You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/01/20 16:02:19 UTC
[4/5] cxf git commit: Adding more OAuth 2 filter system tests
Adding more OAuth 2 filter system tests
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2fd41e11
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2fd41e11
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2fd41e11
Branch: refs/heads/master
Commit: 2fd41e1170967f4426a2f9fa1ca722c6e58fc313
Parents: 5916997
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Jan 20 12:24:46 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Jan 20 15:00:59 2016 +0000
----------------------------------------------------------------------
.../oauth2/filters/OAuth2FiltersTest.java | 189 +++++++++++++++++++
.../oauth2/filters/OAuthDataProviderImpl.java | 10 +
2 files changed, 199 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/2fd41e11/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
index 79a708a..e69ab9c 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
@@ -23,6 +23,7 @@ import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import java.util.UUID;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
@@ -89,6 +90,194 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertEquals(returnedBook.getName(), "book");
assertEquals(returnedBook.getId(), 123L);
}
+
+ @org.junit.Test
+ public void testServiceWithFakeToken() throws Exception {
+ URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+ // Now invoke on the service with the faked access token
+ String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ client.header("Authorization", "Bearer " + UUID.randomUUID().toString());
+
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testServiceWithNoToken() throws Exception {
+ URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+ // Now invoke on the service with the faked access token
+ String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testServiceWithEmptyToken() throws Exception {
+ URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+ // Now invoke on the service with the faked access token
+ String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ client.header("Authorization", "Bearer ");
+
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testServiceWithTokenAndScope() throws Exception {
+ URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+ // Get Authorization Code
+ String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+ WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
+ "security", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ String code = getAuthorizationCode(oauthClient, "create_book");
+ assertNotNull(code);
+
+ // Now get the access token
+ oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
+ "this-is-a-secret", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ assertNotNull(accessToken.getTokenKey());
+
+ // Now invoke on the service with the access token
+ String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+ Response response = client.post(new Book("book", 123L));
+ assertEquals(response.getStatus(), 200);
+
+ Book returnedBook = response.readEntity(Book.class);
+ assertEquals(returnedBook.getName(), "book");
+ assertEquals(returnedBook.getId(), 123L);
+ }
+
+ @org.junit.Test
+ public void testServiceWithTokenAndIncorrectScopeVerb() throws Exception {
+ URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+ // Get Authorization Code
+ String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+ WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
+ "security", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ String code = getAuthorizationCode(oauthClient, "read_book");
+ assertNotNull(code);
+
+ // Now get the access token
+ oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
+ "this-is-a-secret", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ assertNotNull(accessToken.getTokenKey());
+
+ // Now invoke on the service with the access token
+ String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+ // We don't have the scope to post a book here
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testServiceWithTokenAndIncorrectScopeURI() throws Exception {
+ URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+ // Get Authorization Code
+ String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+ WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
+ "security", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ String code = getAuthorizationCode(oauthClient, "create_image");
+ assertNotNull(code);
+
+ // Now get the access token
+ oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
+ "this-is-a-secret", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ assertNotNull(accessToken.getTokenKey());
+
+ // Now invoke on the service with the access token
+ String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+ // We don't have the scope to post a book here
+ Response response = client.post(new Book("book", 123L));
+ assertNotEquals(response.getStatus(), 200);
+ }
+
+ @org.junit.Test
+ public void testServiceWithTokenAndMultipleScopes() throws Exception {
+ URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+ // Get Authorization Code
+ String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+ WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
+ "security", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ String code = getAuthorizationCode(oauthClient, "read_book create_image create_book");
+ assertNotNull(code);
+
+ // Now get the access token
+ oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
+ "this-is-a-secret", busFile.toString());
+ // Save the Cookie for the second request...
+ WebClient.getConfig(oauthClient).getRequestContext().put(
+ org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+ ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ assertNotNull(accessToken.getTokenKey());
+
+ // Now invoke on the service with the access token
+ String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+ WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+ Response response = client.post(new Book("book", 123L));
+ assertEquals(response.getStatus(), 200);
+
+ Book returnedBook = response.readEntity(Book.class);
+ assertEquals(returnedBook.getName(), "book");
+ assertEquals(returnedBook.getId(), 123L);
+ }
private List<Object> setupProviders() {
List<Object> providers = new ArrayList<Object>();
http://git-wip-us.apache.org/repos/asf/cxf/blob/2fd41e11/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
index 660d505..0426806 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
@@ -42,6 +42,7 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
client.getRegisteredScopes().add("read_book");
client.getRegisteredScopes().add("create_book");
+ client.getRegisteredScopes().add("create_image");
this.setClient(client);
}
@@ -77,6 +78,15 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
permission.setUris(uris);
permissions.add(permission);
+ } else if ("create_image".equals(requestedScope)) {
+ OAuthPermission permission = new OAuthPermission();
+ permission.setHttpVerbs(Collections.singletonList("POST"));
+ List<String> uris = new ArrayList<>();
+ String partnerAddress = "/secured/bookstore/image/*";
+ uris.add(partnerAddress);
+ permission.setUris(uris);
+
+ permissions.add(permission);
} else {
throw new OAuthServiceException("invalid_scope");
}