Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kustvakt / 7d7e25e5d4051cf8f4345e522ac699d4116194a6^! / . / full / src / test / java
commit7d7e25e5d4051cf8f4345e522ac699d4116194a6[log] [tgz]
authormargaretha <margaretha@ids-mannheim.de>Fri May 27 08:41:25 2022 +0200
committermargaretha <margaretha@ids-mannheim.de>Fri May 27 08:44:29 2022 +0200
tree960f23d07ada3a0a96eb6b639dc4b5bd0fc2806d
parent590acf68e670ee033434fadce950dac5c8a93a8c [diff]
Added maximum limit to custom refresh token expiry

Change-Id: Ie92d181b1941df867bb5377c2f2f6bf61ed56825

diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
index 7ea1485..fc1e24c 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java

@@ -237,6 +237,55 @@
     }
     
     @Test
+    public void testRegisterPublicClientWithRefreshTokenExpiry ()
+            throws UniformInterfaceException, ClientHandlerException,
+            KustvaktException {
+        OAuth2ClientJson clientJson =
+                createOAuth2ClientJson("OAuth2PublicClient",
+                        OAuth2ClientType.PUBLIC, "A public test client.");
+        clientJson.setRefreshTokenExpiry(31535000);
+        ClientResponse response = registerClient(username, clientJson);
+        JsonNode node = JsonUtils.readTree(response.getEntity(String.class));
+        assertEquals("invalid_request", node.at("/error").asText());
+        assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
+    }
+    
+    @Test
+    public void testRegisterConfidentialClientWithRefreshTokenExpiry ()
+            throws UniformInterfaceException, ClientHandlerException,
+            KustvaktException {
+        int expiry = 31535000;
+        OAuth2ClientJson clientJson =
+                createOAuth2ClientJson("OAuth2 Confidential Client",
+                        OAuth2ClientType.CONFIDENTIAL, "A confidential client.");
+        clientJson.setRefreshTokenExpiry(expiry);
+        ClientResponse response = registerClient(username, clientJson);
+        JsonNode node = JsonUtils.readTree(response.getEntity(String.class));
+        String clientId = node.at("/client_id").asText();
+        JsonNode clientInfo = retrieveClientInfo(clientId, username);
+        assertEquals(expiry, clientInfo.at("/refresh_token_expiry").asInt());
+        
+        deregisterConfidentialClient(username, clientId);
+    }
+    
+    @Test
+    public void testRegisterConfidentialClientWithInvalidRefreshTokenExpiry ()
+            throws UniformInterfaceException, ClientHandlerException,
+            KustvaktException {
+        OAuth2ClientJson clientJson = createOAuth2ClientJson(
+                "OAuth2 Confidential Client", OAuth2ClientType.CONFIDENTIAL,
+                "A confidential client.");
+        clientJson.setRefreshTokenExpiry(31537000);
+        ClientResponse response = registerClient(username, clientJson);
+        JsonNode node = JsonUtils.readTree(response.getEntity(String.class));
+        assertEquals(
+                "Maximum refresh token expiry is 31536000 seconds (1 year)",
+                node.at("/error_description").asText());
+        assertEquals("invalid_request", node.at("/error").asText());
+        assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
+    }
+    
+    @Test
     public void testRegisterClientInvalidURL ()
             throws UniformInterfaceException, ClientHandlerException,
             KustvaktException {