List of usage examples for org.springframework.mock.web MockHttpServletResponse getContentAsString
public String getContentAsString() throws UnsupportedEncodingException
From source file:org.jasig.cas.support.oauth.web.OAuth20ProfileControllerTests.java
@Test public void verifyOKWithScopes() throws Exception { final TicketGrantingTicket ticketGrantingTicket = mock(TicketGrantingTicket.class); when(ticketGrantingTicket.isExpired()).thenReturn(false); final Service service = new SimpleWebApplicationServiceImpl("id"); final Set<String> scopes = new HashSet<>(); scopes.add(NAME);//from w w w. j av a2 s .c o m scopes.add(NAME2); final AccessToken accessToken = mock(AccessToken.class); when(accessToken.getId()).thenReturn(AT_ID); when(accessToken.getType()).thenReturn(TokenType.ONLINE); when(accessToken.getService()).thenReturn(service); when(accessToken.getTicketGrantingTicket()).thenReturn(ticketGrantingTicket); when(accessToken.getScopes()).thenReturn(scopes); final CentralOAuthService centralOAuthService = mock(CentralOAuthService.class); when(centralOAuthService.getToken(AT_ID, AccessToken.class)).thenReturn(accessToken); final ServiceTicket serviceTicket = mock(ServiceTicket.class); when(serviceTicket.getId()).thenReturn(ID); when(serviceTicket.getService()).thenReturn(service); final Principal principal = mock(Principal.class); when(principal.getId()).thenReturn(ID); when(principal.getAttributes()).thenReturn(new HashMap<String, Object>()); final Authentication authentication = mock(Authentication.class); when(authentication.getPrincipal()).thenReturn(principal); final Assertion assertion = mock(Assertion.class); when(assertion.getPrimaryAuthentication()).thenReturn(authentication); final CentralAuthenticationService centralAuthenticationService = mock(CentralAuthenticationService.class); when(centralAuthenticationService.grantServiceTicket(accessToken.getTicketGrantingTicket().getId(), accessToken.getService())).thenReturn(serviceTicket); when(centralAuthenticationService.validateServiceTicket(serviceTicket.getId(), serviceTicket.getService())) .thenReturn(assertion); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL); mockRequest.setParameter(OAuthConstants.ACCESS_TOKEN, AT_ID); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController(); oauth20WrapperController.setCentralOAuthService(centralOAuthService); oauth20WrapperController.setCentralAuthenticationService(centralAuthenticationService); oauth20WrapperController.afterPropertiesSet(); final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertNull(modelAndView); assertEquals(HttpStatus.SC_OK, mockResponse.getStatus()); assertEquals(CONTENT_TYPE, mockResponse.getContentType()); final String expected = "{\"id\":\"" + ID + "\",\"scope\":[\"" + NAME + "\",\"" + NAME2 + "\"]}"; final ObjectMapper mapper = new ObjectMapper(); final JsonNode expectedObj = mapper.readTree(expected); final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString()); assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText()); assertEquals(expectedObj.get("scope").size(), receivedObj.get("scope").size()); for (final JsonNode expectedNode : expectedObj.get("scope")) { Boolean found = Boolean.FALSE; for (final JsonNode receivedNode : receivedObj.get("scope")) { if (receivedNode.asText().equals(expectedNode.asText())) { found = Boolean.TRUE; break; } } assertEquals(found, Boolean.TRUE); } }
From source file:org.jasig.cas.support.oauth.web.OAuth20TokenAuthorizationCodeControllerTests.java
@Test public void verifyOfflineOK() throws Exception { final ServiceTicket serviceTicket = mock(ServiceTicket.class); when(serviceTicket.getCreationTime()).thenReturn(new Date().getTime()); final AuthorizationCode authorizationCode = mock(AuthorizationCode.class); when(authorizationCode.getTicket()).thenReturn(serviceTicket); when(authorizationCode.getType()).thenReturn(TokenType.OFFLINE); final OAuthRegisteredService service = getRegisteredService(REDIRECT_URI, CLIENT_SECRET); final RefreshToken refreshToken = mock(RefreshToken.class); when(refreshToken.getId()).thenReturn(RT_ID); final AccessToken accessToken = mock(AccessToken.class); when(accessToken.getId()).thenReturn(AT_ID); when(accessToken.getTicket()).thenReturn(serviceTicket); final CentralOAuthService centralOAuthService = mock(CentralOAuthService.class); when(centralOAuthService.getToken(CODE, AuthorizationCode.class)).thenReturn(authorizationCode); when(centralOAuthService.getRegisteredService(CLIENT_ID)).thenReturn(service); when(centralOAuthService.grantOfflineRefreshToken(authorizationCode, REDIRECT_URI)) .thenReturn(refreshToken);/*from w w w . jav a 2s . c o m*/ when(centralOAuthService.grantOfflineAccessToken(refreshToken)).thenReturn(accessToken); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("POST", CONTEXT + OAuthConstants.TOKEN_URL); mockRequest.setParameter(OAuthConstants.GRANT_TYPE, OAuthConstants.AUTHORIZATION_CODE); mockRequest.setParameter(OAuthConstants.CODE, CODE); mockRequest.setParameter(OAuthConstants.CLIENT_ID, CLIENT_ID); mockRequest.setParameter(OAuthConstants.CLIENT_SECRET, CLIENT_SECRET); mockRequest.setParameter(OAuthConstants.REDIRECT_URI, REDIRECT_URI); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController(); oauth20WrapperController.setCentralOAuthService(centralOAuthService); oauth20WrapperController.setTimeout(TIMEOUT); oauth20WrapperController.afterPropertiesSet(); final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertNull(modelAndView); assertEquals(HttpStatus.SC_OK, mockResponse.getStatus()); assertEquals("application/json", mockResponse.getContentType()); final ObjectMapper mapper = new ObjectMapper(); final String expected = "{\"token_type\":\"" + OAuthConstants.BEARER_TOKEN + "\",\"expires_in\":\"" + TIMEOUT + "\",\"refresh_token\":\"" + RT_ID + "\",\"access_token\":\"" + AT_ID + "\"}"; final JsonNode expectedObj = mapper.readTree(expected); final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString()); assertEquals(expectedObj.get("token_type").asText(), receivedObj.get("token_type").asText()); assertTrue("received expires_at greater or equal to expected", expectedObj.get("expires_in").asInt() >= receivedObj.get("expires_in").asInt()); assertEquals(expectedObj.get("refresh_token").asText(), receivedObj.get("refresh_token").asText()); assertEquals(expectedObj.get("access_token").asText(), receivedObj.get("access_token").asText()); }
From source file:org.jasig.cas.support.oauth.web.OAuth20ProfileControllerTests.java
@Test public void verifyOKWithOfflineToken() throws Exception { final Service service = new SimpleWebApplicationServiceImpl("id"); final ServiceTicket serviceTicket = mock(ServiceTicket.class); when(serviceTicket.getId()).thenReturn(ID); when(serviceTicket.getService()).thenReturn(service); final AccessToken accessToken = mock(AccessToken.class); when(accessToken.getId()).thenReturn(AT_ID); when(accessToken.getType()).thenReturn(TokenType.OFFLINE); when(accessToken.getServiceTicket()).thenReturn(serviceTicket); final CentralOAuthService centralOAuthService = mock(CentralOAuthService.class); when(centralOAuthService.getToken(AT_ID, AccessToken.class)).thenReturn(accessToken); final Map<String, Object> map = new HashMap<>(); map.put(NAME, VALUE);/* w ww . j av a2 s. c o m*/ final List<String> list = Arrays.asList(VALUE, VALUE); map.put(NAME2, list); final Principal principal = mock(Principal.class); when(principal.getId()).thenReturn(ID); when(principal.getAttributes()).thenReturn(map); final Authentication authentication = mock(Authentication.class); when(authentication.getPrincipal()).thenReturn(principal); final Assertion assertion = mock(Assertion.class); when(assertion.getPrimaryAuthentication()).thenReturn(authentication); final CentralAuthenticationService centralAuthenticationService = mock(CentralAuthenticationService.class); when(centralAuthenticationService.validateServiceTicket(serviceTicket.getId(), serviceTicket.getService())) .thenReturn(assertion); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL); mockRequest.setParameter(OAuthConstants.ACCESS_TOKEN, AT_ID); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController(); oauth20WrapperController.setCentralOAuthService(centralOAuthService); oauth20WrapperController.setCentralAuthenticationService(centralAuthenticationService); oauth20WrapperController.afterPropertiesSet(); final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertNull(modelAndView); assertEquals(HttpStatus.SC_OK, mockResponse.getStatus()); assertEquals(CONTENT_TYPE, mockResponse.getContentType()); final ObjectMapper mapper = new ObjectMapper(); final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}"; final JsonNode expectedObj = mapper.readTree(expected); final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString()); assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText()); final JsonNode expectedAttributes = expectedObj.get("attributes"); final JsonNode receivedAttributes = receivedObj.get("attributes"); assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText()); assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2)); }
From source file:org.jasig.cas.support.oauth.web.OAuth20ProfileControllerTests.java
@Test public void verifyInvalidValidateServiceTicket() throws Exception { final TicketGrantingTicket ticketGrantingTicket = mock(TicketGrantingTicket.class); when(ticketGrantingTicket.isExpired()).thenReturn(false); final Service service = new SimpleWebApplicationServiceImpl("id"); final AccessToken accessToken = mock(AccessToken.class); when(accessToken.getId()).thenReturn(AT_ID); when(accessToken.getType()).thenReturn(TokenType.ONLINE); when(accessToken.getService()).thenReturn(service); when(accessToken.getTicketGrantingTicket()).thenReturn(ticketGrantingTicket); final CentralOAuthService centralOAuthService = mock(CentralOAuthService.class); when(centralOAuthService.getToken(AT_ID, AccessToken.class)).thenReturn(accessToken); final ServiceTicket serviceTicket = mock(ServiceTicket.class); when(serviceTicket.getId()).thenReturn(ID); when(serviceTicket.getService()).thenReturn(service); final CentralAuthenticationService centralAuthenticationService = mock(CentralAuthenticationService.class); when(centralAuthenticationService.grantServiceTicket(accessToken.getTicketGrantingTicket().getId(), accessToken.getService())).thenReturn(serviceTicket); when(centralAuthenticationService.validateServiceTicket(serviceTicket.getId(), serviceTicket.getService())) .thenThrow(new InvalidTicketException("expired ticket")); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL); mockRequest.setParameter(OAuthConstants.ACCESS_TOKEN, AT_ID); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController(); oauth20WrapperController.setCentralOAuthService(centralOAuthService); oauth20WrapperController.setCentralAuthenticationService(centralAuthenticationService); oauth20WrapperController.afterPropertiesSet(); final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertNull(modelAndView);/* w ww. j a va 2 s . co m*/ assertEquals(HttpStatus.SC_UNAUTHORIZED, mockResponse.getStatus()); assertEquals(CONTENT_TYPE, mockResponse.getContentType()); final ObjectMapper mapper = new ObjectMapper(); final String expected = "{\"error\":\"" + OAuthConstants.UNAUTHORIZED_REQUEST + "\",\"error_description\":\"" + OAuthConstants.INVALID_ACCESS_TOKEN_DESCRIPTION + "\"}"; final JsonNode expectedObj = mapper.readTree(expected); final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString()); assertEquals(expectedObj.get("error").asText(), receivedObj.get("error").asText()); assertEquals(expectedObj.get("error_description").asText(), receivedObj.get("error_description").asText()); }
From source file:org.jasig.cas.support.oauth.web.OAuth20ProfileControllerTests.java
@Test public void verifyOKWithAuthorizationHeader() throws Exception { final TicketGrantingTicket ticketGrantingTicket = mock(TicketGrantingTicket.class); when(ticketGrantingTicket.isExpired()).thenReturn(false); final Service service = new SimpleWebApplicationServiceImpl("id"); final AccessToken accessToken = mock(AccessToken.class); when(accessToken.getId()).thenReturn(AT_ID); when(accessToken.getType()).thenReturn(TokenType.ONLINE); when(accessToken.getService()).thenReturn(service); when(accessToken.getTicketGrantingTicket()).thenReturn(ticketGrantingTicket); final CentralOAuthService centralOAuthService = mock(CentralOAuthService.class); when(centralOAuthService.getToken(AT_ID, AccessToken.class)).thenReturn(accessToken); final ServiceTicket serviceTicket = mock(ServiceTicket.class); when(serviceTicket.getId()).thenReturn(ID); when(serviceTicket.getService()).thenReturn(service); final Map<String, Object> map = new HashMap<>(); map.put(NAME, VALUE);//w ww . j a va 2s .c om final List<String> list = Arrays.asList(VALUE, VALUE); map.put(NAME2, list); final Principal principal = mock(Principal.class); when(principal.getId()).thenReturn(ID); when(principal.getAttributes()).thenReturn(map); final Authentication authentication = mock(Authentication.class); when(authentication.getPrincipal()).thenReturn(principal); final Assertion assertion = mock(Assertion.class); when(assertion.getPrimaryAuthentication()).thenReturn(authentication); final CentralAuthenticationService centralAuthenticationService = mock(CentralAuthenticationService.class); when(centralAuthenticationService.grantServiceTicket(accessToken.getTicketGrantingTicket().getId(), accessToken.getService())).thenReturn(serviceTicket); when(centralAuthenticationService.validateServiceTicket(serviceTicket.getId(), serviceTicket.getService())) .thenReturn(assertion); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL); mockRequest.addHeader("Authorization", OAuthConstants.BEARER_TOKEN + " " + AT_ID); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController(); oauth20WrapperController.setCentralOAuthService(centralOAuthService); oauth20WrapperController.setCentralAuthenticationService(centralAuthenticationService); oauth20WrapperController.afterPropertiesSet(); final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertNull(modelAndView); assertEquals(HttpStatus.SC_OK, mockResponse.getStatus()); assertEquals(CONTENT_TYPE, mockResponse.getContentType()); final ObjectMapper mapper = new ObjectMapper(); final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}"; final JsonNode expectedObj = mapper.readTree(expected); final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString()); assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText()); final JsonNode expectedAttributes = expectedObj.get("attributes"); final JsonNode receivedAttributes = receivedObj.get("attributes"); assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText()); assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2)); }
From source file:org.jasig.cas.support.oauth.web.OAuth20ProfileControllerTests.java
@Test public void verifyOK() throws Exception { final TicketGrantingTicket ticketGrantingTicket = mock(TicketGrantingTicket.class); when(ticketGrantingTicket.isExpired()).thenReturn(false); final Service service = new SimpleWebApplicationServiceImpl("id"); final AccessToken accessToken = mock(AccessToken.class); when(accessToken.getId()).thenReturn(AT_ID); when(accessToken.getType()).thenReturn(TokenType.ONLINE); when(accessToken.getService()).thenReturn(service); when(accessToken.getTicketGrantingTicket()).thenReturn(ticketGrantingTicket); final CentralOAuthService centralOAuthService = mock(CentralOAuthService.class); when(centralOAuthService.getToken(AT_ID, AccessToken.class)).thenReturn(accessToken); final ServiceTicket serviceTicket = mock(ServiceTicket.class); when(serviceTicket.getId()).thenReturn(ID); when(serviceTicket.getService()).thenReturn(service); final Map<String, Object> map = new HashMap<>(); map.put(NAME, VALUE);//from ww w .j a va2 s . co m final List<String> list = Arrays.asList(VALUE, VALUE); map.put(NAME2, list); final Principal principal = mock(Principal.class); when(principal.getId()).thenReturn(ID); when(principal.getAttributes()).thenReturn(map); final Authentication authentication = mock(Authentication.class); when(authentication.getPrincipal()).thenReturn(principal); final Assertion assertion = mock(Assertion.class); when(assertion.getPrimaryAuthentication()).thenReturn(authentication); final CentralAuthenticationService centralAuthenticationService = mock(CentralAuthenticationService.class); when(centralAuthenticationService.grantServiceTicket(accessToken.getTicketGrantingTicket().getId(), accessToken.getService())).thenReturn(serviceTicket); when(centralAuthenticationService.validateServiceTicket(serviceTicket.getId(), serviceTicket.getService())) .thenReturn(assertion); final MockHttpServletRequest mockRequest = new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL); mockRequest.setParameter(OAuthConstants.ACCESS_TOKEN, AT_ID); final MockHttpServletResponse mockResponse = new MockHttpServletResponse(); final OAuth20WrapperController oauth20WrapperController = new OAuth20WrapperController(); oauth20WrapperController.setCentralOAuthService(centralOAuthService); oauth20WrapperController.setCentralAuthenticationService(centralAuthenticationService); oauth20WrapperController.afterPropertiesSet(); final ModelAndView modelAndView = oauth20WrapperController.handleRequest(mockRequest, mockResponse); assertNull(modelAndView); assertEquals(HttpStatus.SC_OK, mockResponse.getStatus()); assertEquals(CONTENT_TYPE, mockResponse.getContentType()); final ObjectMapper mapper = new ObjectMapper(); final String expected = "{\"id\":\"" + ID + "\",\"attributes\":[{\"" + NAME + "\":\"" + VALUE + "\"},{\"" + NAME2 + "\":[\"" + VALUE + "\",\"" + VALUE + "\"]}]}"; final JsonNode expectedObj = mapper.readTree(expected); final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString()); assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText()); final JsonNode expectedAttributes = expectedObj.get("attributes"); final JsonNode receivedAttributes = receivedObj.get("attributes"); assertEquals(expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText()); assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2)); }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void getServiceAccessTokenTest() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); req.addParameter("client_id", serviceApplication.getExternalId()); req.addParameter("client_secret", serviceApplication.getSecret()); req.addParameter("grant_type", "client_credentials"); req.setMethod("POST"); req.setPathInfo("/access_token"); try {//w w w. j a v a 2 s. c o m oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); Assert.assertTrue("response must be a valid json and have access_token field", token.has(ACCESS_TOKEN) && token.get(ACCESS_TOKEN).getAsString().length() > 0); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testServiceOnlyEndpoint() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); req.addParameter("client_id", serviceApplication.getExternalId()); req.addParameter("client_secret", serviceApplication.getSecret()); req.addParameter("grant_type", "client_credentials"); req.setMethod("POST"); req.setPathInfo("/access_token"); try {/*w w w .j a va 2s .c om*/ oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); final String accessToken = token.get(ACCESS_TOKEN).getAsString(); Assert.assertTrue("response must be a valid json and have access_token field", token.has(ACCESS_TOKEN) && accessToken.length() > 0); String result = target("bennu-oauth").path("test").path("service-only-without-scope") .queryParam(ACCESS_TOKEN, accessToken).request().get(String.class); Assert.assertEquals("this is an endpoint with serviceOnly", result); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }
From source file:org.fenixedu.bennu.oauth.OAuthServletTest.java
@Test public void testServiceOnlyEndpointWithScopeMustFail() { MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletResponse res = new MockHttpServletResponse(); req.addParameter("client_id", serviceApplication.getExternalId()); req.addParameter("client_secret", serviceApplication.getSecret()); req.addParameter("grant_type", "client_credentials"); req.setMethod("POST"); req.setPathInfo("/access_token"); try {/*from ww w . j a v a 2 s . c o m*/ oauthServlet.service(req, res); Assert.assertEquals("must return status OK", 200, res.getStatus()); String tokenJson = res.getContentAsString(); final JsonObject token = new JsonParser().parse(tokenJson).getAsJsonObject(); final String accessToken = token.get(ACCESS_TOKEN).getAsString(); Assert.assertTrue("response must be a valid json and have access_token field", token.has(ACCESS_TOKEN) && accessToken.length() > 0); Response result = target("bennu-oauth").path("test").path("service-only-with-scope") .queryParam(ACCESS_TOKEN, accessToken).request().get(Response.class); Assert.assertNotEquals("request must fail", 200, result.getStatus()); } catch (ServletException | IOException e) { Assert.fail(e.getMessage()); } }