You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/01/28 16:58:39 UTC
cxf git commit: Adding a scope test
Repository: cxf
Updated Branches:
refs/heads/master 746914a50 -> fadc6492c
Adding a scope test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fadc6492
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fadc6492
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fadc6492
Branch: refs/heads/master
Commit: fadc6492c9b6181533ed56d67aaabd8a141c7be2
Parents: 746914a
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jan 28 15:38:27 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Jan 28 15:38:27 2016 +0000
----------------------------------------------------------------------
.../security/oauth2/common/OAuth2TestUtils.java | 22 ++++++++++++++-
.../oauth2/grants/AuthorizationGrantTest.java | 29 ++++++++++++++++++++
2 files changed, 50 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/fadc6492/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index ff8862f..aac8b5b 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -44,6 +44,7 @@ import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.builder.SAML1Constants;
+import org.junit.Assert;
/**
* Some test utils for the OAuth 2.0 tests
@@ -63,6 +64,11 @@ public final class OAuth2TestUtils {
}
public static String getAuthorizationCode(WebClient client, String scope, String consumerId) {
+ return getAuthorizationCode(client, scope, consumerId, null, null);
+ }
+
+ public static String getAuthorizationCode(WebClient client, String scope, String consumerId,
+ String nonce, String state) {
// Make initial authorization request
client.type("application/json").accept("application/json");
client.query("client_id", consumerId);
@@ -71,6 +77,13 @@ public final class OAuth2TestUtils {
if (scope != null) {
client.query("scope", scope);
}
+ if (nonce != null) {
+ client.query("nonce", nonce);
+ }
+ if (state != null) {
+ client.query("state", state);
+ }
+
client.path("authorize/");
Response response = client.get();
@@ -87,10 +100,17 @@ public final class OAuth2TestUtils {
if (authzData.getProposedScope() != null) {
form.param("scope", authzData.getProposedScope());
}
+ if (authzData.getState() != null) {
+ form.param("state", authzData.getState());
+ }
form.param("oauthDecision", "allow");
response = client.post(form);
- String location = response.getHeaderString("Location");
+ String location = response.getHeaderString("Location");
+ if (state != null) {
+ Assert.assertTrue(location.contains("state=" + state));
+ }
+
return getSubstring(location, "code");
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/fadc6492/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
index acdc61b..b39a80e 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
@@ -184,6 +184,35 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
}
@org.junit.Test
+ public void testAuthorizationCodeGrantWithState() throws Exception {
+ URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
+
+ String address = "https://localhost:" + PORT + "/services/";
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(client).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ // Get Authorization Code
+ String state = "1234566789";
+ String code = OAuth2TestUtils.getAuthorizationCode(client, "read_balance", "consumer-id",
+ null, state);
+ assertNotNull(code);
+
+ // Now get the access token
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(client).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
+ assertNotNull(accessToken.getTokenKey());
+ }
+
+ @org.junit.Test
public void testAuthorizationCodeGrantWithAudience() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");