reader) throws IOException {
        reader.beginArray();
        while (reader.hasNext()) {
            OAuth2RefreshTokenEntity token = new OAuth2RefreshTokenEntity();
            reader.beginObject();
            Long currentId = null;
            String clientId = null;
            Long authHolderId = null;
            while (reader.hasNext()) {
                switch (reader.peek()) {
                    case END_OBJECT:
                        continue;
                    case NAME:
                        String name = reader.nextName();
                        if (reader.peek() == JsonToken.NULL) {
                            reader.skipValue();
                        } else if (name.equals("id")) {
                            currentId = reader.nextLong();
                        } else if (name.equals("expiration")) {
                            Date date = DateUtil.utcToDate(reader.nextString());
                            token.setExpiration(date);
                        } else if (name.equals("value")) {
                            String value = reader.nextString();
                            try {
                                token.setValue(value);
                            } catch (ParseException ex) {
                                logger.error("Unable to set refresh token value to {}", value, ex);
                            }
                        } else if (name.equals("clientId")) {
                            clientId = reader.nextString();
View Full Code Here

    private void fixObjectReferences() {
        for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
            String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
            ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
            Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
            OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
            refreshToken.setClient(client);
            tokenRepository.saveRefreshToken(refreshToken);
        }
        refreshTokenToClientRefs.clear();
        for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
            Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
            Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
            AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
            Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
            OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
            refreshToken.setAuthenticationHolder(authHolder);
            tokenRepository.saveRefreshToken(refreshToken);
        }
        refreshTokenToAuthHolderRefs.clear();
        for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
            String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
            ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
            Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
            OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
            accessToken.setClient(client);
            tokenRepository.saveAccessToken(accessToken);
        }
        accessTokenToClientRefs.clear();
        for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
            Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
            Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
            AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
            Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
            OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
            accessToken.setAuthenticationHolder(authHolder);
            tokenRepository.saveAccessToken(accessToken);
        }
        accessTokenToAuthHolderRefs.clear();
        for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
            Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
            Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
            OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
            Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
            OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
            accessToken.setRefreshToken(refreshToken);
            tokenRepository.saveAccessToken(accessToken);
        }
View Full Code Here

     * @throws IOException
     */
    private void readRefreshTokens(JsonReader reader) throws IOException {
        reader.beginArray();
        while (reader.hasNext()) {
            OAuth2RefreshTokenEntity token = new OAuth2RefreshTokenEntity();
            reader.beginObject();
            Long currentId = null;
            String clientId = null;
            Long authHolderId = null;
            while (reader.hasNext()) {
                switch (reader.peek()) {
                    case END_OBJECT:
                        continue;
                    case NAME:
                        String name = reader.nextName();
                        if (reader.peek() == JsonToken.NULL) {
                            reader.skipValue();
                        } else if (name.equals("id")) {
                            currentId = reader.nextLong();
                        } else if (name.equals("expiration")) {
                            Date date = DateUtil.utcToDate(reader.nextString());
                            token.setExpiration(date);
                        } else if (name.equals("value")) {
                            String value = reader.nextString();
                            try {
                                token.setValue(value);
                            } catch (ParseException ex) {
                                logger.error("Unable to set refresh token value to {}", value, ex);
                            }
                        } else if (name.equals("clientId")) {
                            clientId = reader.nextString();
View Full Code Here

      token.setAuthenticationHolder(authHolder);

      // attach a refresh token, if this client is allowed to request them and the user gets the offline scope
      if (client.isAllowRefresh() && scopes.contains(SystemScopeService.OFFLINE_ACCESS)) {
        OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken();
        JWTClaimsSet refreshClaims = new JWTClaimsSet();


        // make it expire if necessary
        if (client.getRefreshTokenValiditySeconds() != null) {
          Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L));
          refreshToken.setExpiration(expiration);
          refreshClaims.setExpirationTime(expiration);
        }

        // set a random identifier
        refreshClaims.setJWTID(UUID.randomUUID().toString());

        // TODO: add issuer fields, signature to JWT

        PlainJWT refreshJwt = new PlainJWT(refreshClaims);
        refreshToken.setJwt(refreshJwt);

        //Add the authentication
        refreshToken.setAuthenticationHolder(authHolder);
        refreshToken.setClient(client);



        // save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?)
        OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken);

        token.setRefreshToken(savedRefreshToken);
      }
     
      OAuth2AccessTokenEntity enhancedToken = (OAuth2AccessTokenEntity) tokenEnhancer.enhance(token, authentication);
View Full Code Here

  }

  @Override
  public OAuth2AccessTokenEntity refreshAccessToken(String refreshTokenValue, TokenRequest authRequest) throws AuthenticationException {

    OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenByValue(refreshTokenValue);

    if (refreshToken == null) {
      throw new InvalidTokenException("Invalid refresh token: " + refreshTokenValue);
    }

    ClientDetailsEntity client = refreshToken.getClient();

    AuthenticationHolderEntity authHolder = refreshToken.getAuthenticationHolder();

    //Make sure this client allows access token refreshing
    if (!client.isAllowRefresh()) {
      throw new InvalidClientException("Client does not allow refreshing access token!");
    }

    // clear out any access tokens
    // TODO: make this a configurable option
    tokenRepository.clearAccessTokensForRefreshToken(refreshToken);

    if (refreshToken.isExpired()) {
      tokenRepository.removeRefreshToken(refreshToken);
      throw new InvalidTokenException("Expired refresh token: " + refreshTokenValue);
    }

    // TODO: have the option to recycle the refresh token here, too
    // for now, we just reuse it as long as it's valid, which is the original intent

    OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();

    // get the stored scopes from the authentication holder's authorization request; these are the scopes associated with the refresh token
    Set<String> refreshScopes = new HashSet<String>(refreshToken.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope());
    // remove any of the special system scopes
    refreshScopes = scopeService.removeRestrictedScopes(refreshScopes);

    Set<String> scope = authRequest.getScope() == null ? new HashSet<String>() : new HashSet<String>(authRequest.getScope());
    // remove any of the special system scopes
View Full Code Here

  /**
   * Get a refresh token by its token value.
   */
  @Override
  public OAuth2RefreshTokenEntity getRefreshToken(String refreshTokenValue) throws AuthenticationException {
    OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenByValue(refreshTokenValue);
    if (refreshToken == null) {
      throw new InvalidTokenException("Refresh token for value " + refreshTokenValue + " was not found");
    }
    else {
      return refreshToken;
View Full Code Here

        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder1.getId()).thenReturn(1L);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(mockedAuthHolder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder2.getId()).thenReturn(2L);
       
        OAuth2RefreshTokenEntity token2 = new OAuth2RefreshTokenEntity();
        token2.setId(2L);
        token2.setClient(mockedClient2);
        token2.setExpiration(expirationDate2);
        token2.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.");
        token2.setAuthenticationHolder(mockedAuthHolder2);
       
        Set<OAuth2RefreshTokenEntity> allRefreshTokens = ImmutableSet.of(token1, token2);
       
    Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
    Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
    Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
    Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
    Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
    Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
    Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(allRefreshTokens);
    Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
       
    // do the data export
    StringWriter stringWriter = new StringWriter();
    JsonWriter writer = new JsonWriter(stringWriter);
    writer.beginObject();
    dataService.exportData(writer);
    writer.endObject();
    writer.close();
   
    // parse the output as a JSON object for testing
    JsonElement elem = new JsonParser().parse(stringWriter.toString());
    JsonObject root = elem.getAsJsonObject();
   
    // make sure the root is there
    assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
   
    JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
   
    // make sure all the root elements are there
    assertThat(config.has(MITREidDataService.CLIENTS), is(true));
    assertThat(config.has(MITREidDataService.GRANTS), is(true));
        assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
        assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
    assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
    assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
    assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
    assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
   
    // make sure the root elements are all arrays
    assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
    assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
        assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
        assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
    assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
    assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
    assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
    assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));

   
    // check our refresh token list (this test)
    JsonArray refreshTokens = config.get(MITREidDataService.REFRESHTOKENS).getAsJsonArray();

    assertThat(refreshTokens.size(), is(2));
    // check for both of our refresh tokens in turn
    Set<OAuth2RefreshTokenEntity> checked = new HashSet<OAuth2RefreshTokenEntity>();
    for (JsonElement e : refreshTokens) {
      assertThat(e.isJsonObject(), is(true));
      JsonObject token = e.getAsJsonObject();

      OAuth2RefreshTokenEntity compare = null;
      if (token.get("id").getAsLong() == token1.getId()) {
        compare = token1;
      } else if (token.get("id").getAsLong() == token2.getId()) {
        compare = token2;
      }
     
      if (compare == null) {
        fail("Could not find matching id: " + token.get("id").getAsString());
      } else {
        assertThat(token.get("id").getAsLong(), equalTo(compare.getId()));
        assertThat(token.get("clientId").getAsString(), equalTo(compare.getClient().getClientId()));
                assertThat(token.get("expiration").getAsString(), equalTo(DateUtil.toUTCString(compare.getExpiration())));
        assertThat(token.get("value").getAsString(), equalTo(compare.getValue()));
        assertThat(token.get("authenticationHolderId").getAsLong(), equalTo(compare.getAuthenticationHolder().getId()));
        checked.add(compare);
      }
    }
    // make sure all of our refresh tokens were found
    assertThat(checked.containsAll(allRefreshTokens), is(true))
View Full Code Here

        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder1.getId()).thenReturn(1L);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(mockedAuthHolder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
        when(mockedAuthHolder2.getId()).thenReturn(2L);
       
        OAuth2RefreshTokenEntity token2 = new OAuth2RefreshTokenEntity();
        token2.setId(2L);
        token2.setClient(mockedClient2);
        token2.setExpiration(expirationDate2);
        token2.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.");
        token2.setAuthenticationHolder(mockedAuthHolder2);
       
    String configJson = "{" +
        "\"" + MITREidDataService.SYSTEMSCOPES + "\": [], " +
        "\"" + MITREidDataService.ACCESSTOKENS + "\": [], " +
                "\"" + MITREidDataService.CLIENTS + "\": [], " +
        "\"" + MITREidDataService.GRANTS + "\": [], " +
        "\"" + MITREidDataService.WHITELISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.BLACKLISTEDSITES + "\": [], " +
        "\"" + MITREidDataService.AUTHENTICATIONHOLDERS + "\": [], " +  
        "\"" + MITREidDataService.REFRESHTOKENS + "\": [" +
     
        "{\"id\":1,\"clientId\":\"mocked_client_1\",\"expiration\":\"2014-09-10T22:49:44.090+0000\","
                + "\"authenticationHolderId\":1,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.\"}," +
        "{\"id\":2,\"clientId\":\"mocked_client_2\",\"expiration\":\"2015-01-07T18:31:50.079+0000\","
                + "\"authenticationHolderId\":2,\"value\":\"eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.\"}" +
       
        "  ]" +
        "}";
     
    System.err.println(configJson);
        JsonReader reader = new JsonReader(new StringReader(configJson));
       
        final Map<Long, OAuth2RefreshTokenEntity> fakeDb = new HashMap<Long, OAuth2RefreshTokenEntity>();
        when(tokenRepository.saveRefreshToken(isA(OAuth2RefreshTokenEntity.class))).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            Long id = 332L;
            @Override
            public OAuth2RefreshTokenEntity answer(InvocationOnMock invocation) throws Throwable {
                OAuth2RefreshTokenEntity _token = (OAuth2RefreshTokenEntity) invocation.getArguments()[0];
                if(_token.getId() == null) {
                    _token.setId(id++);
                }
                fakeDb.put(_token.getId(), _token);
                return _token;
            }
        });
        when(tokenRepository.getRefreshTokenById(anyLong())).thenAnswer(new Answer<OAuth2RefreshTokenEntity>() {
            @Override
View Full Code Here

TOP

Related Classes of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.