You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/01/20 17:21:24 UTC
[5/9] cxf git commit: Reshuffle of the tests to share some common code
http://git-wip-us.apache.org/repos/asf/cxf/blob/0cc09139/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
index e69ab9c..f79ba49 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
@@ -20,20 +20,14 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
import java.net.URL;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
import java.util.UUID;
-import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import org.apache.cxf.jaxrs.client.WebClient;
-import org.apache.cxf.jaxrs.provider.json.JSONProvider;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
-import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider;
import org.apache.cxf.systest.jaxrs.security.Book;
+import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.junit.BeforeClass;
@@ -59,28 +53,30 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
- WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
- "security", busFile.toString());
+ WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- String code = getAuthorizationCode(oauthClient);
+ String code = OAuth2TestUtils.getAuthorizationCode(oauthClient);
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
client.header("Authorization", "Bearer " + accessToken.getTokenKey());
Response response = client.post(new Book("book", 123L));
@@ -97,7 +93,8 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the faked access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
client.header("Authorization", "Bearer " + UUID.randomUUID().toString());
Response response = client.post(new Book("book", 123L));
@@ -110,7 +107,8 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the faked access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
Response response = client.post(new Book("book", 123L));
assertNotEquals(response.getStatus(), 200);
@@ -122,7 +120,8 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Now invoke on the service with the faked access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
client.header("Authorization", "Bearer ");
Response response = client.post(new Book("book", 123L));
@@ -136,28 +135,30 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
- WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
- "security", busFile.toString());
+ WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- String code = getAuthorizationCode(oauthClient, "create_book");
+ String code = OAuth2TestUtils.getAuthorizationCode(oauthClient, "create_book");
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
client.header("Authorization", "Bearer " + accessToken.getTokenKey());
Response response = client.post(new Book("book", 123L));
@@ -175,28 +176,30 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
- WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
- "security", busFile.toString());
+ WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- String code = getAuthorizationCode(oauthClient, "read_book");
+ String code = OAuth2TestUtils.getAuthorizationCode(oauthClient, "read_book");
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
client.header("Authorization", "Bearer " + accessToken.getTokenKey());
// We don't have the scope to post a book here
@@ -211,28 +214,30 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
- WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
- "security", busFile.toString());
+ WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- String code = getAuthorizationCode(oauthClient, "create_image");
+ String code = OAuth2TestUtils.getAuthorizationCode(oauthClient, "create_image");
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
client.header("Authorization", "Bearer " + accessToken.getTokenKey());
// We don't have the scope to post a book here
@@ -247,28 +252,31 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
// Get Authorization Code
String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
- WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",
- "security", busFile.toString());
+ WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- String code = getAuthorizationCode(oauthClient, "read_book create_image create_book");
+ String code = OAuth2TestUtils.getAuthorizationCode(oauthClient,
+ "read_book create_image create_book");
assertNotNull(code);
// Now get the access token
- oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(oauthClient).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
assertNotNull(accessToken.getTokenKey());
// Now invoke on the service with the access token
String address = "https://localhost:" + PORT + "/secured/bookstore/books";
- WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ busFile.toString());
client.header("Authorization", "Bearer " + accessToken.getTokenKey());
Response response = client.post(new Book("book", 123L));
@@ -279,75 +287,4 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
assertEquals(returnedBook.getId(), 123L);
}
- private List<Object> setupProviders() {
- List<Object> providers = new ArrayList<Object>();
- JSONProvider<OAuthAuthorizationData> jsonP = new JSONProvider<OAuthAuthorizationData>();
- jsonP.setNamespaceMap(Collections.singletonMap("http://org.apache.cxf.rs.security.oauth",
- "ns2"));
- providers.add(jsonP);
- OAuthJSONProvider oauthProvider = new OAuthJSONProvider();
- providers.add(oauthProvider);
-
- return providers;
- }
-
- private String getAuthorizationCode(WebClient client) {
- return getAuthorizationCode(client, null);
- }
-
- private String getAuthorizationCode(WebClient client, String scope) {
- // Make initial authorization request
- client.type("application/json").accept("application/json");
- client.query("client_id", "consumer-id");
- client.query("redirect_uri", "http://www.blah.apache.org");
- client.query("response_type", "code");
- if (scope != null) {
- client.query("scope", scope);
- }
- client.path("authorize/");
- Response response = client.get();
-
- OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
-
- // Now call "decision" to get the authorization code grant
- client.path("decision");
- client.type("application/x-www-form-urlencoded");
-
- Form form = new Form();
- form.param("session_authenticity_token", authzData.getAuthenticityToken());
- form.param("client_id", authzData.getClientId());
- form.param("redirect_uri", authzData.getRedirectUri());
- if (authzData.getProposedScope() != null) {
- form.param("scope", authzData.getProposedScope());
- }
- form.param("oauthDecision", "allow");
-
- response = client.post(form);
- String location = response.getHeaderString("Location");
- return getSubstring(location, "code");
- }
-
- private ClientAccessToken getAccessTokenWithAuthorizationCode(WebClient client, String code) {
- client.type("application/x-www-form-urlencoded").accept("application/json");
- client.path("token");
-
- Form form = new Form();
- form.param("grant_type", "authorization_code");
- form.param("code", code);
- form.param("client_id", "consumer-id");
- Response response = client.post(form);
-
- return response.readEntity(ClientAccessToken.class);
- }
-
- private String getSubstring(String parentString, String substringName) {
- String foundString =
- parentString.substring(parentString.indexOf(substringName + "=") + (substringName + "=").length());
- int ampersandIndex = foundString.indexOf('&');
- if (ampersandIndex < 1) {
- ampersandIndex = foundString.length();
- }
- return foundString.substring(0, ampersandIndex);
- }
-
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0cc09139/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
index 5cf1b0a..e397d10 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
@@ -20,9 +20,16 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
import java.net.URL;
+<<<<<<< HEAD
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+=======
+import java.util.Calendar;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Properties;
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
import javax.ws.rs.client.ResponseProcessingException;
import javax.ws.rs.core.Form;
@@ -30,17 +37,22 @@ import javax.ws.rs.core.Response;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.jaxrs.client.WebClient;
+<<<<<<< HEAD
import org.apache.cxf.jaxrs.provider.json.JSONProvider;
+=======
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
+import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
+import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
+import org.apache.cxf.rs.security.jose.jws.JwsUtils;
+import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
-import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider;
-import org.apache.cxf.systest.jaxrs.security.oauth2.SamlCallbackHandler;
+import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
+import org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-import org.apache.wss4j.common.saml.builder.SAML1Constants;
import org.apache.wss4j.common.saml.builder.SAML2Constants;
import org.junit.BeforeClass;
@@ -65,7 +77,8 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -92,7 +105,8 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -115,7 +129,8 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -142,7 +157,8 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -167,17 +183,19 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client);
+ String code = OAuth2TestUtils.getAuthorizationCode(client);
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -210,22 +228,25 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client, "read_balance");
+ String code = OAuth2TestUtils.getAuthorizationCode(client, "read_balance");
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
@@ -258,22 +279,25 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client, "read_balance");
+ String code = OAuth2TestUtils.getAuthorizationCode(client, "read_balance");
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
@@ -311,17 +335,19 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client);
+ String code = OAuth2TestUtils.getAuthorizationCode(client);
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -359,8 +385,9 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret",
+ busFile.toString());
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -396,8 +423,9 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret",
+ busFile.toString());
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -454,10 +482,11 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Create the SAML Assertion
- String assertion = createToken(address + "token", false, true);
+ String assertion = OAuth2TestUtils.createToken(address + "token", false, true);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -482,10 +511,11 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Create the SAML Assertion
- String assertion = createToken(address + "token2", true, true);
+ String assertion = OAuth2TestUtils.createToken(address + "token2", true, true);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -510,10 +540,11 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Create the SAML Assertion
- String assertion = createToken(address + "token", true, false);
+ String assertion = OAuth2TestUtils.createToken(address + "token", true, false);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -538,7 +569,8 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Create the SAML Assertion
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
@@ -582,7 +614,8 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Create the SAML Assertion
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
@@ -629,10 +662,45 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Create the JWT Token
+<<<<<<< HEAD
String token = createToken("DoubleItSTSIssuer", "consumer-id",
+=======
+ String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id",
+ "https://localhost:" + PORT + "/services/token", true, false);
+
+ // Get Access Token
+ client.type("application/x-www-form-urlencoded").accept("application/json");
+ client.path("token");
+
+ Form form = new Form();
+ form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
+ form.param("assertion", token);
+ form.param("client_id", "consumer-id");
+ Response response = client.post(form);
+
+ try {
+ response.readEntity(ClientAccessToken.class);
+ fail("Failure expected on an unsigned token");
+ } catch (Exception ex) {
+ // expected
+ }
+ }
+
+ @org.junit.Test
+ public void testJWTNoIssuer() throws Exception {
+ URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
+
+ String address = "https://localhost:" + PORT + "/services/";
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
+
+ // Create the JWT Token
+ String token = OAuth2TestUtils.createToken(null, "consumer-id",
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
"https://localhost:" + PORT + "/services/token", true, true);
// Get Access Token
@@ -645,12 +713,138 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
form.param("client_id", "consumer-id");
Response response = client.post(form);
+<<<<<<< HEAD
ClientAccessToken accessToken = response.readEntity(ClientAccessToken.class);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
+=======
+ try {
+ response.readEntity(ClientAccessToken.class);
+ fail("Failure expected on no issuer");
+ } catch (Exception ex) {
+ // expected
+ }
+ }
+
+ @org.junit.Test
+ public void testJWTNoExpiry() throws Exception {
+ URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
+
+ String address = "https://localhost:" + PORT + "/services/";
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
+
+ // Create the JWT Token
+ String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id",
+ "https://localhost:" + PORT + "/services/token", false, true);
+
+ // Get Access Token
+ client.type("application/x-www-form-urlencoded").accept("application/json");
+ client.path("token");
+
+ Form form = new Form();
+ form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
+ form.param("assertion", token);
+ form.param("client_id", "consumer-id");
+ Response response = client.post(form);
+
+ try {
+ response.readEntity(ClientAccessToken.class);
+ fail("Failure expected on no expiry");
+ } catch (Exception ex) {
+ // expected
+ }
+ }
+
+ @org.junit.Test
+ public void testJWTBadAudienceRestriction() throws Exception {
+ URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
+
+ String address = "https://localhost:" + PORT + "/services/";
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
+
+ // Create the JWT Token
+ String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id",
+ "https://localhost:" + PORT + "/services/badtoken", true, true);
+
+ // Get Access Token
+ client.type("application/x-www-form-urlencoded").accept("application/json");
+ client.path("token");
+
+ Form form = new Form();
+ form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
+ form.param("assertion", token);
+ form.param("client_id", "consumer-id");
+ Response response = client.post(form);
+
+ try {
+ response.readEntity(ClientAccessToken.class);
+ fail("Failure expected on a bad audience restriction");
+ } catch (Exception ex) {
+ // expected
+ }
+ }
+
+ @org.junit.Test
+ public void testJWTUnauthenticatedSignature() throws Exception {
+ URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
+
+ String address = "https://localhost:" + PORT + "/services/";
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
+
+ // Create the JWT Token
+ // Create the JWT Token
+ JwtClaims claims = new JwtClaims();
+ claims.setSubject("consumer-id");
+ claims.setIssuer("DoubleItSTSIssuer");
+ claims.setIssuedAt(new Date().getTime() / 1000L);
+ Calendar cal = Calendar.getInstance();
+ cal.add(Calendar.SECOND, 60);
+ claims.setExpiryTime(cal.getTimeInMillis() / 1000L);
+ String audience = "https://localhost:" + PORT + "/services/token";
+ claims.setAudiences(Collections.singletonList(audience));
+
+ // Sign the JWT Token
+ Properties signingProperties = new Properties();
+ signingProperties.put("rs.security.keystore.type", "jks");
+ signingProperties.put("rs.security.keystore.password", "security");
+ signingProperties.put("rs.security.keystore.alias", "smallkey");
+ signingProperties.put("rs.security.keystore.file",
+ "org/apache/cxf/systest/jaxrs/security/certs/smallkeysize.jks");
+ signingProperties.put("rs.security.key.password", "security");
+ signingProperties.put("rs.security.signature.algorithm", "RS256");
+
+ JwsHeaders jwsHeaders = new JwsHeaders(signingProperties);
+ JwsJwtCompactProducer jws = new JwsJwtCompactProducer(jwsHeaders, claims);
+
+ JwsSignatureProvider sigProvider =
+ JwsUtils.loadSignatureProvider(signingProperties, jwsHeaders);
+
+ String token = jws.signWith(sigProvider);
+
+ // Get Access Token
+ client.type("application/x-www-form-urlencoded").accept("application/json");
+ client.path("token");
+
+ Form form = new Form();
+ form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
+ form.param("assertion", token);
+ form.param("client_id", "consumer-id");
+ Response response = client.post(form);
+
+ try {
+ response.readEntity(ClientAccessToken.class);
+ fail("Failure expected on an unauthenticated token");
+ } catch (Exception ex) {
+ // expected
+ }
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
}
*/
+<<<<<<< HEAD
private List<Object> setupProviders() {
List<Object> providers = new ArrayList<Object>();
JSONProvider<OAuthAuthorizationData> jsonP = new JSONProvider<OAuthAuthorizationData>();
@@ -791,4 +985,6 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
}
return foundString.substring(0, ampersandIndex);
}
+=======
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0cc09139/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
index 6f5573b..fda1294 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
@@ -20,25 +20,26 @@
package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
import java.net.URL;
+<<<<<<< HEAD
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+=======
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.jaxrs.client.WebClient;
+<<<<<<< HEAD
import org.apache.cxf.jaxrs.provider.json.JSONProvider;
+=======
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider;
-import org.apache.cxf.systest.jaxrs.security.oauth2.SamlCallbackHandler;
+import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.saml.SAMLCallback;
-import org.apache.wss4j.common.saml.SAMLUtil;
-import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.junit.BeforeClass;
/**
@@ -58,22 +59,25 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client);
+ String code = OAuth2TestUtils.getAuthorizationCode(client);
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
}
@@ -82,22 +86,25 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client);
+ String code = OAuth2TestUtils.getAuthorizationCode(client);
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
@@ -120,22 +127,25 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client, "read_balance");
+ String code = OAuth2TestUtils.getAuthorizationCode(client, "read_balance");
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
@@ -159,22 +169,25 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
- String code = getAuthorizationCode(client, "read_balance");
+ String code = OAuth2TestUtils.getAuthorizationCode(client, "read_balance");
assertNotNull(code);
// Now get the access token
- client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
+ client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
- ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
+ ClientAccessToken accessToken =
+ OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
}
@@ -183,7 +196,8 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
@@ -211,8 +225,12 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
response = client.post(form);
String location = response.getHeaderString("Location");
+<<<<<<< HEAD
String accessToken = location.substring(location.indexOf("access_token=") + "access_token=".length());
accessToken = accessToken.substring(0, accessToken.indexOf('&'));
+=======
+ String accessToken = OAuth2TestUtils.getSubstring(location, "access_token");
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
assertNotNull(accessToken);
}
@@ -221,8 +239,9 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret",
+ busFile.toString());
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -244,8 +263,9 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "consumer-id",
- "this-is-a-secret", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "consumer-id", "this-is-a-secret",
+ busFile.toString());
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -265,10 +285,11 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
String address = "https://localhost:" + PORT + "/services/";
- WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
// Create the SAML Assertion
- String assertion = createToken(address + "token");
+ String assertion = OAuth2TestUtils.createToken(address + "token");
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
@@ -285,6 +306,7 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
assertNotNull(accessToken.getRefreshToken());
}
+<<<<<<< HEAD
private String getAuthorizationCode(WebClient client) {
return getAuthorizationCode(client, null);
}
@@ -366,6 +388,33 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
}
return samlAssertion.assertionToString();
+=======
+ @org.junit.Test
+ public void testJWTAuthorizationGrant() throws Exception {
+ URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
+
+ String address = "https://localhost:" + PORT + "/services/";
+ WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
+ "alice", "security", busFile.toString());
+
+ // Create the JWT Token
+ String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id",
+ "https://localhost:" + PORT + "/services/token", true, true);
+
+ // Get Access Token
+ client.type("application/x-www-form-urlencoded").accept("application/json");
+ client.path("token");
+
+ Form form = new Form();
+ form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
+ form.param("assertion", token);
+ form.param("client_id", "consumer-id");
+ Response response = client.post(form);
+
+ ClientAccessToken accessToken = response.readEntity(ClientAccessToken.class);
+ assertNotNull(accessToken.getTokenKey());
+ assertNotNull(accessToken.getRefreshToken());
+>>>>>>> 49b2b81... Reshuffle of the tests to share some common code
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0cc09139/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BasicAuthFilter.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BasicAuthFilter.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BasicAuthFilter.java
deleted file mode 100644
index db8fe4f..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BasicAuthFilter.java
+++ /dev/null
@@ -1,117 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
-
-import java.io.IOException;
-import java.security.Principal;
-
-import javax.security.auth.callback.CallbackHandler;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.core.Response;
-
-import org.w3c.dom.Document;
-
-import org.apache.cxf.configuration.security.AuthorizationPolicy;
-import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.jaxrs.utils.ExceptionUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.security.SecurityContext;
-import org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.UsernameToken;
-import org.apache.wss4j.dom.validate.Credential;
-import org.apache.wss4j.dom.validate.UsernameTokenValidator;
-
-/**
- * A simple filter to validate a Basic Auth username/password via a CallbackHandler
- */
-public class BasicAuthFilter implements ContainerRequestFilter {
-
- private CallbackHandler callbackHandler;
-
- public void filter(ContainerRequestContext requestContext) throws IOException {
- Message message = JAXRSUtils.getCurrentMessage();
- AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
-
- if (policy == null || policy.getUserName() == null || policy.getPassword() == null) {
- requestContext.abortWith(
- Response.status(401).header("WWW-Authenticate", "Basic realm=\"IdP\"").build());
- }
-
- try {
- UsernameToken token = convertPolicyToToken(policy);
- Credential credential = new Credential();
- credential.setUsernametoken(token);
-
- RequestData data = new RequestData();
- data.setMsgContext(message);
- data.setCallbackHandler(callbackHandler);
- UsernameTokenValidator validator = new UsernameTokenValidator();
- credential = validator.validate(credential, data);
-
- // Create a Principal/SecurityContext
- Principal p = null;
- if (credential != null && credential.getPrincipal() != null) {
- p = credential.getPrincipal();
- } else {
- p = new WSUsernameTokenPrincipalImpl(policy.getUserName(), false);
- ((WSUsernameTokenPrincipalImpl)p).setPassword(policy.getPassword());
- }
- message.put(SecurityContext.class, createSecurityContext(p));
- } catch (Exception ex) {
- throw ExceptionUtils.toInternalServerErrorException(ex, null);
- }
- }
-
- protected UsernameToken convertPolicyToToken(AuthorizationPolicy policy)
- throws Exception {
-
- Document doc = DOMUtils.createDocument();
- UsernameToken token = new UsernameToken(false, doc,
- WSConstants.PASSWORD_TEXT);
- token.setName(policy.getUserName());
- token.setPassword(policy.getPassword());
- return token;
- }
-
- protected SecurityContext createSecurityContext(final Principal p) {
- return new SecurityContext() {
-
- public Principal getUserPrincipal() {
- return p;
- }
-
- public boolean isUserInRole(String arg0) {
- return false;
- }
- };
- }
-
- public CallbackHandler getCallbackHandler() {
- return callbackHandler;
- }
-
- public void setCallbackHandler(CallbackHandler callbackHandler) {
- this.callbackHandler = callbackHandler;
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf/blob/0cc09139/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
new file mode 100644
index 0000000..88b7e33
--- /dev/null
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/BookServerOAuth2.java
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.TestUtil;
+
+public class BookServerOAuth2 extends AbstractBusTestServerBase {
+ public static final String PORT = TestUtil.getPortNumber("jaxrs-oauth2");
+ private static final URL SERVER_CONFIG_FILE =
+ BookServerOAuth2.class.getResource("server.xml");
+
+ protected void run() {
+ SpringBusFactory bf = new SpringBusFactory();
+ Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
+ BusFactory.setDefaultBus(springBus);
+ setBus(springBus);
+
+ try {
+ new BookServerOAuth2();
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public static void main(String[] args) {
+ try {
+ BookServerOAuth2 s = new BookServerOAuth2();
+ s.start();
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ System.exit(-1);
+ } finally {
+ System.out.println("done!");
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0cc09139/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CallbackHandlerImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CallbackHandlerImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CallbackHandlerImpl.java
deleted file mode 100644
index 12c8658..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CallbackHandlerImpl.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
-
-import java.io.IOException;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import org.apache.wss4j.common.ext.WSPasswordCallback;
-
-public class CallbackHandlerImpl implements CallbackHandler {
-
- public void handle(Callback[] callbacks) throws IOException,
- UnsupportedCallbackException {
- for (int i = 0; i < callbacks.length; i++) {
- if (callbacks[i] instanceof WSPasswordCallback) { // CXF
- WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
- if ("alice".equals(pc.getIdentifier())) {
- pc.setPassword("security");
- break;
- } else if ("bob".equals(pc.getIdentifier())) {
- pc.setPassword("security");
- break;
- } else if ("consumer-id".equals(pc.getIdentifier())) {
- pc.setPassword("this-is-a-secret");
- break;
- } else if ("service".equals(pc.getIdentifier())) {
- pc.setPassword("service-pass");
- break;
- }
- }
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf/blob/0cc09139/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CustomGrantHandler.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CustomGrantHandler.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CustomGrantHandler.java
new file mode 100644
index 0000000..7941452
--- /dev/null
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/CustomGrantHandler.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
+
+import java.util.Collections;
+import java.util.List;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
+import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth2.provider.AccessTokenGrantHandler;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+
+public class CustomGrantHandler implements AccessTokenGrantHandler {
+
+ private OAuthDataProvider dataProvider;
+
+ public void setDataProvider(OAuthDataProvider dataProvider) {
+ this.dataProvider = dataProvider;
+ }
+
+ public List<String> getSupportedGrantTypes() {
+ return Collections.singletonList("custom_grant");
+ }
+
+ public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
+ throws OAuthServiceException {
+ AccessTokenRegistration atr = new AccessTokenRegistration();
+ atr.setClient(client);
+ return dataProvider.createAccessToken(atr);
+ }
+}