You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/04/08 14:01:31 UTC
cxf git commit: Prototyping a test for persisting OidcUserSubject
Repository: cxf
Updated Branches:
refs/heads/master 55976e149 -> c01c68ddd
Prototyping a test for persisting OidcUserSubject
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c01c68dd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c01c68dd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c01c68dd
Branch: refs/heads/master
Commit: c01c68ddda10ec6db492b86d818498bec0bf4228
Parents: 55976e1
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Apr 8 13:01:15 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Apr 8 13:01:15 2016 +0100
----------------------------------------------------------------------
rt/rs/security/sso/oidc/pom.xml | 38 ++++++
.../oidc/idp/JPAOidcUserSubjectTest.java | 132 +++++++++++++++++++
.../src/test/resources/META-INF/persistence.xml | 40 ++++++
3 files changed, 210 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/c01c68dd/rt/rs/security/sso/oidc/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/pom.xml b/rt/rs/security/sso/oidc/pom.xml
index b71867d..860f8ab 100644
--- a/rt/rs/security/sso/oidc/pom.xml
+++ b/rt/rs/security/sso/oidc/pom.xml
@@ -30,6 +30,10 @@
<version>3.2.0-SNAPSHOT</version>
<relativePath>../../../../../parent/pom.xml</relativePath>
</parent>
+ <properties>
+ <hibernate.em.version>4.1.0.Final</hibernate.em.version>
+ <hsqldb.version>1.8.0.10</hsqldb.version>
+ </properties>
<dependencies>
<dependency>
<groupId>org.apache.cxf</groupId>
@@ -41,6 +45,40 @@
<artifactId>cxf-rt-rs-security-jose-jaxrs</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.geronimo.specs</groupId>
+ <artifactId>geronimo-jpa_2.0_spec</artifactId>
+ <version>${cxf.geronimo.jpa.version}</version>
+ <scope>provided</scope>
+ <optional>true</optional>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-entitymanager</artifactId>
+ <version>${hibernate.em.version}</version>
+ <scope>test</scope>
+ <!-- Conflicts with Apache Tika dependencies -->
+ <exclusions>
+ <exclusion>
+ <groupId>xml-apis</groupId>
+ <artifactId>xml-apis</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>hsqldb</groupId>
+ <artifactId>hsqldb</artifactId>
+ <version>${hsqldb.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <!--
+ <dependency>
+ <groupId>org.apache.openjpa</groupId>
+ <artifactId>openjpa</artifactId>
+ <version>2.2.0</version>
+ <scope>test</scope>
+ </dependency>
+ -->
<!--test dependencies-->
<dependency>
<groupId>junit</groupId>
http://git-wip-us.apache.org/repos/asf/cxf/blob/c01c68dd/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
new file mode 100644
index 0000000..b2509dc
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
@@ -0,0 +1,132 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.idp;
+
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.util.Collections;
+
+import javax.persistence.EntityManager;
+import javax.persistence.EntityManagerFactory;
+import javax.persistence.Persistence;
+
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
+import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.provider.JPAOAuthDataProvider;
+import org.apache.cxf.rs.security.oidc.common.IdToken;
+
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+public class JPAOidcUserSubjectTest extends Assert {
+ private EntityManagerFactory emFactory;
+ private Connection connection;
+ private JPAOAuthDataProvider provider;
+ @Before
+ public void setUp() throws Exception {
+ try {
+ Class.forName("org.hsqldb.jdbcDriver");
+ connection = DriverManager.getConnection("jdbc:hsqldb:mem:oauth-jpa", "sa", "");
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ fail("Exception during HSQL database init.");
+ }
+ try {
+ emFactory = Persistence.createEntityManagerFactory("testUnitHibernate");
+ EntityManager em = emFactory.createEntityManager();
+ provider = new JPAOAuthDataProvider();
+ provider.setEntityManager(em);
+ provider.setSupportedScopes(Collections.singletonMap("a", "A Scope"));
+ provider.setSupportedScopes(Collections.singletonMap("refreshToken", "RefreshToken"));
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ fail("Exception during JPA EntityManager creation.");
+ }
+ }
+
+
+ @Test
+ public void testAddGetDeleteAccessTokenWithOidcUserSubject() {
+ Client c = addClient("101", "bob");
+
+ AccessTokenRegistration atr = new AccessTokenRegistration();
+ atr.setClient(c);
+ atr.setApprovedScope(Collections.singletonList("a"));
+
+ OidcUserSubject oidcSubject = new OidcUserSubject();
+ oidcSubject.setLogin("bob");
+ IdToken idToken = new IdToken();
+ idToken.setAudience(c.getClientId());
+ oidcSubject.setIdToken(idToken);
+ atr.setSubject(oidcSubject);
+
+ ServerAccessToken at = provider.createAccessToken(atr);
+ ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
+ assertEquals(at.getTokenKey(), at2.getTokenKey());
+
+ OidcUserSubject oidcSubject2 = (OidcUserSubject)at2.getSubject();
+ assertEquals(c.getClientId(), oidcSubject2.getIdToken().getAudience());
+
+ OidcUserSubject oidcSubject3 = new OidcUserSubject();
+ oidcSubject3.setLogin("bob");
+ IdToken idToken2 = new IdToken();
+ idToken2.setAudience(c.getClientId());
+ oidcSubject3.setIdToken(idToken2);
+ atr.setSubject(oidcSubject3);
+
+ ServerAccessToken at3 = provider.createAccessToken(atr);
+ ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey());
+ OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject();
+ assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience());
+ }
+
+ private Client addClient(String clientId, String userLogin) {
+ Client c = new Client();
+ c.setRedirectUris(Collections.singletonList("http://client/redirect"));
+ c.setClientId(clientId);
+ c.setResourceOwnerSubject(new UserSubject(userLogin));
+ provider.setClient(c);
+ return c;
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ try {
+ if (provider != null) {
+ provider.close();
+ }
+ if (emFactory != null) {
+ emFactory.close();
+ }
+ } catch (Throwable ex) {
+ ex.printStackTrace();
+ } finally {
+ try {
+ connection.createStatement().execute("SHUTDOWN");
+ } catch (Throwable ex) {
+ ex.printStackTrace();
+ }
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/c01c68dd/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
new file mode 100644
index 0000000..7d6193b
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
@@ -0,0 +1,40 @@
+<persistence xmlns="http://java.sun.com/xml/ns/persistence"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"
+ version="2.0">
+ <persistence-unit name="testUnitHibernate" transaction-type="RESOURCE_LOCAL">
+ <provider>org.hibernate.ejb.HibernatePersistence</provider>
+ <class>org.apache.cxf.rs.security.oauth2.common.Client</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
+ <exclude-unlisted-classes>true</exclude-unlisted-classes>
+ <properties>
+ <property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/>
+ <property name="hibernate.connection.driver_class" value="org.hsqldb.jdbcDriver"/>
+ <property name="hibernate.dialect" value="org.hibernate.dialect.HSQLDialect"/>
+ <property name="hibernate.hbm2ddl.auto" value="create-drop"/>
+ <property name="hibernate.connection.username" value="sa"/>
+ <property name="hibernate.connection.password" value=""/>
+ <property name="javax.persistence.validation.mode" value="none"/>
+ </properties>
+ </persistence-unit>
+ <persistence-unit name="testUnitOpenJPA" transaction-type="RESOURCE_LOCAL">
+ <provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
+ <class>org.apache.cxf.rs.security.oauth2.common.Client</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
+ <exclude-unlisted-classes>true</exclude-unlisted-classes>
+ <properties>
+ <property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/>
+ <property name="openjpa.ConnectionDriverName" value="org.hsqldb.jdbcDriver"/>
+ <property name="openjpa.jdbc.DBDictionary" value="hsql" />
+ <property name="openjpa.ConnectionUserName" value="sa"/>
+ <property name="openjpa.ConnectionPassword" value=""/>
+ <property name="openjpa.jdbc.SynchronizeMappings" value="buildSchema"/>
+ </properties>
+ </persistence-unit>
+</persistence>
\ No newline at end of file