List of usage examples for org.springframework.security.oauth2.provider.client BaseClientDetails setClientSecret
public void setClientSecret(String clientSecret)
From source file:org.cloudfoundry.identity.uaa.mock.providers.IdentityProviderEndpointsMockMvcTests.java
private void testRetrieveIdps(boolean retrieveActive) throws Exception { String clientId = RandomStringUtils.randomAlphabetic(6); BaseClientDetails client = new BaseClientDetails(clientId, null, "idps.write,idps.read", "password", null); client.setClientSecret("test-client-secret"); mockMvcUtils.createClient(getMockMvc(), adminToken, client); ScimUser user = mockMvcUtils.createAdminForZone(getMockMvc(), adminToken, "idps.read,idps.write"); String accessToken = mockMvcUtils.getUserOAuthAccessToken(getMockMvc(), client.getClientId(), client.getClientSecret(), user.getUserName(), "secr3T", "idps.read,idps.write"); String randomOriginKey = new RandomValueStringGenerator().generate(); IdentityProvider identityProvider = MultitenancyFixture.identityProvider(randomOriginKey, IdentityZone.getUaa().getId()); IdentityProvider createdIDP = createIdentityProvider(null, identityProvider, accessToken, status().isCreated());//from w w w . j a v a2 s . co m String retrieveActiveParam = retrieveActive ? "?active_only=true" : ""; MockHttpServletRequestBuilder requestBuilder = get("/identity-providers" + retrieveActiveParam) .header("Authorization", "Bearer" + accessToken).contentType(APPLICATION_JSON); int numberOfIdps = identityProviderProvisioning.retrieveAll(retrieveActive, IdentityZone.getUaa().getId()) .size(); MvcResult result = getMockMvc().perform(requestBuilder).andExpect(status().isOk()).andReturn(); List<IdentityProvider> identityProviderList = JsonUtils.readValue(result.getResponse().getContentAsString(), new TypeReference<List<IdentityProvider>>() { }); assertEquals(numberOfIdps, identityProviderList.size()); assertTrue(identityProviderList.contains(createdIDP)); createdIDP.setActive(false); createdIDP = JsonUtils.readValue(updateIdentityProvider(null, createdIDP, accessToken, status().isOk()) .getResponse().getContentAsString(), IdentityProvider.class); result = getMockMvc().perform(requestBuilder).andExpect(status().isOk()).andReturn(); identityProviderList = JsonUtils.readValue(result.getResponse().getContentAsString(), new TypeReference<List<IdentityProvider>>() { }); if (!retrieveActive) { assertEquals(numberOfIdps, identityProviderList.size()); assertTrue(identityProviderList.contains(createdIDP)); } else { assertEquals(numberOfIdps - 1, identityProviderList.size()); assertFalse(identityProviderList.contains(createdIDP)); } }
From source file:org.cloudfoundry.identity.uaa.mock.providers.IdentityProviderEndpointsMockMvcTests.java
private BaseClientDetails getBaseClientDetails() throws Exception { String clientId = RandomStringUtils.randomAlphabetic(6); BaseClientDetails client = new BaseClientDetails(clientId, null, "idps.read,idps.write", "password", null); client.setClientSecret("test-client-secret"); mockMvcUtils.createClient(getMockMvc(), adminToken, client); return client; }
From source file:org.cloudfoundry.identity.uaa.mock.providers.IdentityProviderEndpointsMockMvcTests.java
public String setUpAccessToken() throws Exception { String clientId = RandomStringUtils.randomAlphabetic(6); BaseClientDetails client = new BaseClientDetails(clientId, null, "idps.read,idps.write", "password", null); client.setClientSecret("test-client-secret"); mockMvcUtils.createClient(getMockMvc(), adminToken, client); ScimUser user = mockMvcUtils.createAdminForZone(getMockMvc(), adminToken, "idps.write,idps.read"); return mockMvcUtils.getUserOAuthAccessToken(getMockMvc(), client.getClientId(), client.getClientSecret(), user.getUserName(), "secr3T", "idps.read idps.write"); }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenKeyEndpointMockMvcTests.java
@Test public void get_token_asymmetric_but_authenticated() throws Exception { BaseClientDetails client = new BaseClientDetails(new RandomValueStringGenerator().generate(), "", "foo,bar", "client_credentials,password", "uaa.none"); client.setClientSecret("secret"); getWebApplicationContext().getBean(ClientRegistrationService.class).addClientDetails(client); String basicDigestHeaderValue = "Basic " + new String(Base64.encodeBase64((client.getClientId() + ":secret").getBytes())); MvcResult result = getMockMvc().perform(get("/token_key").accept(MediaType.APPLICATION_JSON) .header("Authorization", basicDigestHeaderValue)).andExpect(status().isOk()).andReturn(); Map<String, Object> key = JsonUtils.readValue(result.getResponse().getContentAsString(), Map.class); validateKey(key);/* w w w .ja va 2 s .c o m*/ }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenKeyEndpointMockMvcTests.java
@Test public void get_token_symmetric_authenticated_but_missing_scope() throws Exception { setUp("key"); try {//from w w w .jav a 2 s. c o m BaseClientDetails client = new BaseClientDetails(new RandomValueStringGenerator().generate(), "", "foo,bar", "client_credentials,password", "uaa.none"); client.setClientSecret("secret"); getWebApplicationContext().getBean(ClientRegistrationService.class).addClientDetails(client); String basicDigestHeaderValue = "Basic " + new String(Base64.encodeBase64((client.getClientId() + ":secret").getBytes())); getMockMvc().perform(get("/token_key").accept(MediaType.APPLICATION_JSON).header("Authorization", basicDigestHeaderValue)).andExpect(status().isForbidden()).andReturn(); } finally { setUp(signKey); } }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenMvcMockTests.java
@Test public void refreshAccessToken_withClient_withAutoApproveField() throws Exception { String clientId = "testclient" + generator.generate(); BaseClientDetails clientDetails = new BaseClientDetails(clientId, null, "uaa.user,other.scope", "authorization_code,refresh_token", "uaa.resource", TEST_REDIRECT_URI); clientDetails.setAutoApproveScopes(Arrays.asList("uaa.user")); clientDetails.setClientSecret("secret"); clientDetails.addAdditionalInformation(ClientConstants.AUTO_APPROVE, Arrays.asList("other.scope")); clientDetails.addAdditionalInformation(ClientConstants.ALLOWED_PROVIDERS, Arrays.asList("uaa")); clientDetailsService.addClientDetails(clientDetails); String username = "testuser" + generator.generate(); String userScopes = "uaa.user,other.scope"; ScimUser developer = setUpUser(username, userScopes, OriginKeys.UAA, IdentityZone.getUaa().getId()); MockHttpSession session = getAuthenticatedSession(developer); String state = generator.generate(); MvcResult result = getMockMvc()/*from www. j av a2 s. c o m*/ .perform(get("/oauth/authorize").session(session).param(OAuth2Utils.RESPONSE_TYPE, "code") .param(OAuth2Utils.STATE, state).param(OAuth2Utils.CLIENT_ID, clientId)) .andExpect(status().isFound()).andReturn(); URL url = new URL(result.getResponse().getHeader("Location").replace("redirect#", "redirect?")); Map query = splitQuery(url); String code = ((List<String>) query.get("code")).get(0); state = ((List<String>) query.get("state")).get(0); MockHttpServletRequestBuilder oauthTokenPost = post("/oauth/token") .contentType(MediaType.APPLICATION_FORM_URLENCODED_VALUE).accept(MediaType.APPLICATION_JSON_VALUE) .param(OAuth2Utils.RESPONSE_TYPE, "token").param(OAuth2Utils.GRANT_TYPE, "authorization_code") .param(OAuth2Utils.CLIENT_ID, clientId).param("client_secret", "secret").param("code", code) .param("state", state); MvcResult mvcResult = getMockMvc().perform(oauthTokenPost).andReturn(); OAuth2RefreshToken refreshToken = JsonUtils .readValue(mvcResult.getResponse().getContentAsString(), CompositeAccessToken.class) .getRefreshToken(); MockHttpServletRequestBuilder postForRefreshToken = post("/oauth/token") .header("Authorization", "Basic " + new String(Base64.encode((clientId + ":" + SECRET).getBytes()))) .param(GRANT_TYPE, REFRESH_TOKEN).param(REFRESH_TOKEN, refreshToken.getValue()); getMockMvc().perform(postForRefreshToken).andExpect(status().isOk()); }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenMvcMockTests.java
@Test public void authorizeEndpointWithPromptNone_WhenNotAuthenticated() throws Exception { String clientId = "testclient" + generator.generate(); BaseClientDetails clientDetails = new BaseClientDetails(clientId, null, "uaa.user,other.scope", "authorization_code,refresh_token", "uaa.resource", TEST_REDIRECT_URI); clientDetails.setAutoApproveScopes(Arrays.asList("uaa.user")); clientDetails.setClientSecret("secret"); clientDetails.addAdditionalInformation(ClientConstants.AUTO_APPROVE, Arrays.asList("other.scope")); clientDetails.addAdditionalInformation(ClientConstants.ALLOWED_PROVIDERS, Arrays.asList("uaa")); clientDetailsService.addClientDetails(clientDetails); MockHttpSession session = new MockHttpSession(); String state = generator.generate(); MvcResult result = getMockMvc()//from w w w .j av a2 s. c om .perform(get("/oauth/authorize").session(session).param(OAuth2Utils.RESPONSE_TYPE, "code") .param(OAuth2Utils.STATE, state).param(OAuth2Utils.CLIENT_ID, clientId) .param(OAuth2Utils.REDIRECT_URI, TEST_REDIRECT_URI) .param(ID_TOKEN_HINT_PROMPT, ID_TOKEN_HINT_PROMPT_NONE)) .andExpect(status().isFound()).andExpect(cookie().maxAge("Current-User", 0)).andReturn(); String url = result.getResponse().getHeader("Location"); assertEquals(UaaUrlUtils.addQueryParameter(TEST_REDIRECT_URI, "error", "login_required"), url); }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenMvcMockTests.java
@Test public void testAuthorizeEndpointWithPromptNone_Authenticated() throws Exception { String clientId = "testclient" + generator.generate(); BaseClientDetails clientDetails = new BaseClientDetails(clientId, null, "uaa.user,other.scope", "authorization_code,refresh_token", "uaa.resource", TEST_REDIRECT_URI); clientDetails.setAutoApproveScopes(Arrays.asList("uaa.user")); clientDetails.setClientSecret("secret"); clientDetails.addAdditionalInformation(ClientConstants.AUTO_APPROVE, Arrays.asList("other.scope")); clientDetails.addAdditionalInformation(ClientConstants.ALLOWED_PROVIDERS, Arrays.asList("uaa")); clientDetailsService.addClientDetails(clientDetails); String username = "testuser" + generator.generate(); String userScopes = "uaa.user,other.scope"; ScimUser developer = setUpUser(username, userScopes, OriginKeys.UAA, IdentityZone.getUaa().getId()); MockHttpSession session = getAuthenticatedSession(developer); String state = generator.generate(); MvcResult result = getMockMvc()/*from w ww . j ava 2s .c om*/ .perform(get("/oauth/authorize").session(session).param(OAuth2Utils.RESPONSE_TYPE, "code") .param(OAuth2Utils.STATE, state).param(OAuth2Utils.CLIENT_ID, clientId) .param(OAuth2Utils.REDIRECT_URI, TEST_REDIRECT_URI) .param(ID_TOKEN_HINT_PROMPT, ID_TOKEN_HINT_PROMPT_NONE)) .andExpect(status().isFound()).andReturn(); String url = result.getResponse().getHeader("Location"); assertThat(url, containsString(TEST_REDIRECT_URI)); }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenMvcMockTests.java
@Test public void revokeOwnJWToken() throws Exception { IdentityZone defaultZone = identityZoneProvisioning.retrieve(IdentityZone.getUaa().getId()); defaultZone.getConfig().getTokenPolicy().setJwtRevocable(true); identityZoneProvisioning.update(defaultZone); try {/*from w w w. ja v a 2s . c o m*/ BaseClientDetails client = new BaseClientDetails(generator.generate(), "", "openid", "client_credentials,password", "clients.write"); client.setClientSecret("secret"); createClient(getMockMvc(), adminToken, client); //this is the token we will revoke String clientToken = getClientCredentialsOAuthAccessToken(getMockMvc(), client.getClientId(), client.getClientSecret(), null, null); Jwt jwt = JwtHelper.decode(clientToken); Map<String, Object> claims = JsonUtils.readValue(jwt.getClaims(), new TypeReference<Map<String, Object>>() { }); String jti = (String) claims.get("jti"); getMockMvc() .perform(delete("/oauth/token/revoke/" + jti).header("Authorization", "Bearer " + clientToken)) .andExpect(status().isOk()); tokenProvisioning.retrieve(jti); } catch (EmptyResultDataAccessException e) { } finally { defaultZone.getConfig().getTokenPolicy().setJwtRevocable(false); identityZoneProvisioning.update(defaultZone); } }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenMvcMockTests.java
@Test public void revokeOtherClientToken() throws Exception { String resourceClientId = generator.generate(); BaseClientDetails resourceClient = new BaseClientDetails(resourceClientId, "", "uaa.resource", "client_credentials,password", "uaa.resource"); resourceClient.setClientSecret("secret"); createClient(getMockMvc(), adminToken, resourceClient); BaseClientDetails client = new BaseClientDetails(generator.generate(), "", "openid", "client_credentials,password", "tokens.revoke"); client.setClientSecret("secret"); createClient(getMockMvc(), adminToken, client); //this is the token we will revoke String revokeAccessToken = getClientCredentialsOAuthAccessToken(getMockMvc(), client.getClientId(), client.getClientSecret(), "tokens.revoke", null, false); String tokenToBeRevoked = getClientCredentialsOAuthAccessToken(getMockMvc(), resourceClientId, resourceClient.getClientSecret(), null, null, true); getMockMvc().perform(delete("/oauth/token/revoke/" + tokenToBeRevoked).header("Authorization", "Bearer " + revokeAccessToken)).andExpect(status().isOk()); try {// w ww . j a v a2s . c o m tokenProvisioning.retrieve(tokenToBeRevoked); fail("Token should have been deleted"); } catch (EmptyResultDataAccessException e) { //expected } }