Implemented OAuth2 request access token with client credentials grant.
Change-Id: I98b8608d25eebf22eeeaf2637a181dd94c6a6fc2
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
index 483c6e2..6e1904b 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
@@ -5,8 +5,8 @@
import static org.junit.Assert.assertTrue;
import java.util.List;
-import java.util.Set;
import java.util.Map.Entry;
+import java.util.Set;
import javax.ws.rs.core.MultivaluedMap;
@@ -29,7 +29,6 @@
import de.ids_mannheim.korap.config.SpringJerseyTest;
import de.ids_mannheim.korap.constant.OAuth2ClientType;
import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
import de.ids_mannheim.korap.utils.JsonUtils;
import de.ids_mannheim.korap.web.input.OAuth2ClientJson;
@@ -100,8 +99,8 @@
OAuth2ClientJson json = new OAuth2ClientJson();
json.setName("OAuth2PublicClient");
json.setType(OAuth2ClientType.PUBLIC);
- json.setUrl("http://public.client.com");
- json.setRedirectURI("https://public.client.com/redirect");
+ json.setUrl("http://test.public.client.com");
+ json.setRedirectURI("https://test.public.client.com/redirect");
ClientResponse response = resource().path("oauth2").path("client")
.path("register")
@@ -130,7 +129,7 @@
form.add("client_id", clientId);
ClientResponse response = resource().path("oauth2").path("client")
- .path("deregister")
+ .path("deregister").path("public")
.header(Attributes.AUTHORIZATION,
handler.createBasicAuthorizationHeaderValue(username,
"pass"))
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
index 794ea6b..46671ff 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
@@ -1,13 +1,14 @@
package de.ids_mannheim.korap.web.controller;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response.Status;
import org.apache.http.entity.ContentType;
import org.apache.oltu.oauth2.common.error.OAuthError;
-import org.apache.oltu.oauth2.common.message.types.GrantType;
+import org.apache.oltu.oauth2.common.message.types.TokenType;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
@@ -32,7 +33,55 @@
@Autowired
private HttpAuthorizationHandler handler;
- private String username = "OAuth2ControllerTest";
+
+ private ClientResponse testRequestTokenConfidentialClient (
+ MultivaluedMap<String, String> form)
+ throws UniformInterfaceException, ClientHandlerException,
+ KustvaktException {
+ return resource().path("oauth2").path("token")
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue(
+ "fCBbQkAyYzI4NzUxMg==", "secret"))
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .header(HttpHeaders.CONTENT_TYPE,
+ ContentType.APPLICATION_FORM_URLENCODED)
+ .entity(form).post(ClientResponse.class);
+ }
+
+ @Test
+ public void testRequestTokenClientCredentialsGrant ()
+ throws UniformInterfaceException, ClientHandlerException,
+ KustvaktException {
+
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ form.add("grant_type", "client_credentials");
+
+ ClientResponse response = testRequestTokenConfidentialClient(form);
+ String entity = response.getEntity(String.class);
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+
+ JsonNode node = JsonUtils.readTree(entity);
+ // length?
+ assertNotNull(node.at("/access_token").asText());
+ assertNotNull(node.at("/refresh_token").asText());
+ assertEquals(TokenType.BEARER.toString(),
+ node.at("/token_type").asText());
+ assertNotNull(node.at("/expires_in").asText());
+ }
+
+ @Test
+ public void testRequestTokenMissingGrantType ()
+ throws UniformInterfaceException, ClientHandlerException,
+ KustvaktException {
+ MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+ ClientResponse response = testRequestTokenConfidentialClient(form);
+ assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
+
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
+ node.at("/error").asText());
+ }
@Test
public void testRequestTokenUnsupportedGrant ()
@@ -43,23 +92,19 @@
form.add("grant_type", "blahblah");
ClientResponse response = resource().path("oauth2").path("token")
- .header(Attributes.AUTHORIZATION,
- handler.createBasicAuthorizationHeaderValue(username,
- "pass"))
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
.header(HttpHeaders.CONTENT_TYPE,
ContentType.APPLICATION_FORM_URLENCODED)
.entity(form).post(ClientResponse.class);
String entity = response.getEntity(String.class);
-// System.out.println(entity);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals("blahblah is not supported.",
+ assertEquals("Invalid grant_type parameter value",
node.get("error_description").asText());
- assertEquals(OAuthError.TokenResponse.UNSUPPORTED_GRANT_TYPE,
- node.get("error"));
+ assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
+ node.get("error").asText());
}
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
index 71b1162..ad2874a 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
@@ -54,12 +54,12 @@
if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
assertEquals("Api realm=\"Kustvakt\"",
header.getValue().get(0));
- assertEquals("Session realm=\"Kustvakt\"",
- header.getValue().get(1));
+// assertEquals("Session realm=\"Kustvakt\"",
+// header.getValue().get(1));
assertEquals("Bearer realm=\"Kustvakt\"",
- header.getValue().get(2));
+ header.getValue().get(1));
assertEquals("Basic realm=\"Kustvakt\"",
- header.getValue().get(3));
+ header.getValue().get(2));
}
}
}
diff --git a/full/src/test/resources/test-config.xml b/full/src/test/resources/test-config.xml
index 66b6c97..0445d65 100644
--- a/full/src/test/resources/test-config.xml
+++ b/full/src/test/resources/test-config.xml
@@ -184,7 +184,7 @@
<bean id="kustvaktExceptionHandler" class="de.ids_mannheim.korap.web.KustvaktExceptionHandler">
<constructor-arg index="0" name="iface" ref="kustvakt_auditing" />
</bean>
- <bean id="oauth2ExceptionHandler" class="de.ids_mannheim.korap.web.OAuth2ExceptionHandler">
+ <bean id="oauth2ResponseHandler" class="de.ids_mannheim.korap.web.OAuth2ResponseHandler">
<constructor-arg index="0" name="iface" ref="kustvakt_auditing" />
</bean>