List of usage examples for org.springframework.util MultiValueMap add
void add(K key, @Nullable V value);
From source file:org.cloudfoundry.identity.uaa.integration.feature.OpenIdTokenGrantsIT.java
private void doOpenIdHybridFlowIdTokenAndCode(Set<String> responseTypes, String responseTypeMatcher) throws Exception { HttpHeaders headers = new HttpHeaders(); // TODO: should be able to handle just TEXT_HTML headers.setAccept(Arrays.asList(MediaType.TEXT_HTML, MediaType.ALL)); StringBuilder responseType = new StringBuilder(); Iterator<String> rTypes = responseTypes.iterator(); while (rTypes.hasNext()) { String type = rTypes.next(); responseType.append(type);/* w w w . j a v a 2 s . co m*/ if (rTypes.hasNext()) { responseType.append(" "); } } String state = new RandomValueStringGenerator().generate(); String clientId = "app"; String clientSecret = "appclientsecret"; String redirectUri = "http://localhost:8080/app/"; String uri = loginUrl + "/oauth/authorize?response_type={response_type}&" + "state={state}&client_id={client_id}&redirect_uri={redirect_uri}"; ResponseEntity<Void> result = restOperations.exchange(uri, HttpMethod.GET, new HttpEntity<>(null, headers), Void.class, responseType, state, clientId, redirectUri); assertEquals(HttpStatus.FOUND, result.getStatusCode()); String location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { headers.add("Cookie", cookie); } } ResponseEntity<String> response = restOperations.exchange(location, HttpMethod.GET, new HttpEntity<>(null, headers), String.class); // should be directed to the login screen... assertTrue(response.getBody().contains("/login.do")); assertTrue(response.getBody().contains("username")); assertTrue(response.getBody().contains("password")); String csrf = IntegrationTestUtils.extractCookieCsrf(response.getBody()); if (response.getHeaders().containsKey("Set-Cookie")) { for (String cookie : response.getHeaders().get("Set-Cookie")) { headers.add("Cookie", cookie); } } MultiValueMap<String, String> formData = new LinkedMultiValueMap<>(); formData.add("username", user.getUserName()); formData.add("password", secret); formData.add(CookieBasedCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME, csrf); // Should be redirected to the original URL, but now authenticated result = restOperations.exchange(loginUrl + "/login.do", HttpMethod.POST, new HttpEntity<>(formData, headers), Void.class); assertEquals(HttpStatus.FOUND, result.getStatusCode()); headers.remove("Cookie"); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { headers.add("Cookie", cookie); } } location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); response = restOperations.exchange(location, HttpMethod.GET, new HttpEntity<>(null, headers), String.class); if (response.getStatusCode() == HttpStatus.OK) { // The grant access page should be returned assertTrue(response.getBody().contains("You can change your approval of permissions")); formData.clear(); formData.add(USER_OAUTH_APPROVAL, "true"); formData.add(DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(response.getBody())); result = restOperations.exchange(loginUrl + "/oauth/authorize", HttpMethod.POST, new HttpEntity<>(formData, headers), Void.class); assertEquals(HttpStatus.FOUND, result.getStatusCode()); location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); } else { // Token cached so no need for second approval assertEquals(HttpStatus.FOUND, response.getStatusCode()); location = UriUtils.decode(response.getHeaders().getLocation().toString(), "UTF-8"); } assertTrue("Wrong location: " + location, location.matches(redirectUri + responseTypeMatcher.toString())); formData.clear(); formData.add("client_id", clientId); formData.add("redirect_uri", redirectUri); formData.add("grant_type", "authorization_code"); formData.add("code", location.split("code=")[1].split("&")[0]); HttpHeaders tokenHeaders = new HttpHeaders(); String basicDigestHeaderValue = "Basic " + new String(Base64.encodeBase64((clientId + ":" + clientSecret).getBytes())); tokenHeaders.set("Authorization", basicDigestHeaderValue); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = restOperations.exchange(loginUrl + "/oauth/token", HttpMethod.POST, new HttpEntity<>(formData, tokenHeaders), Map.class); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> body = tokenResponse.getBody(); Jwt token = JwtHelper.decode(body.get("access_token")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"aud\"")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"user_id\"")); }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginWithLocalIdpIT.java
public static SamlIdentityProviderDefinition createLocalSamlIdpDefinition(String alias, String zoneId) { String url;//from ww w . j a va2 s . c o m if (StringUtils.isNotEmpty(zoneId) && !zoneId.equals("uaa")) { url = "http://" + zoneId + ".localhost:8080/uaa/saml/idp/metadata"; } else { url = "http://localhost:8080/uaa/saml/idp/metadata"; } RestTemplate client = new RestTemplate(); MultiValueMap<String, String> headers = new LinkedMultiValueMap<>(); headers.add("Accept", "application/samlmetadata+xml"); headers.add(IdentityZoneSwitchingFilter.HEADER, zoneId); HttpEntity<String> getHeaders = new HttpEntity<String>(headers); ResponseEntity<String> metadataResponse = client.exchange(url, HttpMethod.GET, getHeaders, String.class); String idpMetaData = metadataResponse.getBody(); return SamlTestUtils.createLocalSamlIdpDefinition(alias, zoneId, idpMetaData); }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginWithLocalIdpIT.java
public static SamlServiceProviderDefinition createLocalSamlSpDefinition(String alias, String zoneId) { String url;//from www .j av a2 s . co m if (StringUtils.isNotEmpty(zoneId) && !zoneId.equals("uaa")) { url = "http://" + zoneId + ".localhost:8080/uaa/saml/metadata/alias/" + zoneId + "." + alias; } else { url = "http://localhost:8080/uaa/saml/metadata/alias/" + alias; } RestTemplate client = new RestTemplate(); MultiValueMap<String, String> headers = new LinkedMultiValueMap<>(); headers.add("Accept", "application/samlmetadata+xml"); headers.add(IdentityZoneSwitchingFilter.HEADER, zoneId); HttpEntity<String> getHeaders = new HttpEntity<String>(headers); ResponseEntity<String> metadataResponse = client.exchange(url, HttpMethod.GET, getHeaders, String.class); String spMetaData = metadataResponse.getBody(); SamlServiceProviderDefinition def = new SamlServiceProviderDefinition(); def.setMetaDataLocation(spMetaData); def.setNameID("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"); def.setSingleSignOnServiceIndex(0); def.setMetadataTrustCheck(false); return def; }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginWithLocalIdpIT.java
public static SamlServiceProvider createOrUpdateSamlServiceProvider(String accessToken, String url, SamlServiceProvider provider) {/*from ww w .jav a2 s . c o m*/ RestTemplate client = new RestTemplate(); MultiValueMap<String, String> headers = new LinkedMultiValueMap<>(); headers.add("Accept", MediaType.APPLICATION_JSON_VALUE); headers.add("Authorization", "bearer " + accessToken); headers.add("Content-Type", MediaType.APPLICATION_JSON_VALUE); headers.add(IdentityZoneSwitchingFilter.HEADER, provider.getIdentityZoneId()); List<SamlServiceProvider> existing = getSamlServiceProviders(accessToken, url, provider.getIdentityZoneId()); if (existing != null) { for (SamlServiceProvider p : existing) { if (p.getEntityId().equals(provider.getEntityId()) && p.getIdentityZoneId().equals(provider.getIdentityZoneId())) { provider.setId(p.getId()); HttpEntity<SamlServiceProvider> putHeaders = new HttpEntity<SamlServiceProvider>(provider, headers); ResponseEntity<String> providerPut = client.exchange(url + "/saml/service-providers/{id}", HttpMethod.PUT, putHeaders, String.class, provider.getId()); if (providerPut.getStatusCode() == HttpStatus.OK) { return JsonUtils.readValue(providerPut.getBody(), SamlServiceProvider.class); } } } } HttpEntity<SamlServiceProvider> postHeaders = new HttpEntity<SamlServiceProvider>(provider, headers); ResponseEntity<String> providerPost = client.exchange(url + "/saml/service-providers/{id}", HttpMethod.POST, postHeaders, String.class, provider.getId()); if (providerPost.getStatusCode() == HttpStatus.CREATED) { return JsonUtils.readValue(providerPost.getBody(), SamlServiceProvider.class); } throw new IllegalStateException( "Invalid result code returned, unable to create identity provider:" + providerPost.getStatusCode()); }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginWithLocalIdpIT.java
public static List<SamlServiceProvider> getSamlServiceProviders(String zoneAdminToken, String url, String zoneId) {//from ww w . java 2s. c o m RestTemplate client = new RestTemplate(); MultiValueMap<String, String> headers = new LinkedMultiValueMap<>(); headers.add("Accept", MediaType.APPLICATION_JSON_VALUE); headers.add("Authorization", "bearer " + zoneAdminToken); headers.add("Content-Type", MediaType.APPLICATION_JSON_VALUE); headers.add(IdentityZoneSwitchingFilter.HEADER, zoneId); HttpEntity<String> getHeaders = new HttpEntity<String>(headers); ResponseEntity<String> providerGet = client.exchange(url + "/saml/service-providers", HttpMethod.GET, getHeaders, String.class); if (providerGet != null && providerGet.getStatusCode() == HttpStatus.OK) { return JsonUtils.readValue(providerGet.getBody(), new TypeReference<List<SamlServiceProvider>>() { // Do nothing. }); } return null; }
From source file:org.cloudfoundry.identity.uaa.integration.feature.TestClient.java
public String getOAuthAccessToken(String baseUrl, String username, String password, String grantType, String scope) {//from w w w .j a va2 s.co m HttpHeaders headers = new HttpHeaders(); headers.add("Authorization", getBasicAuthHeaderValue(username, password)); MultiValueMap<String, String> postParameters = new LinkedMultiValueMap<String, String>(); postParameters.add("grant_type", grantType); postParameters.add("client_id", username); if (scope != null) { postParameters.add("scope", scope); } HttpEntity<MultiValueMap<String, String>> requestEntity = new HttpEntity<MultiValueMap<String, String>>( postParameters, headers); ResponseEntity<Map> exchange = restTemplate.exchange(baseUrl + "/oauth/token", HttpMethod.POST, requestEntity, Map.class); return exchange.getBody().get("access_token").toString(); }
From source file:org.cloudfoundry.identity.uaa.integration.ImplicitTokenGrantIntegrationTests.java
@Test public void authzViaJsonEndpointSucceedsWithCorrectCredentials() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON)); String credentials = String.format("{ \"username\":\"%s\", \"password\":\"%s\" }", testAccounts.getUserName(), testAccounts.getPassword()); MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); formData.add("credentials", credentials); ResponseEntity<Void> result = serverRunning.postForResponse(implicitUrl(), headers, formData); assertNotNull(result.getHeaders().getLocation()); assertTrue(result.getHeaders().getLocation().toString().matches(REDIRECT_URL_PATTERN)); }
From source file:org.cloudfoundry.identity.uaa.integration.ImplicitTokenGrantIntegrationTests.java
@Test public void authzViaJsonEndpointSucceedsWithAcceptForm() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setAccept(Arrays.asList(MediaType.APPLICATION_FORM_URLENCODED)); String credentials = String.format("{ \"username\":\"%s\", \"password\":\"%s\" }", testAccounts.getUserName(), testAccounts.getPassword()); MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); formData.add("credentials", credentials); ResponseEntity<Void> result = serverRunning.postForResponse(implicitUrl(), headers, formData); URI location = result.getHeaders().getLocation(); assertNotNull(location);//from ww w . j a v a 2 s .c om assertTrue("Wrong location: " + location, location.toString().matches(REDIRECT_URL_PATTERN)); }
From source file:org.cloudfoundry.identity.uaa.integration.ImplicitTokenGrantIntegrationTests.java
@Test public void authzWithIntermediateFormLoginSucceeds() throws Exception { BasicCookieStore cookies = new BasicCookieStore(); ResponseEntity<Void> result = serverRunning.getForResponse(implicitUrl(), getHeaders(cookies)); assertEquals(HttpStatus.FOUND, result.getStatusCode()); String location = result.getHeaders().getLocation().toString(); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { int nameLength = cookie.indexOf('='); cookies.addCookie(/*from w ww.ja va 2 s . c om*/ new BasicClientCookie(cookie.substring(0, nameLength), cookie.substring(nameLength + 1))); } } ResponseEntity<String> response = serverRunning.getForString(location, getHeaders(cookies)); if (response.getHeaders().containsKey("Set-Cookie")) { for (String cookie : response.getHeaders().get("Set-Cookie")) { int nameLength = cookie.indexOf('='); cookies.addCookie( new BasicClientCookie(cookie.substring(0, nameLength), cookie.substring(nameLength + 1))); } } // should be directed to the login screen... assertTrue(response.getBody().contains("/login.do")); assertTrue(response.getBody().contains("username")); assertTrue(response.getBody().contains("password")); location = "/login.do"; MultiValueMap<String, String> formData = new LinkedMultiValueMap<>(); formData.add("username", testAccounts.getUserName()); formData.add("password", testAccounts.getPassword()); formData.add(CookieBasedCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(response.getBody())); result = serverRunning.postForRedirect(location, getHeaders(cookies), formData); // System.err.println(result.getStatusCode()); // System.err.println(result.getHeaders()); assertNotNull(result.getHeaders().getLocation()); assertTrue(result.getHeaders().getLocation().toString().matches(REDIRECT_URL_PATTERN)); }
From source file:org.cloudfoundry.identity.uaa.integration.OpenIdTokenAuthorizationWithApprovalIntegrationTests.java
private String doOpenIdHybridFlowIdTokenAndReturnCode(Set<String> responseTypes, String responseTypeMatcher) throws Exception { HttpHeaders headers = new HttpHeaders(); // TODO: should be able to handle just TEXT_HTML headers.setAccept(Arrays.asList(MediaType.TEXT_HTML, MediaType.ALL)); AuthorizationCodeResourceDetails resource = testAccounts.getDefaultAuthorizationCodeResource(); StringBuilder responseType = new StringBuilder(); Iterator<String> rTypes = responseTypes.iterator(); while (rTypes.hasNext()) { String type = rTypes.next(); responseType.append(type);/* ww w . j av a 2 s . co m*/ if (rTypes.hasNext()) { responseType.append(" "); } } String state = new RandomValueStringGenerator().generate(); String clientId = resource.getClientId(); String redirectUri = resource.getPreEstablishedRedirectUri(); String clientSecret = resource.getClientSecret(); String uri = serverRunning.getUrl("/oauth/authorize?response_type={response_type}&" + "state={state}&client_id={client_id}&redirect_uri={redirect_uri}"); ResponseEntity<Void> result = serverRunning.getForResponse(uri, headers, responseType, state, clientId, redirectUri); assertEquals(HttpStatus.FOUND, result.getStatusCode()); String location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); if (result.getHeaders().containsKey("Set-Cookie")) { String cookie = result.getHeaders().getFirst("Set-Cookie"); headers.set("Cookie", cookie); } ResponseEntity<String> response = serverRunning.getForString(location, headers); // should be directed to the login screen... assertTrue(response.getBody().contains("/login.do")); assertTrue(response.getBody().contains("username")); assertTrue(response.getBody().contains("password")); MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); formData.add("username", user.getUserName()); formData.add("password", "secret"); // Should be redirected to the original URL, but now authenticated result = serverRunning.postForResponse("/login.do", headers, formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); if (result.getHeaders().containsKey("Set-Cookie")) { String cookie = result.getHeaders().getFirst("Set-Cookie"); headers.set("Cookie", cookie); } location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); response = serverRunning.getForString(location, headers); if (response.getStatusCode() == HttpStatus.OK) { // The grant access page should be returned assertTrue(response.getBody().contains("Application Authorization</h1>")); formData.clear(); formData.add("user_oauth_approval", "true"); result = serverRunning.postForResponse("/oauth/authorize", headers, formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); location = UriUtils.decode(result.getHeaders().getLocation().toString(), "UTF-8"); } else { // Token cached so no need for second approval assertEquals(HttpStatus.FOUND, response.getStatusCode()); location = UriUtils.decode(response.getHeaders().getLocation().toString(), "UTF-8"); } assertTrue("Wrong location: " + location, location.matches(resource.getPreEstablishedRedirectUri() + responseTypeMatcher.toString())); String code = location.split("code=")[1].split("&")[0]; exchangeCodeForToken(clientId, redirectUri, clientSecret, code, formData); return code; }