List of usage examples for org.springframework.mock.web MockHttpServletRequest setMethod
public void setMethod(@Nullable String method)
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testServiceApplicationOAuthAccessProvider() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();//from w w w. ja v a 2 s .c o m User user = createUser("testServiceApplicationOAuthAccessProvider", "John", "Doe", "John Doe", "john.doe@fenixedu.org"); ServiceApplication serviceApplication = new ServiceApplication(); serviceApplication.setAuthor(user1); serviceApplication.addScopes(serviceApplicationOAuthAccessProvider); serviceApplication.addScopes(loggedScope); req.addParameter("client_id", serviceApplication.getExternalId()); req.addParameter("client_secret", serviceApplication.getSecret()); req.addParameter("grant_type", "client_credentials"); req.setMethod("POST"); req.setPathInfo("/access_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final String serviceAccessToken = new JsonParser().parse(tokenJson).getAsJsonObject() .get("access_token").getAsString(); String result = target("oauth").path("provider").path(serviceApplication.getExternalId()) .path(user.getUsername()).queryParam("access_token", serviceAccessToken).request() .post(null, String.class); Authenticate.unmock(); final String userAccessToken = new JsonParser().parse(result).getAsJsonObject().get("access_token") .getAsString(); result = target("bennu-oauth").path("test").path("test-scope-with-logged-user") .queryParam("access_token", userAccessToken).request().get(String.class); Assert.assertEquals("this is an endpoint with TEST scope: testServiceApplicationOAuthAccessProvider", result); Authenticate.mock(user); JsonArray authorizations = target("bennu-oauth").path("authorizations").request().get(JsonElement.class) .getAsJsonArray(); Assert.assertEquals("no authorizations because it is a service application", 0, authorizations.size()); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } finally { serviceApplication.removeScope(serviceApplicationOAuthAccessProvider); serviceApplication.removeScope(loggedScope); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void getAccessTokenWrongClientIdHeaderTest() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();//from w w w. j a v a2 s.c om ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setCode("fenixedu"); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = "fenixedu:fenixedu"; req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REDIRECT_URI, externalApp.getRedirectUrl()); req.addParameter(CODE, applicationUserSession.getCode()); req.addParameter(GRANT_TYPE, GRANT_TYPE_AUTHORIZATION_CODE); req.setMethod("POST"); req.setPathInfo("/access_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status BAD_REQUEST", 400, res.getStatus()); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void refreshAccessTokenWrongClientHeaderRefreshTest() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();/* w w w . j av a 2s. c o m*/ ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setTokens(generateToken(applicationUserSession), generateToken(applicationUserSession)); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = "fenixedu:fenixedu"; req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REFRESH_TOKEN, applicationUserSession.getRefreshToken()); req.addParameter(GRANT_TYPE, GRANT_TYPE_REFRESH_TOKEN); req.setMethod("POST"); req.setPathInfo("/refresh_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status BAD_REQUEST", 400, res.getStatus()); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void getAccessTokenHeaderTest() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();/*from ww w . ja v a 2s. co m*/ ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setCode("fenixedu"); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = externalApp.getExternalId() + ":" + externalApp.getSecret(); req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REDIRECT_URI, externalApp.getRedirectUrl()); req.addParameter(CODE, applicationUserSession.getCode()); req.addParameter(GRANT_TYPE, GRANT_TYPE_AUTHORIZATION_CODE); req.setMethod("POST"); req.setPathInfo("/access_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have access_token field", token.has(ACCESS_TOKEN) && token.get(ACCESS_TOKEN).getAsString().length() > 0); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void refreshAccessTokenHeaderTest() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();//from ww w. ja va2 s .c om ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setTokens(generateToken(applicationUserSession), generateToken(applicationUserSession)); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = externalApp.getExternalId() + ":" + externalApp.getSecret(); req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REFRESH_TOKEN, applicationUserSession.getRefreshToken()); req.addParameter(GRANT_TYPE, GRANT_TYPE_REFRESH_TOKEN); req.setMethod("POST"); req.setPathInfo("/refresh_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have access_token field", token.has(ACCESS_TOKEN) && token.get(ACCESS_TOKEN).getAsString().length() > 0); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testTokenTypeWrongAccessTokenInHeader() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();//from w w w . j a v a2 s. co m ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); externalApp.addScopes(externalApplicationScope); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setCode("fenixedu"); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = externalApp.getExternalId() + ":" + externalApp.getSecret(); req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REDIRECT_URI, externalApp.getRedirectUrl()); req.addParameter(CODE, applicationUserSession.getCode()); req.addParameter(GRANT_TYPE, GRANT_TYPE_AUTHORIZATION_CODE); req.setMethod("POST"); req.setPathInfo("/access_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have" + ACCESS_TOKEN + " field", token.has(ACCESS_TOKEN) && token.get(ACCESS_TOKEN).getAsString().length() > 0); Assert.assertTrue("response must be a valid json and have " + TOKEN_TYPE + " field", token.has(TOKEN_TYPE) && token.get(TOKEN_TYPE).getAsString().length() > 0); String accessToken = token.get(ACCESS_TOKEN).getAsString() + "fenixedu"; String tokenType = token.get(TOKEN_TYPE).getAsString(); Response result = target("bennu-oauth").path("test").path("test-scope").request() .header(HttpHeaders.AUTHORIZATION, tokenType + " " + accessToken).get(Response.class); Assert.assertEquals("request must fail", 401, result.getStatus()); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testWrongTokenTypeInHeader() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();/*from ww w . j a v a2 s .c o m*/ ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); externalApp.addScopes(externalApplicationScope); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setCode("fenixedu"); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = externalApp.getExternalId() + ":" + externalApp.getSecret(); req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REDIRECT_URI, externalApp.getRedirectUrl()); req.addParameter(CODE, applicationUserSession.getCode()); req.addParameter(GRANT_TYPE, GRANT_TYPE_AUTHORIZATION_CODE); req.setMethod("POST"); req.setPathInfo("/access_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have" + ACCESS_TOKEN + " field", token.has(ACCESS_TOKEN) && token.get(ACCESS_TOKEN).getAsString().length() > 0); Assert.assertTrue("response must be a valid json and have " + TOKEN_TYPE + " field", token.has(TOKEN_TYPE) && token.get(TOKEN_TYPE).getAsString().length() > 0); String accessToken = token.get(ACCESS_TOKEN).getAsString(); String tokenType = token.get(TOKEN_TYPE).getAsString() + "fenixedu"; Response result = target("bennu-oauth").path("test").path("test-scope").request() .header(HttpHeaders.AUTHORIZATION, tokenType + " " + accessToken).get(Response.class); Assert.assertEquals("request must fail", 401, result.getStatus()); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testTokenTypeInHeader() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();/* w w w . j a v a2s . c om*/ ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); externalApp.addScopes(externalApplicationScope); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setCode("fenixedu"); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = externalApp.getExternalId() + ":" + externalApp.getSecret(); req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REDIRECT_URI, externalApp.getRedirectUrl()); req.addParameter(CODE, applicationUserSession.getCode()); req.addParameter(GRANT_TYPE, GRANT_TYPE_AUTHORIZATION_CODE); req.setMethod("POST"); req.setPathInfo("/access_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have" + ACCESS_TOKEN + " field", token.has(ACCESS_TOKEN) && token.get(ACCESS_TOKEN).getAsString().length() > 0); Assert.assertTrue("response must be a valid json and have " + TOKEN_TYPE + " field", token.has(TOKEN_TYPE) && token.get(TOKEN_TYPE).getAsString().length() > 0); String accessToken = token.get(ACCESS_TOKEN).getAsString(); String tokenType = token.get(TOKEN_TYPE).getAsString(); String result = target("bennu-oauth").path("test").path("test-scope").request() .header(HttpHeaders.AUTHORIZATION, tokenType + " " + accessToken).get(String.class); Assert.assertEquals("this is an endpoint with TEST scope user1", result); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testTokenTypeRefreshAccessTokenInHeader() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();/* w w w . ja v a 2 s.c om*/ ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); externalApp.addScopes(externalApplicationScope); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setTokens(generateToken(applicationUserSession), generateToken(applicationUserSession)); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user1, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = externalApp.getExternalId() + ":" + externalApp.getSecret(); req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REFRESH_TOKEN, applicationUserSession.getRefreshToken()); req.addParameter(GRANT_TYPE, GRANT_TYPE_REFRESH_TOKEN); req.setMethod("POST"); req.setPathInfo("/refresh_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have access_token field", token.has(ACCESS_TOKEN) && token.get(ACCESS_TOKEN).getAsString().length() > 0); Assert.assertTrue("response must be a valid json and have " + TOKEN_TYPE + " field", token.has(TOKEN_TYPE) && token.get(TOKEN_TYPE).getAsString().length() > 0); String accessToken = token.get(ACCESS_TOKEN).getAsString(); String tokenType = token.get(TOKEN_TYPE).getAsString(); String result = target("bennu-oauth").path("test").path("test-scope").request() .header(HttpHeaders.AUTHORIZATION, tokenType + " " + accessToken).get(String.class); Assert.assertEquals("this is an endpoint with TEST scope user1", result); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testOAuthServletAccessTokenRequestWithLoginExpired() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); Authenticate.unmock();/*from w ww.j a va 2s . c o m*/ User user = createUser("testOAuthServletAccessTokenRequestWithLoginExpired", "John", "Doe", "John Doe", "john.doe@fenixedu.org"); user.closeLoginPeriod(); ExternalApplication externalApp = new ExternalApplication(); externalApp.setAuthor(user1); externalApp.setName("Test External Application"); externalApp.setDescription("This is a test external application"); externalApp.setRedirectUrl("http://test.url/callback"); ApplicationUserSession applicationUserSession = new ApplicationUserSession(); applicationUserSession.setCode("fenixedu"); ApplicationUserAuthorization applicationUserAuthorization = new ApplicationUserAuthorization(user, externalApp); applicationUserAuthorization.addSession(applicationUserSession); externalApp.addApplicationUserAuthorization(applicationUserAuthorization); String clientSecret = externalApp.getExternalId() + ":" + externalApp.getSecret(); req.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(clientSecret.getBytes(StandardCharsets.UTF_8))); req.addParameter(REDIRECT_URI, externalApp.getRedirectUrl()); req.addParameter(CODE, applicationUserSession.getCode()); req.addParameter(GRANT_TYPE, GRANT_TYPE_AUTHORIZATION_CODE); req.setMethod("POST"); req.setPathInfo("/access_token"); try { oauthServlet.service(req, res); Assert.assertEquals("must return bad request", Status.BAD_REQUEST.getStatusCode(), res.getStatus()); user.openLoginPeriod(); res = new MockHttpServletResponse(); oauthServlet.service(req, res); final JsonObject token = new JsonParser().parse(res.getContentAsString()).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have access_token field", token.has("access_token") && token.get("access_token").getAsString().length() > 0); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }