Added service layer to SearchController, added OAuth2 scope handling,
fixed bugs.
Change-Id: Id6cfb5c264472d106314dbd4a485681460e67288
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
index 8126843..911f8a9 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
@@ -6,6 +6,7 @@
import java.io.IOException;
import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response.Status;
import org.apache.http.entity.ContentType;
import org.junit.Test;
@@ -13,13 +14,13 @@
import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.net.HttpHeaders;
import com.sun.jersey.api.client.ClientResponse;
-import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.config.SpringJerseyTest;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.oauth2.constant.OAuth2Scope;
import de.ids_mannheim.korap.utils.JsonUtils;
public class OAuth2AccessTokenTest extends SpringJerseyTest {
@@ -42,17 +43,50 @@
JsonNode node = JsonUtils.readTree(entity);
return node.at("/access_token").asText();
}
+
+ @Test
+ public void testListVCScope() throws KustvaktException {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ form.add("grant_type", "password");
+ form.add("client_id", "fCBbQkAyYzI4NzUxMg");
+ form.add("client_secret", "secret");
+ form.add("username", "dory");
+ form.add("password", "password");
+ form.add("scope", OAuth2Scope.VC_INFO.toString());
+
+ ClientResponse response = resource().path("oauth2").path("token")
+ .header(HttpHeaders.CONTENT_TYPE,
+ ContentType.APPLICATION_FORM_URLENCODED)
+ .entity(form).post(ClientResponse.class);
+
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ String token = node.at("/access_token").asText();
+
+ response = resource().path("vc").path("list")
+ .header(Attributes.AUTHORIZATION, "Bearer " + token)
+ .get(ClientResponse.class);
+
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ entity = response.getEntity(String.class);
+ node = JsonUtils.readTree(entity);
+ assertEquals(4, node.size());
+ }
@Test
- public void testListVC () throws KustvaktException {
+ public void testListVCScopeNotAuthorized () throws KustvaktException {
ClientResponse response = resource().path("vc").path("list")
.header(Attributes.AUTHORIZATION, "Bearer " + requestToken())
.get(ClientResponse.class);
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ assertEquals(ClientResponse.Status.UNAUTHORIZED.getStatusCode(),
+ response.getStatus());
String entity = response.getEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(4, node.size());
+ assertEquals(StatusCodes.AUTHORIZATION_FAILED,
+ node.at("/errors/0/0").asInt());
+ assertEquals("Scope vc_info is not authorized",
+ node.at("/errors/0/1").asText());
}
@Test
@@ -64,10 +98,11 @@
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
.get(ClientResponse.class);
+ String ent = response.getEntity(String.class);
+
assertEquals(ClientResponse.Status.OK.getStatusCode(),
response.getStatus());
-
- String ent = response.getEntity(String.class);
+
JsonNode node = JsonUtils.readTree(ent);
assertNotNull(node);
assertEquals(25, node.at("/matches").size());
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
index 93666ea..cc821fe 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
@@ -172,7 +172,7 @@
MultivaluedMap<String, String> authForm = new MultivaluedMapImpl();
authForm.add("response_type", "code");
authForm.add("client_id", "fCBbQkAyYzI4NzUxMg");
- authForm.add("scope", "username");
+ authForm.add("scope", "search");
ClientResponse response =
requestAuthorizationConfidentialClient(authForm);
@@ -182,7 +182,7 @@
String code = params.get("code").get(0);
String scopes = params.get("scope").get(0);
- assertEquals(scopes, "username");
+ assertEquals(scopes, "search");
MultivaluedMap<String, String> tokenForm = new MultivaluedMapImpl();
tokenForm.add("grant_type", "authorization_code");
@@ -242,7 +242,7 @@
MultivaluedMap<String, String> authForm = new MultivaluedMapImpl();
authForm.add("response_type", "code");
authForm.add("client_id", "fCBbQkAyYzI4NzUxMg");
- authForm.add("scope", "username");
+ authForm.add("scope", "search");
authForm.add("redirect_uri", uri);
ClientResponse response =
@@ -342,7 +342,6 @@
ContentType.APPLICATION_FORM_URLENCODED)
.entity(form).post(ClientResponse.class);
String entity = response.getEntity(String.class);
- System.out.println(entity);
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.at("/access_token").asText());
assertNotNull(node.at("/refresh_token").asText());
diff --git a/full/src/test/resources/kustvakt-test.conf b/full/src/test/resources/kustvakt-test.conf
index 8416b6a..e09f9c4 100644
--- a/full/src/test/resources/kustvakt-test.conf
+++ b/full/src/test/resources/kustvakt-test.conf
@@ -50,7 +50,7 @@
oauth2.native.client.host = korap.ids-mannheim.de
oauth2.max.attempts = 2
# -- scopes separated by space
-oauth2.default.scopes = openid username email
+oauth2.default.scopes = openid search match_info
oauth2.client.credentials.scopes = client_info
## OpenId
diff --git a/full/src/test/resources/log4j2-test.properties b/full/src/test/resources/log4j2-test.properties
index 58a30cf..dc7dc8f 100644
--- a/full/src/test/resources/log4j2-test.properties
+++ b/full/src/test/resources/log4j2-test.properties
@@ -19,6 +19,7 @@
logger.console.level = info
logger.console.appenderRefs = stdout
logger.console.appenderRef.file.ref = STDOUT
+logger.console.additivity=false
#loggers=file
#logger.file.name=com.sun.jersey.test.framework.spi.container
diff --git a/full/src/test/resources/test-config.xml b/full/src/test/resources/test-config.xml
index cad93aa..28cd408 100644
--- a/full/src/test/resources/test-config.xml
+++ b/full/src/test/resources/test-config.xml
@@ -167,7 +167,6 @@
<bean id="initializator" class="de.ids_mannheim.korap.config.Initializator"
init-method="init">
- <constructor-arg name="config" ref="kustvakt_config" />
<constructor-arg name="accessScopeDao" ref="accessScopeDao" />
</bean>