You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/01/15 17:49:06 UTC
[1/2] cxf-fediz git commit: Test adding + deleting more clients
Repository: cxf-fediz
Updated Branches:
refs/heads/master 0829b2eae -> 89ac63f2b
Test adding + deleting more clients
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d38313f6
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d38313f6
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d38313f6
Branch: refs/heads/master
Commit: d38313f6b8dee37d70310b80549f64bb3c8856bb
Parents: 0829b2e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Jan 15 14:05:03 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Jan 15 14:05:03 2016 +0000
----------------------------------------------------------------------
.../cxf/fediz/systests/oidc/OIDCTest.java | 75 ++++++++++++++------
1 file changed, 53 insertions(+), 22 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d38313f6/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
----------------------------------------------------------------------
diff --git a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
index 8b4b0ec..060fff2 100644
--- a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
+++ b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
@@ -207,7 +207,7 @@ public class OIDCTest {
return "fedizhelloworld";
}
- // Runs as BeforeClass: Login to the OIDC Clients page + create a new client
+ // Runs as BeforeClass: Login to the OIDC Clients page + create two new clients
private static void loginToClientsPage(String rpPort, String idpPort) throws Exception {
String url = "https://localhost:" + rpPort + "/fediz-oidc/clients";
String user = "alice";
@@ -220,28 +220,43 @@ public class OIDCTest {
Assert.assertTrue(bodyTextContent.contains("Registered Clients"));
// Now try to register a new client
+ String registeredClientPage =
+ registerNewClient(webClient, url, "new-client", "http://127.0.0.1");
+ Assert.assertTrue(registeredClientPage.contains("Registered Clients"));
+ Assert.assertTrue(registeredClientPage.contains("new-client"));
+ Assert.assertTrue(registeredClientPage.contains("http://127.0.0.1"));
+
+ // Try to register another new client
+ registeredClientPage =
+ registerNewClient(webClient, url, "new-client2", "http://127.0.1.1");
+ Assert.assertTrue(registeredClientPage.contains("Registered Clients"));
+ Assert.assertTrue(registeredClientPage.contains("new-client"));
+ Assert.assertTrue(registeredClientPage.contains("http://127.0.0.1"));
+ Assert.assertTrue(registeredClientPage.contains("new-client2"));
+ Assert.assertTrue(registeredClientPage.contains("http://127.0.1.1"));
+
+ webClient.close();
+ }
+
+ private static String registerNewClient(WebClient webClient, String url,
+ String clientName, String redirectURI) throws Exception {
HtmlPage registerPage = webClient.getPage(url + "/register");
final HtmlForm form = registerPage.getForms().get(0);
// Set new client values
final HtmlTextInput clientNameInput = form.getInputByName("client_name");
- clientNameInput.setValueAttribute("new-client");
+ clientNameInput.setValueAttribute(clientName);
final HtmlTextInput redirectURIInput = form.getInputByName("client_redirectURI");
- redirectURIInput.setValueAttribute("http://127.0.0.1");
+ redirectURIInput.setValueAttribute(redirectURI);
final HtmlButton button = form.getButtonByName("submit_button");
final HtmlPage rpPage = button.click();
-
- String registeredClientPage = rpPage.getBody().getTextContent();
- Assert.assertTrue(registeredClientPage.contains("Registered Clients"));
- Assert.assertTrue(registeredClientPage.contains("new-client"));
- Assert.assertTrue(registeredClientPage.contains("http://127.0.0.1"));
- webClient.close();
+ return rpPage.getBody().getTextContent();
}
- // Runs as AfterClass: Login to the OIDC Clients page + delete the created client!
+ // Runs as AfterClass: Login to the OIDC Clients page + delete the created clients!
private static void loginToClientsPageAndDeleteClient(String rpPort, String idpPort) throws Exception {
String url = "https://localhost:" + rpPort + "/fediz-oidc/clients";
String user = "alice";
@@ -257,8 +272,27 @@ public class OIDCTest {
HtmlTable table = loginPage.getHtmlElementById("registered_clients");
String clientId = table.getCellAt(1, 1).asText().trim();
Assert.assertNotNull(clientId);
+ String clientId2 = table.getCellAt(2, 1).asText().trim();
+ Assert.assertNotNull(clientId2);
// Now go to the specific client page
+ HtmlPage registeredClientsPage = deleteClient(webClient, url, clientId);
+
+ // Check we have one more registered clients
+ table = registeredClientsPage.getHtmlElementById("registered_clients");
+ Assert.assertEquals(2, table.getRowCount());
+
+ // Now delete the other client
+ registeredClientsPage = deleteClient(webClient, url, clientId2);
+
+ // Check we have no more registered clients
+ table = registeredClientsPage.getHtmlElementById("registered_clients");
+ Assert.assertEquals(1, table.getRowCount());
+
+ webClient.close();
+ }
+
+ private static HtmlPage deleteClient(WebClient webClient, String url, String clientId) throws Exception {
HtmlPage clientPage = webClient.getPage(url + "/" + clientId);
final HtmlForm deleteForm = clientPage.getFormByName("deleteForm");
@@ -266,18 +300,12 @@ public class OIDCTest {
// Delete the client
final HtmlButton button = deleteForm.getButtonByName("submit_delete_button");
- final HtmlPage registeredClientsPage = button.click();
-
- // Check we have no more registered clients
- table = registeredClientsPage.getHtmlElementById("registered_clients");
- Assert.assertEquals(1, table.getRowCount());
-
- webClient.close();
+ return button.click();
}
- // Test that we managed to create a new Client ok
+ // Test that we managed to create the clients ok
@org.junit.Test
- public void testClientCreated() throws Exception {
+ public void testCreatedClients() throws Exception {
String url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/clients";
String user = "alice";
String password = "ecila";
@@ -290,6 +318,11 @@ public class OIDCTest {
// Get the new client identifier
HtmlTable table = loginPage.getHtmlElementById("registered_clients");
+
+ // 2 clients
+ Assert.assertEquals(table.getRows().size(), 3);
+
+ // Now check the first client
String clientId = table.getCellAt(1, 1).asText().trim();
Assert.assertNotNull(clientId);
@@ -301,9 +334,7 @@ public class OIDCTest {
// Check the redirect URI
String redirectURI = table.getCellAt(1, 3).asText().trim();
- Assert.assertEquals("http://127.0.0.1", redirectURI);
-
- Assert.assertEquals(table.getRows().size(), 2);
+ Assert.assertEquals("http://127.0.1.1", redirectURI);
// Now check the specific client page
HtmlPage clientPage = webClient.getPage(url + "/" + clientId);
[2/2] cxf-fediz git commit: Adding more OIDC tests
Posted by co...@apache.org.
Adding more OIDC tests
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/89ac63f2
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/89ac63f2
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/89ac63f2
Branch: refs/heads/master
Commit: 89ac63f2be05298c3bfdbd46cae313b70461e826
Parents: d38313f
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Jan 15 16:48:11 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Jan 15 16:48:11 2016 +0000
----------------------------------------------------------------------
.../cxf/fediz/systests/oidc/OIDCTest.java | 152 +++++++++++++++----
1 file changed, 123 insertions(+), 29 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/89ac63f2/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
----------------------------------------------------------------------
diff --git a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
index 060fff2..0114a65 100644
--- a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
+++ b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
@@ -22,11 +22,16 @@ package org.apache.cxf.fediz.systests.oidc;
import java.io.File;
import java.io.IOException;
+import java.net.URL;
import java.text.SimpleDateFormat;
+import java.util.ArrayList;
import java.util.Date;
import java.util.Locale;
import java.util.TimeZone;
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.UnexpectedPage;
import com.gargoylesoftware.htmlunit.WebClient;
import com.gargoylesoftware.htmlunit.WebRequest;
import com.gargoylesoftware.htmlunit.WebResponse;
@@ -38,6 +43,7 @@ import com.gargoylesoftware.htmlunit.html.HtmlPage;
import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;
import com.gargoylesoftware.htmlunit.html.HtmlTable;
import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
+import com.gargoylesoftware.htmlunit.util.NameValuePair;
import com.gargoylesoftware.htmlunit.util.WebConnectionWrapper;
import org.apache.catalina.Context;
@@ -62,6 +68,9 @@ public class OIDCTest {
private static Tomcat idpServer;
private static Tomcat rpServer;
+ private static String storedClientId;
+ private static String storedClient2Id;
+
@BeforeClass
public static void init() throws Exception {
System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog");
@@ -220,25 +229,38 @@ public class OIDCTest {
Assert.assertTrue(bodyTextContent.contains("Registered Clients"));
// Now try to register a new client
- String registeredClientPage =
+ HtmlPage registeredClientPage =
registerNewClient(webClient, url, "new-client", "http://127.0.0.1");
- Assert.assertTrue(registeredClientPage.contains("Registered Clients"));
- Assert.assertTrue(registeredClientPage.contains("new-client"));
- Assert.assertTrue(registeredClientPage.contains("http://127.0.0.1"));
+ String registeredClientPageBody = registeredClientPage.getBody().getTextContent();
+ Assert.assertTrue(registeredClientPageBody.contains("Registered Clients"));
+ Assert.assertTrue(registeredClientPageBody.contains("new-client"));
+ Assert.assertTrue(registeredClientPageBody.contains("http://127.0.0.1"));
+
+ HtmlTable table = registeredClientPage.getHtmlElementById("registered_clients");
+ storedClientId = table.getCellAt(1, 1).asText().trim();
+ Assert.assertNotNull(storedClientId);
// Try to register another new client
registeredClientPage =
registerNewClient(webClient, url, "new-client2", "http://127.0.1.1");
- Assert.assertTrue(registeredClientPage.contains("Registered Clients"));
- Assert.assertTrue(registeredClientPage.contains("new-client"));
- Assert.assertTrue(registeredClientPage.contains("http://127.0.0.1"));
- Assert.assertTrue(registeredClientPage.contains("new-client2"));
- Assert.assertTrue(registeredClientPage.contains("http://127.0.1.1"));
+ registeredClientPageBody = registeredClientPage.getBody().getTextContent();
+ Assert.assertTrue(registeredClientPageBody.contains("Registered Clients"));
+ Assert.assertTrue(registeredClientPageBody.contains("new-client"));
+ Assert.assertTrue(registeredClientPageBody.contains("http://127.0.0.1"));
+ Assert.assertTrue(registeredClientPageBody.contains("new-client2"));
+ Assert.assertTrue(registeredClientPageBody.contains("http://127.0.1.1"));
+
+ table = registeredClientPage.getHtmlElementById("registered_clients");
+ storedClient2Id = table.getCellAt(2, 1).asText().trim();
+ if (storedClient2Id.equals(storedClientId)) {
+ storedClient2Id = table.getCellAt(1, 1).asText().trim();
+ }
+ Assert.assertNotNull(storedClient2Id);
webClient.close();
}
- private static String registerNewClient(WebClient webClient, String url,
+ private static HtmlPage registerNewClient(WebClient webClient, String url,
String clientName, String redirectURI) throws Exception {
HtmlPage registerPage = webClient.getPage(url + "/register");
@@ -251,9 +273,7 @@ public class OIDCTest {
redirectURIInput.setValueAttribute(redirectURI);
final HtmlButton button = form.getButtonByName("submit_button");
- final HtmlPage rpPage = button.click();
-
- return rpPage.getBody().getTextContent();
+ return button.click();
}
// Runs as AfterClass: Login to the OIDC Clients page + delete the created clients!
@@ -334,7 +354,8 @@ public class OIDCTest {
// Check the redirect URI
String redirectURI = table.getCellAt(1, 3).asText().trim();
- Assert.assertEquals("http://127.0.1.1", redirectURI);
+ Assert.assertTrue("http://127.0.0.1".equals(redirectURI)
+ || "http://127.0.1.1".equals(redirectURI));
// Now check the specific client page
HtmlPage clientPage = webClient.getPage(url + "/" + clientId);
@@ -344,22 +365,46 @@ public class OIDCTest {
webClient.close();
}
- /*
@org.junit.Test
- public void testTemp() throws Exception {
- String url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/clients";
- System.out.println("URL: " + url);
- Thread.sleep(60 * 1000);
+ public void testOIDCLoginForClient1() throws Exception {
+
+ String url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/idp/authorize?";
+ url += "client_id=" + storedClientId;
+ url += "&response_type=code";
+ url += "&scope=openid";
+ String user = "alice";
+ String password = "ecila";
+
+ // Login to the OIDC token endpoint + get the authorization code
+ WebClient webClient = setupWebClient(user, password, getIdpHttpsPort());
+ String authorizationCode = loginAndGetAuthorizationCode(url, webClient);
+ Assert.assertNotNull(authorizationCode);
+
+ // Now use the code to get an IdToken
+
+ url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/oauth2/token";
+ WebRequest request = new WebRequest(new URL(url), HttpMethod.POST);
+
+ request.setRequestParameters(new ArrayList<NameValuePair>());
+ request.getRequestParameters().add(new NameValuePair("client_id", storedClientId));
+ request.getRequestParameters().add(new NameValuePair("grant_type", "authorization_code"));
+ request.getRequestParameters().add(new NameValuePair("code", authorizationCode));
+
+ webClient.getOptions().setJavaScriptEnabled(false);
+ final UnexpectedPage responsePage = webClient.getPage(request);
+ String response = responsePage.getWebResponse().getContentAsString();
+
+ // Check the IdToken
+ Assert.assertTrue(response.contains("id_token"));
+
+ webClient.close();
}
- */
@org.junit.Test
- @org.junit.Ignore
- public void testOIDCLogin() throws Exception {
+ public void testOIDCLoginForClient2() throws Exception {
String url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/idp/authorize?";
- url += "client_id=xSzMefvgOwLflQ";
- url += "&redirect_uri=http://www.blah.apache.org";
+ url += "client_id=" + storedClient2Id;
url += "&response_type=code";
url += "&scope=openid";
String user = "alice";
@@ -367,13 +412,62 @@ public class OIDCTest {
// Login to the OIDC token endpoint + get the authorization code
WebClient webClient = setupWebClient(user, password, getIdpHttpsPort());
- String authorizationCode =
- loginAndGetAuthorizationCode(url, webClient);
+ String authorizationCode = loginAndGetAuthorizationCode(url, webClient);
Assert.assertNotNull(authorizationCode);
+ // Now use the code to get an IdToken
+
+ url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/oauth2/token";
+ WebRequest request = new WebRequest(new URL(url), HttpMethod.POST);
+
+ request.setRequestParameters(new ArrayList<NameValuePair>());
+ request.getRequestParameters().add(new NameValuePair("client_id", storedClient2Id));
+ request.getRequestParameters().add(new NameValuePair("grant_type", "authorization_code"));
+ request.getRequestParameters().add(new NameValuePair("code", authorizationCode));
+
+ webClient.getOptions().setJavaScriptEnabled(false);
+ final UnexpectedPage responsePage = webClient.getPage(request);
+ String response = responsePage.getWebResponse().getContentAsString();
+
+ // Check the IdToken
+ Assert.assertTrue(response.contains("id_token"));
+
webClient.close();
}
+ @org.junit.Test
+ public void testUsingCodeForOtherClient() throws Exception {
+ // Get the code for the first client
+ String url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/idp/authorize?";
+ url += "client_id=" + storedClientId;
+ url += "&response_type=code";
+ url += "&scope=openid";
+ String user = "alice";
+ String password = "ecila";
+
+ // Login to the OIDC token endpoint + get the authorization code
+ WebClient webClient = setupWebClient(user, password, getIdpHttpsPort());
+ String authorizationCode = loginAndGetAuthorizationCode(url, webClient);
+ Assert.assertNotNull(authorizationCode);
+
+ // Now try and get a token for the second client
+ url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/oauth2/token";
+ WebRequest request = new WebRequest(new URL(url), HttpMethod.POST);
+
+ request.setRequestParameters(new ArrayList<NameValuePair>());
+ request.getRequestParameters().add(new NameValuePair("client_id", storedClient2Id));
+ request.getRequestParameters().add(new NameValuePair("grant_type", "authorization_code"));
+ request.getRequestParameters().add(new NameValuePair("code", authorizationCode));
+
+ webClient.getOptions().setJavaScriptEnabled(false);
+ try {
+ webClient.getPage(request);
+ Assert.fail();
+ } catch (FailingHttpStatusCodeException ex) {
+ // expected
+ }
+ }
+
private static WebClient setupWebClient(String user, String password, String idpPort) {
final WebClient webClient = new WebClient();
webClient.getOptions().setUseInsecureSSL(true);
@@ -419,7 +513,6 @@ public class OIDCTest {
webClient.getOptions().setJavaScriptEnabled(true);
Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
- // Test the SAML Version here
DomNodeList<DomElement> results = idpPage.getElementsByTagName("input");
String wresult = null;
@@ -435,7 +528,8 @@ public class OIDCTest {
final HtmlForm form = idpPage.getFormByName("signinresponseform");
final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
- // Bit of a hack here to get the authorization code
+ // Bit of a hack here to get the authorization code - necessary as HtmlUnit tries
+ // to follow the server redirect to "http://127.0.0.1" - the redirect URI
CodeWebConnectionWrapper wrapper = new CodeWebConnectionWrapper(webClient);
try {
@@ -459,7 +553,7 @@ public class OIDCTest {
public WebResponse getResponse(WebRequest request) throws IOException {
WebResponse response = super.getResponse(request);
String location = response.getResponseHeaderValue("Location");
- if (location.contains("code")) {
+ if (location != null && location.contains("code")) {
code = getSubstring(location, "code");
}