Fixed BlockingFilter (#659) Replaced javax.annotation.Priority with jakarta.annotation.Priority (#648) Change-Id: I61ebaceeeeefe116cf9bd48dfd668ce8c17144b2

commit: db5da3725936330410fdc1bb2ff1bbef84c9acd3 [log] [tgz]
author: margaretha <margaretha@ids-mannheim.de> Fri Sep 01 11:02:52 2023 +0200
committer: margaretha <margaretha@ids-mannheim.de> Fri Sep 01 11:23:10 2023 +0200
tree: 4c5832215fad1336021f0c452e2580bd8c678f24
parent: 5f5d3edfba5fe84e65ca779ee68399241a3beaa1 [diff]
diff --git a/full/Changes b/full/Changes
index 8518063..19a3635 100644
--- a/full/Changes
+++ b/full/Changes

@@ -10,6 +10,8 @@
 - Fixed conflicting commons-logging and spring jcl
 - Replaced javax.servlet with jakarta.servlet (#648)
 - Updated authorization services using Nimbus (#650)
+- Fixed BlockingFilter by replacing javax.annotation.Priority 
+  with jakarta.annotation.Priority (#659, #648)
 
 # version 0.71
 

diff --git a/full/src/main/java/de/ids_mannheim/korap/core/service/SearchService.java b/full/src/main/java/de/ids_mannheim/korap/core/service/SearchService.java
index c561fb6..e08f58d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/core/service/SearchService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/core/service/SearchService.java

@@ -10,8 +10,6 @@
 import java.util.Set;
 import java.util.regex.Pattern;
 
-import javax.annotation.PostConstruct;
-
 import org.apache.http.HttpStatus;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -37,6 +35,7 @@
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.web.ClientsHandler;
 import de.ids_mannheim.korap.web.SearchKrill;
+import jakarta.annotation.PostConstruct;
 import jakarta.ws.rs.core.HttpHeaders;
 import jakarta.ws.rs.core.MultivaluedHashMap;
 import jakarta.ws.rs.core.MultivaluedMap;

diff --git a/full/src/main/java/de/ids_mannheim/korap/encryption/RandomCodeGenerator.java b/full/src/main/java/de/ids_mannheim/korap/encryption/RandomCodeGenerator.java
index bf8cca1..fe7bab7 100644
--- a/full/src/main/java/de/ids_mannheim/korap/encryption/RandomCodeGenerator.java
+++ b/full/src/main/java/de/ids_mannheim/korap/encryption/RandomCodeGenerator.java

@@ -9,8 +9,6 @@
 import java.util.concurrent.ThreadLocalRandom;
 import java.util.stream.Collectors;
 
-import javax.annotation.PostConstruct;
-
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.ArrayUtils;
 import org.apache.logging.log4j.LogManager;
@@ -21,6 +19,7 @@
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
+import jakarta.annotation.PostConstruct;
 
 /**
  * Generates a random string that can be used for tokens, client id,

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
index 422aae0..cb81c3f 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java

@@ -9,7 +9,6 @@
 
 import com.nimbusds.oauth2.sdk.AuthorizationErrorResponse;
 import com.nimbusds.oauth2.sdk.OAuth2Error;
-import com.nimbusds.oauth2.sdk.id.State;
 
 import de.ids_mannheim.korap.constant.OAuth2Scope;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
@@ -20,6 +19,7 @@
 import de.ids_mannheim.korap.web.OAuth2ResponseHandler;
 import de.ids_mannheim.korap.web.filter.APIVersionFilter;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
+import de.ids_mannheim.korap.web.filter.BlockingFilter;
 import de.ids_mannheim.korap.web.utils.ResourceFilters;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.ws.rs.GET;
@@ -44,19 +44,14 @@
  */
 @Controller
 @Path("{version}/oauth2")
-@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class
-    //, BlockingFilter.class 
-    })
+@ResourceFilters({ APIVersionFilter.class, AuthenticationFilter.class,
+        BlockingFilter.class })
 @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
 public class OAuth2Controller {
 
     @Autowired
     private OAuth2ResponseHandler responseHandler;
-//    @Autowired
-//    private OltuTokenService tokenService;
-//    @Deprecated
-//    @Autowired
-//    private OltuAuthorizationService authorizationService;
+
     
     @Autowired
     private OAuth2AuthorizationService authorizationService;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/APIVersionFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/APIVersionFilter.java
index 7829482..ed0c2c3 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/APIVersionFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/APIVersionFilter.java

@@ -2,12 +2,11 @@
 
 import java.util.List;
 
-import javax.annotation.Priority;
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import jakarta.annotation.Priority;
 import jakarta.ws.rs.NotFoundException;
 import jakarta.ws.rs.container.ContainerRequestContext;
 import jakarta.ws.rs.container.ContainerRequestFilter;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
index 37291b4..18a12d8 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java

@@ -1,7 +1,5 @@
 package de.ids_mannheim.korap.web.filter;
 
-import javax.annotation.Priority;
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
@@ -11,6 +9,7 @@
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.utils.JerseyUtils;
 import de.ids_mannheim.korap.web.KustvaktResponseHandler;
+import jakarta.annotation.Priority;
 import jakarta.servlet.ServletContext;
 import jakarta.ws.rs.Priorities;
 import jakarta.ws.rs.container.ContainerRequestContext;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
index f146f7f..e24a7a4 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java

@@ -1,7 +1,5 @@
 package de.ids_mannheim.korap.web.filter;
 
-import javax.annotation.Priority;
-
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.glassfish.jersey.server.ContainerRequest;
@@ -18,6 +16,7 @@
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.utils.TimeUtils;
 import de.ids_mannheim.korap.web.KustvaktResponseHandler;
+import jakarta.annotation.Priority;
 import jakarta.ws.rs.Priorities;
 import jakarta.ws.rs.container.ContainerRequestContext;
 import jakarta.ws.rs.container.ContainerRequestFilter;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java
index 42fb916..09c811c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java

@@ -1,7 +1,5 @@
 package de.ids_mannheim.korap.web.filter;
 
-import javax.annotation.Priority;
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
@@ -9,6 +7,7 @@
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.web.KustvaktResponseHandler;
+import jakarta.annotation.Priority;
 import jakarta.ws.rs.Priorities;
 import jakarta.ws.rs.container.ContainerRequestContext;
 import jakarta.ws.rs.container.ContainerRequestFilter;
@@ -21,6 +20,7 @@
  *       endpoint filter to block access to an endpoint, in case no
  *       anonymous access should be allowed!
  */
+
 @Component
 @Priority(Priorities.AUTHORIZATION)
 public class BlockingFilter implements ContainerRequestFilter {
@@ -28,6 +28,7 @@
     @Autowired
     private KustvaktResponseHandler kustvaktResponseHandler;
 
+    
     @Override
     public void filter (ContainerRequestContext request) {
         TokenContext context;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
index 9af46c0..55ad2ae 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java

@@ -1,7 +1,5 @@
 package de.ids_mannheim.korap.web.filter;
 
-import javax.annotation.Priority;
-
 import org.glassfish.jersey.server.ContainerRequest;
 
 import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
@@ -9,6 +7,7 @@
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.security.context.KustvaktContext;
 import de.ids_mannheim.korap.security.context.TokenContext;
+import jakarta.annotation.Priority;
 import jakarta.ws.rs.Priorities;
 import jakarta.ws.rs.container.ContainerRequestContext;
 import jakarta.ws.rs.container.ContainerRequestFilter;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
index ee11506..330ece2 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java

@@ -2,8 +2,6 @@
 
 import java.security.Principal;
 
-import javax.annotation.Priority;
-
 import org.glassfish.jersey.server.ContainerRequest;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -14,6 +12,7 @@
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.TimeUtils;
+import jakarta.annotation.Priority;
 import jakarta.ws.rs.Priorities;
 import jakarta.ws.rs.container.ContainerRequestContext;
 import jakarta.ws.rs.container.ContainerRequestFilter;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java
index 190f398..c69e18e 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java

@@ -1,6 +1,5 @@
 package de.ids_mannheim.korap.web.filter;
 
-import javax.annotation.Priority;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -9,6 +8,7 @@
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.web.KustvaktResponseHandler;
+import jakarta.annotation.Priority;
 import jakarta.ws.rs.Priorities;
 import jakarta.ws.rs.container.ContainerRequestContext;
 import jakarta.ws.rs.container.ContainerRequestFilter;

diff --git a/full/src/main/java/de/ids_mannheim/korap/web/utils/JsonExceptionMapper.java b/full/src/main/java/de/ids_mannheim/korap/web/utils/JsonExceptionMapper.java
index 4b6bb28..a7efdf8 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/utils/JsonExceptionMapper.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/utils/JsonExceptionMapper.java

@@ -1,11 +1,11 @@
 package de.ids_mannheim.korap.web.utils;
 
-import javax.annotation.Priority;
 
 import com.fasterxml.jackson.databind.JsonMappingException;
 
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.web.CoreResponseHandler;
+import jakarta.annotation.Priority;
 import jakarta.ws.rs.core.Response;
 import jakarta.ws.rs.ext.ExceptionMapper;
 import jakarta.ws.rs.ext.Provider;

diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java
index 3019784..d19cdd9 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java

@@ -10,10 +10,11 @@
 import org.junit.Test;
 
 import com.fasterxml.jackson.databind.JsonNode;
+import com.nimbusds.oauth2.sdk.OAuth2Error;
 
 import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.utils.JsonUtils;
 import jakarta.ws.rs.core.MultivaluedMap;
 import jakarta.ws.rs.core.Response;
@@ -29,6 +30,19 @@
     }
     
     @Test
+    public void testAuthorizeUnauthenticated () throws KustvaktException {
+
+        Response response = requestAuthorizationCode("code", publicClientId, "",
+                "search match_info", "", "");
+        assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+        String entity = response.readEntity(String.class);
+        JsonNode node = JsonUtils.readTree(entity);
+        assertEquals(StatusCodes.AUTHORIZATION_FAILED,
+                node.at("/errors/0/0").asInt());
+        assertEquals("Unauthorized operation for user: guest",
+                node.at("/errors/0/1").asText());
+    }
+    @Test
     public void testAuthorizeConfidentialClient () throws KustvaktException {
         // with registered redirect URI
         Response response =
@@ -105,7 +119,7 @@
 
         String entity = response.readEntity(String.class);
         JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
+        assertEquals(OAuth2Error.INVALID_REQUEST.getCode(),
                 node.at("/error").asText());
         assertEquals("Missing parameter: redirect URI",
                 node.at("/error_description").asText());
@@ -148,7 +162,7 @@
         assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
         String entity = response.readEntity(String.class);
         JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(OAuth2Error.INVALID_CLIENT, node.at("/error").asText());
+        assertEquals(OAuth2Error.INVALID_CLIENT.getCode(), node.at("/error").asText());
         assertEquals("Unknown client: unknown-client-id",
                 node.at("/error_description").asText());
     }

diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
index 4555cd8..8ac612d 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java

@@ -4,16 +4,9 @@
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
-import java.net.URI;
 import java.time.ZonedDateTime;
 import java.util.Set;
 
-import jakarta.ws.rs.client.Entity;
-import jakarta.ws.rs.core.Form;
-import jakarta.ws.rs.core.MultivaluedMap;
-import jakarta.ws.rs.core.Response;
-import jakarta.ws.rs.core.Response.Status;
-
 import org.apache.http.entity.ContentType;
 import org.apache.oltu.oauth2.common.error.OAuthError;
 import org.apache.oltu.oauth2.common.message.types.GrantType;
@@ -32,6 +25,11 @@
 import de.ids_mannheim.korap.oauth2.entity.AccessScope;
 import de.ids_mannheim.korap.oauth2.entity.RefreshToken;
 import de.ids_mannheim.korap.utils.JsonUtils;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.MultivaluedMap;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
 
 /**
  * @author margaretha
@@ -50,261 +48,6 @@
     }
 
     @Test
-    public void testAuthorizeConfidentialClient () throws KustvaktException {
-        // with registered redirect URI
-        Response response =
-                requestAuthorizationCode("code", confidentialClientId, "",
-                        "match_info search client_info", state, userAuthHeader);
-
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-        URI redirectUri = response.getLocation();
-        MultivaluedMap<String, String> params =
-                getQueryParamsFromURI(redirectUri);
-        assertNotNull(params.getFirst("code"));
-        assertEquals(state, params.getFirst("state"));
-        assertEquals("match_info search client_info", params.getFirst("scope"));
-    }
-
-    @Test
-    public void testAuthorizePublicClient () throws KustvaktException {
-        // with registered redirect URI
-        String code = requestAuthorizationCode(publicClientId, userAuthHeader);
-        assertNotNull(code);
-    }
-
-    @Test
-    public void testAuthorizeWithRedirectUri () throws KustvaktException {
-        Response response =
-                requestAuthorizationCode("code", publicClientId2,
-                        "https://public.com/redirect", "search match_info", 
-                        "", userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        URI redirectUri = response.getLocation();
-        assertEquals("https", redirectUri.getScheme());
-        assertEquals("public.com", redirectUri.getHost());
-        assertEquals("/redirect", redirectUri.getPath());
-
-        String[] queryParts = redirectUri.getQuery().split("&");
-        assertTrue(queryParts[0].startsWith("code="));
-        assertEquals("scope=match_info+search", queryParts[1]);
-    }
-
-    @Test
-    public void testAuthorizeWithoutScope () throws KustvaktException {
-        Response response = requestAuthorizationCode("code",
-                confidentialClientId, "", "", "", userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        URI redirectUri = response.getLocation();
-        assertEquals(redirectUri.getScheme(), "https");
-        assertEquals(redirectUri.getHost(), "third.party.com");
-        assertEquals(redirectUri.getPath(), "/confidential/redirect");
-
-        String[] queryParts = redirectUri.getQuery().split("&");
-        assertTrue(queryParts[0].startsWith("error_description=scope+is+required"));
-        assertEquals(queryParts[1], "error=invalid_scope");
-    }
-
-    @Test
-    public void testAuthorizeMissingClientId () throws KustvaktException {
-        Response response = requestAuthorizationCode("code", "", "", "search",
-                "", userAuthHeader);
-        assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
-        String entity = response.readEntity(String.class);
-        JsonNode node = JsonUtils.readTree(entity);
-        assertEquals("Missing parameters: client_id",
-                node.at("/error_description").asText());
-    }
-
-    @Test
-    public void testAuthorizeMissingRedirectUri () throws KustvaktException {
-        Response response = requestAuthorizationCode("code",
-                publicClientId2, "", "search", state, userAuthHeader);
-        assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
-
-        String entity = response.readEntity(String.class);
-        JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
-                node.at("/error").asText());
-        assertEquals("Missing parameter: redirect URI",
-                node.at("/error_description").asText());
-        assertEquals(state, node.at("/state").asText());
-    }
-
-    @Test
-    public void testAuthorizeMissingResponseType() throws KustvaktException {
-        Response response = requestAuthorizationCode("",
-                confidentialClientId, "", "search", "", userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        assertEquals("https://third.party.com/confidential/redirect?"
-                + "error_description=Missing+parameters%3A+response_type&"
-                + "error=invalid_request", response.getLocation().toString());
-    }
-    
-    @Test
-    public void testAuthorizeMissingResponseTypeWithoutClientId () throws KustvaktException {
-        Response response = requestAuthorizationCode("",
-                "", "", "search", "", userAuthHeader);
-        
-        assertEquals(Status.BAD_REQUEST.getStatusCode(),
-                response.getStatus());
-        String entity = response.readEntity(String.class);
-        JsonNode node = JsonUtils.readTree(entity);
-        
-        assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
-                node.at("/error").asText());
-        assertEquals("Missing parameters: response_type client_id",
-                node.at("/error_description").asText());
-    }
-
-    @Test
-    public void testAuthorizeInvalidClientId () throws KustvaktException {
-        Response response = requestAuthorizationCode("code",
-                "unknown-client-id", "", "search", "", userAuthHeader);
-        assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
-        String entity = response.readEntity(String.class);
-        JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(OAuth2Error.INVALID_CLIENT, node.at("/error").asText());
-        assertEquals("Unknown client: unknown-client-id",
-                node.at("/error_description").asText());
-    }
-
-    @Test
-    public void testAuthorizeDifferentRedirectUri () throws KustvaktException {
-        String redirectUri = "https://different.uri/redirect";
-        Response response = requestAuthorizationCode("code",
-                confidentialClientId, redirectUri, "", state, userAuthHeader);
-        
-        testInvalidRedirectUri(response.readEntity(String.class), 
-                response.getHeaderString("Content-Type"),true,
-                response.getStatus());
-    }
-
-    @Test
-    public void testAuthorizeWithRedirectUriLocalhost ()
-            throws KustvaktException {
-        Response response = requestAuthorizationCode("code", publicClientId2,
-                "http://localhost:1410", "search", state, userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        URI redirectUri = response.getLocation();
-        MultivaluedMap<String, String> params =
-                getQueryParamsFromURI(redirectUri);
-        assertNotNull(params.getFirst("code"));
-        assertEquals(state, params.getFirst("state"));
-        assertEquals("search", params.getFirst("scope"));
-    }
-
-    @Test
-    public void testAuthorizeWithRedirectUriFragment ()
-            throws KustvaktException {
-        Response response = requestAuthorizationCode("code",
-                publicClientId2, "http://public.com/index.html#redirect", "search",
-                state, userAuthHeader);
-        testInvalidRedirectUri(response.readEntity(String.class), 
-                response.getHeaderString("Content-Type"),true,
-                response.getStatus());
-    }
-
-    @Test
-    public void testAuthorizeInvalidRedirectUri () throws KustvaktException {
-        // host not allowed by Apache URI Validator
-        String redirectUri = "https://public.uri/redirect";
-        Response response = requestAuthorizationCode("code",
-                publicClientId2, redirectUri, "", state, userAuthHeader);
-        testInvalidRedirectUri(response.readEntity(String.class), 
-                response.getHeaderString("Content-Type"),true,
-                response.getStatus());
-    }
-
-    @Test
-    public void testAuthorizeInvalidResponseType () throws KustvaktException {
-        // without redirect URI in the request
-        Response response = requestAuthorizationCode("string",
-                confidentialClientId, "", "search", state, userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        assertEquals("https://third.party.com/confidential/redirect?"
-                + "error_description=Invalid+response_type+parameter+"
-                + "value&state=thisIsMyState&" + "error=invalid_request",
-                response.getLocation().toString());
-
-        // with redirect URI, and no registered redirect URI
-        response = requestAuthorizationCode("string", publicClientId2,
-                "https://public.client.com/redirect", "", state,
-                userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        assertEquals("https://public.client.com/redirect?error_description="
-                + "Invalid+response_type+parameter+value&state=thisIsMyState&"
-                + "error=invalid_request", response.getLocation().toString());
-
-        // with different redirect URI
-        String redirectUri = "https://different.uri/redirect";
-        response = requestAuthorizationCode("string", confidentialClientId,
-                redirectUri, "", state, userAuthHeader);
-        assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
-
-        JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
-        assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
-                node.at("/error").asText());
-        assertEquals("Invalid redirect URI",
-                node.at("/error_description").asText());
-        assertEquals(state, node.at("/state").asText());
-
-        // without redirect URI in the request and no registered
-        // redirect URI
-        response = requestAuthorizationCode("string", publicClientId2, "", "",
-                state, userAuthHeader);
-        assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
-
-        node = JsonUtils.readTree(response.readEntity(String.class));
-        assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
-                node.at("/error").asText());
-        assertEquals("Missing parameter: redirect URI",
-                node.at("/error_description").asText());
-        assertEquals(state, node.at("/state").asText());
-    }
-
-    @Test
-    public void testAuthorizeInvalidScope () throws KustvaktException {
-        String scope = "read_address";
-        Response response = requestAuthorizationCode("code",
-                confidentialClientId, "", scope, state, userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        assertEquals(
-                "https://third.party.com/confidential/redirect?"
-                        + "error_description=read_address+is+an+invalid+scope&"
-                        + "state=thisIsMyState&error=invalid_scope",
-                response.getLocation().toString());
-    }
-
-    @Test
-    public void testAuthorizeUnsupportedTokenResponseType ()
-            throws KustvaktException {
-        Response response = requestAuthorizationCode("token",
-                confidentialClientId, "", "search", state, userAuthHeader);
-        assertEquals(Status.TEMPORARY_REDIRECT.getStatusCode(),
-                response.getStatus());
-
-        assertEquals("https://third.party.com/confidential/redirect?"
-                + "error_description=response_type+token+is+not+"
-                + "supported&state=thisIsMyState&error=unsupported_"
-                + "response_type", response.getLocation().toString());
-    }
-
-    @Test
     public void testRequestTokenAuthorizationPublic ()
             throws KustvaktException {
         String code = requestAuthorizationCode(publicClientId, userAuthHeader);
commit	db5da3725936330410fdc1bb2ff1bbef84c9acd3	[log] [tgz]
author	margaretha <margaretha@ids-mannheim.de>	Fri Sep 01 11:02:52 2023 +0200
committer	margaretha <margaretha@ids-mannheim.de>	Fri Sep 01 11:23:10 2023 +0200
tree	4c5832215fad1336021f0c452e2580bd8c678f24
parent	5f5d3edfba5fe84e65ca779ee68399241a3beaa1 [diff]