Updated OAuth2 response handler (#650)
Change-Id: Id00eec7cd37f3dc3efbadf1c7f8e1f7f2a3d15f9
diff --git a/full/Changes b/full/Changes
index 88bd821..590763f 100644
--- a/full/Changes
+++ b/full/Changes
@@ -20,6 +20,7 @@
- Fixed clearing cache
- Updated token response using Nimbus (#650)
- Remove Oltu request and validator implementations (#650)
+- Updated OAuth2 response handler (#650)
# version 0.71
diff --git a/full/pom.xml b/full/pom.xml
index af78195..51596cb 100644
--- a/full/pom.xml
+++ b/full/pom.xml
@@ -669,13 +669,6 @@
<scope>provided</scope>
</dependency>
- <!-- needed by apache Oltu -->
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <version>4.0.1</version>
- </dependency>
-
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-text</artifactId>
@@ -768,18 +761,6 @@
<!-- OAuth -->
<dependency>
- <groupId>org.apache.oltu.oauth2</groupId>
- <artifactId>org.apache.oltu.oauth2.authzserver</artifactId>
- <version>1.0.2</version>
- </dependency>
- <dependency>
- <groupId>org.apache.oltu.oauth2</groupId>
- <artifactId>org.apache.oltu.oauth2.client</artifactId>
- <version>1.0.2</version>
- </dependency>
-
- <!-- Nimbus -->
- <dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
<version>10.13.2</version>
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java b/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java
index 9ece449..112b05d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java
@@ -1,33 +1,23 @@
package de.ids_mannheim.korap.web;
import java.net.URI;
-import java.net.URISyntaxException;
+import java.util.HashMap;
+import java.util.Map;
import org.apache.http.HttpHeaders;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.message.OAuthResponse;
-import org.apache.oltu.oauth2.common.message.OAuthResponse.OAuthErrorResponseBuilder;
import com.nimbusds.oauth2.sdk.AccessTokenResponse;
-import com.nimbusds.oauth2.sdk.AuthorizationErrorResponse;
import com.nimbusds.oauth2.sdk.ErrorObject;
-import com.nimbusds.oauth2.sdk.ErrorResponse;
import com.nimbusds.oauth2.sdk.OAuth2Error;
-import com.nimbusds.oauth2.sdk.TokenErrorResponse;
-import com.nimbusds.oauth2.sdk.id.State;
import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
import jakarta.ws.rs.WebApplicationException;
-import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.Response.ResponseBuilder;
import jakarta.ws.rs.core.Response.Status;
/**
- * OAuth2ResponseHandler builds {@link Response}s from
- * {@link OAuthResponse}s and handles exceptions by building
+ * OAuth2ResponseHandler builds {@link Response}s and handles exceptions by building
* OAuth error responses accordingly.
*
* <br/><br/>
@@ -41,185 +31,80 @@
*
*/
public class OAuth2ResponseHandler extends KustvaktResponseHandler {
-
- public WebApplicationException throwit (OAuthSystemException e) {
- return throwit(StatusCodes.OAUTH2_SYSTEM_ERROR, e.getMessage());
- }
-
- public WebApplicationException throwit (OAuthSystemException e,
- String state) {
- if (state != null && !state.isEmpty()) {
- return throwit(StatusCodes.OAUTH2_SYSTEM_ERROR, e.getMessage(),
- "state=" + state);
- }
- return throwit(e);
- }
-
- public WebApplicationException throwit (OAuthProblemException e) {
- OAuthResponse oAuthResponse = null;
- String state = e.getState();
- try {
- OAuthErrorResponseBuilder builder =
- OAuthResponse.errorResponse(e.getResponseStatus()).error(e);
- if (state != null && !state.isEmpty()) {
- builder.setState(state);
- }
- if (e.getRedirectUri()!= null && !e.getRedirectUri().isEmpty()) {
- builder.location(e.getRedirectUri());
- oAuthResponse = builder.buildQueryMessage();
- }
- else {
- oAuthResponse = builder.buildJSONMessage();
- }
- }
- catch (OAuthSystemException e1) {
- throwit(e1, state);
- }
- Response r = createResponse(oAuthResponse.getResponseStatus(),
- oAuthResponse.getBody(), oAuthResponse.getLocationUri());
- return new WebApplicationException(r);
- }
-
-
-
@Override
- public WebApplicationException throwit (KustvaktException e){
+ public WebApplicationException throwit (KustvaktException e) {
return throwit(e, null);
}
-
+
public WebApplicationException throwit (KustvaktException e, String state) {
String errorCode = e.getEntity();
-
int responseStatus = e.getResponseStatus();
- try {
- if(responseStatus>0) {
- return throwit(createOAuthProblemException(e, responseStatus, state));
- }
- else if (errorCode == null){
- return super.throwit(e);
- }
- else if (errorCode.equals(OAuth2Error.INVALID_CLIENT.getCode())
- || errorCode.equals(OAuth2Error.UNAUTHORIZED_CLIENT.getCode())
- || errorCode.equals(de.ids_mannheim.korap.oauth2.constant.OAuth2Error.INVALID_TOKEN)) {
- return throwit(createOAuthProblemException(e,
- Status.UNAUTHORIZED.getStatusCode(), state));
- }
- else if (errorCode.equals(OAuth2Error.INVALID_GRANT.getCode())
- || errorCode.equals(OAuth2Error.INVALID_REQUEST.getCode())
- || errorCode.equals(OAuth2Error.INVALID_SCOPE.getCode())
- || errorCode.equals(OAuth2Error.UNSUPPORTED_GRANT_TYPE.getCode())
- || errorCode.equals(OAuth2Error.UNSUPPORTED_RESPONSE_TYPE.getCode())
- || errorCode.equals(OAuth2Error.ACCESS_DENIED.getCode())) {
- return throwit(createOAuthProblemException(e,
- Status.BAD_REQUEST.getStatusCode(), state));
- }
- else if (errorCode.equals(de.ids_mannheim.korap.oauth2.constant.OAuth2Error.INSUFFICIENT_SCOPE)) {
- return throwit(createOAuthProblemException(e,
- Status.FORBIDDEN.getStatusCode(), state));
- }
- else if (errorCode.equals(OAuth2Error.SERVER_ERROR.getCode())) {
- return throwit(createOAuthProblemException(e,
- Status.INTERNAL_SERVER_ERROR.getStatusCode(), state));
- }
- else if (errorCode.equals(OAuth2Error.TEMPORARILY_UNAVAILABLE.getCode())) {
- return throwit(createOAuthProblemException(e,
- Status.SERVICE_UNAVAILABLE.getStatusCode(), state));
- }
- else {
- return super.throwit(e);
- }
- }
- catch (OAuthSystemException e1) {
- return throwit(e1, state);
- }
- }
- private OAuthProblemException createOAuthProblemException (
- KustvaktException e, int statusCode, String state)
- throws OAuthSystemException {
- OAuthProblemException ex = OAuthProblemException.error(e.getEntity())
- .responseStatus(statusCode).state(state)
- .description(e.getMessage());
- if (e.getRedirectUri()!= null) {
- ex.setRedirectUri(e.getRedirectUri().toString());
+ Response r = null;
+ if (responseStatus > 0) {
+ r = createResponse(e,
+ Status.fromStatusCode(responseStatus), state);
}
- return ex;
- }
-
- private ErrorResponse createErrorResponse (
- KustvaktException e, String statusCode, String state){
- ErrorResponse r = null;
-
- if (e.getRedirectUri()!=null) {
- ErrorObject eo = new ErrorObject(statusCode, e.getMessage());
- State s = new State(state);
- r = new AuthorizationErrorResponse(e.getRedirectUri(), eo, s, null);
+ else if (errorCode == null) {
+ return super.throwit(e);
}
-
- return r;
- }
-
- /**
- * RFC 6749 regarding authorization error response:
- *
- * If the request fails due to a missing, invalid, or mismatching
- * redirection URI, or if the client identifier is missing or
- * invalid, the authorization server SHOULD inform the resource
- * owner of the error and MUST NOT automatically redirect the
- * user-agent to the invalid redirection URI.
- *
- * If the resource owner denies the access request or if the
- * request fails for reasons other than a missing or invalid
- * redirection URI, the authorization server informs the client by
- * adding the following parameters to the query component of the
- * redirection URI using the "application/x-www-form-urlencoded"
- * format.
- *
- * @param oAuthResponse
- * @return
- */
- public Response createResponse (int status, String body, String uri) {
- ResponseBuilder builder =
- Response.status(status);
- builder.entity(body);
- builder.header(HttpHeaders.CACHE_CONTROL, "no-store");
- builder.header(HttpHeaders.PRAGMA, "no-store");
-
- if (status == Status.UNAUTHORIZED
- .getStatusCode()) {
- builder.header(HttpHeaders.WWW_AUTHENTICATE,
- "Basic realm=\"Kustvakt\"");
+ else if (errorCode.equals(OAuth2Error.INVALID_CLIENT.getCode())
+ || errorCode.equals(OAuth2Error.UNAUTHORIZED_CLIENT.getCode())
+ || errorCode.equals(
+ de.ids_mannheim.korap.oauth2.constant.OAuth2Error.INVALID_TOKEN)) {
+ r = createResponse(e, Status.UNAUTHORIZED, state);
}
- if (uri != null && !uri.isEmpty()) {
- try {
- builder.location(new URI(uri));
- builder.type(MediaType.APPLICATION_FORM_URLENCODED_TYPE);
- }
- catch (URISyntaxException e) {
- e.printStackTrace();
- }
+ else if (errorCode.equals(OAuth2Error.INVALID_GRANT.getCode())
+ || errorCode.equals(OAuth2Error.INVALID_REQUEST.getCode())
+ || errorCode.equals(OAuth2Error.INVALID_SCOPE.getCode())
+ || errorCode
+ .equals(OAuth2Error.UNSUPPORTED_GRANT_TYPE.getCode())
+ || errorCode
+ .equals(OAuth2Error.UNSUPPORTED_RESPONSE_TYPE.getCode())
+ || errorCode.equals(OAuth2Error.ACCESS_DENIED.getCode())) {
+ r = createResponse(e, Status.BAD_REQUEST, state);
}
-
- return builder.build();
+ else if (errorCode.equals(
+ de.ids_mannheim.korap.oauth2.constant.OAuth2Error.INSUFFICIENT_SCOPE)) {
+ r = createResponse(e, Status.FORBIDDEN, state);
+ }
+ else if (errorCode.equals(OAuth2Error.SERVER_ERROR.getCode())) {
+ r = createResponse(e, Status.INTERNAL_SERVER_ERROR,
+ state);
+ }
+ else if (errorCode
+ .equals(OAuth2Error.TEMPORARILY_UNAVAILABLE.getCode())) {
+ r = createResponse(e, Status.SERVICE_UNAVAILABLE,
+ state);
+ }
+ else {
+ return super.throwit(e);
+ }
+ return new WebApplicationException(r);
}
public Response sendRedirect (URI locationUri) {
ResponseBuilder builder = Response.temporaryRedirect(locationUri);
return builder.build();
}
+
+ private Response createResponse (KustvaktException e, Status statusCode,
+ String state) {
+ ErrorObject eo = new ErrorObject(e.getEntity(), e.getMessage());
+ if (state != null && !state.isEmpty()) {
+ Map<String, String> map = new HashMap<String, String>();
+ map.put("state", state);
+ eo = eo.setCustomParams(map);
+ }
+ return createResponse(statusCode, eo.toJSONObject().toJSONString());
+ }
public Response createResponse (AccessTokenResponse tokenResponse) {
String jsonString = tokenResponse.toJSONObject().toJSONString();
return createResponse(Status.OK, jsonString);
}
- public Response createResponse (TokenErrorResponse tokenResponse,
- Status status) {
- String jsonString = tokenResponse.toJSONObject().toJSONString();
- return createResponse(status, jsonString);
- }
-
- private Response createResponse (Status status, Object entity) {
+ private Response createResponse (Status status, String entity) {
ResponseBuilder builder = Response.status(status);
builder.entity(entity);
builder.header(HttpHeaders.CACHE_CONTROL, "no-store");
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
index c35014e..315728a 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
@@ -12,10 +12,11 @@
import jakarta.ws.rs.core.Response.Status;
import org.apache.http.entity.ContentType;
-import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.junit.jupiter.api.Test;
import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.net.HttpHeaders;
+import com.nimbusds.oauth2.sdk.GrantType;
+
import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.constant.OAuth2Scope;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationPostTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationPostTest.java
index 9e1542d..a2e7090 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationPostTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationPostTest.java
@@ -12,7 +12,6 @@
import jakarta.ws.rs.core.Response.Status;
import org.apache.http.entity.ContentType;
-import org.apache.oltu.oauth2.common.message.types.TokenType;
import org.glassfish.jersey.uri.UriComponent;
import org.junit.jupiter.api.Test;
import org.springframework.util.MultiValueMap;
@@ -21,6 +20,7 @@
import com.google.common.net.HttpHeaders;
import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.constant.TokenType;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.utils.JsonUtils;
@@ -71,7 +71,7 @@
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.at("/access_token").asText());
assertNotNull(node.at("/refresh_token").asText());
- assertEquals(TokenType.BEARER.toString(),
+ assertEquals(TokenType.BEARER.displayName(),
node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java
index d9861c2..a91b119 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AuthorizationTest.java
@@ -7,14 +7,12 @@
import java.net.URI;
import org.junit.jupiter.api.Test;
-import org.apache.oltu.oauth2.common.error.OAuthError;
-
import com.fasterxml.jackson.databind.JsonNode;
-import com.nimbusds.oauth2.sdk.OAuth2Error;
import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
import de.ids_mannheim.korap.utils.JsonUtils;
import jakarta.ws.rs.core.MultivaluedMap;
import jakarta.ws.rs.core.Response;
@@ -119,7 +117,7 @@
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuth2Error.INVALID_REQUEST.getCode(),
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertEquals("Missing parameter: redirect URI",
node.at("/error_description").asText());
@@ -149,7 +147,7 @@
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertEquals("Missing parameter: client_id",
node.at("/error_description").asText());
@@ -162,7 +160,7 @@
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuth2Error.INVALID_CLIENT.getCode(), node.at("/error").asText());
+ assertEquals(OAuth2Error.INVALID_CLIENT, node.at("/error").asText());
assertEquals("Unknown client: unknown-client-id",
node.at("/error_description").asText());
}
@@ -249,7 +247,7 @@
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
- assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertEquals("Invalid redirect URI",
node.at("/error_description").asText());
@@ -262,7 +260,7 @@
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
node = JsonUtils.readTree(response.readEntity(String.class));
- assertEquals(OAuthError.CodeResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertEquals("Missing parameter: redirect URI",
node.at("/error_description").asText());
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
index 127e2d2..25127d5 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
@@ -12,19 +12,14 @@
import java.util.Map.Entry;
import java.util.Set;
-import jakarta.ws.rs.ProcessingException;
-import jakarta.ws.rs.client.Entity;
-import jakarta.ws.rs.core.Form;
-import jakarta.ws.rs.core.Response;
-import jakarta.ws.rs.core.Response.Status;
-
import org.apache.commons.io.IOUtils;
import org.apache.http.entity.ContentType;
-import org.apache.oltu.oauth2.common.error.OAuthError;
import org.glassfish.jersey.server.ContainerRequest;
import org.junit.jupiter.api.Test;
+
import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.net.HttpHeaders;
+
import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.exceptions.KustvaktException;
@@ -33,6 +28,11 @@
import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
import de.ids_mannheim.korap.utils.JsonUtils;
import de.ids_mannheim.korap.web.input.OAuth2ClientJson;
+import jakarta.ws.rs.ProcessingException;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
/**
* @author margaretha
@@ -47,15 +47,6 @@
userAuthHeader = HttpAuthorizationHandler.createBasicAuthorizationHeaderValue("dory", "password");
}
- private void checkWWWAuthenticateHeader(Response response) {
- Set<Entry<String, List<Object>>> headers = response.getHeaders().entrySet();
- for (Entry<String, List<Object>> header : headers) {
- if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
- assertEquals(header.getValue().get(0), "Basic realm=\"Kustvakt\"");
- }
- }
- }
-
private OAuth2ClientJson createOAuth2ClientJson(String name, OAuth2ClientType type, String description) {
OAuth2ClientJson client = new OAuth2ClientJson();
if (name != null) {
@@ -240,7 +231,7 @@
private void testInvalidUrl(String entity, int status) throws KustvaktException {
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.CodeResponse.INVALID_REQUEST, node.at("/error").asText());
+ assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
assertEquals(node.at("/error_description").asText(), "Invalid URL");
assertEquals(Status.BAD_REQUEST.getStatusCode(), status);
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
index 6374959..af00355 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ControllerTest.java
@@ -8,16 +8,17 @@
import java.util.Set;
import org.apache.http.entity.ContentType;
-import org.apache.oltu.oauth2.common.error.OAuthError;
-import org.apache.oltu.oauth2.common.message.types.GrantType;
-import org.apache.oltu.oauth2.common.message.types.TokenType;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
+
import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.net.HttpHeaders;
+import com.nimbusds.oauth2.sdk.GrantType;
+
import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.config.FullConfiguration;
+import de.ids_mannheim.korap.constant.TokenType;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
import de.ids_mannheim.korap.oauth2.entity.AccessScope;
@@ -51,7 +52,7 @@
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
String accessToken = node.at("/access_token").asText();
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertEquals(31536000, node.at("/expires_in").asInt());
testRevokeToken(accessToken, publicClientId, null, ACCESS_TOKEN_TYPE);
assertTrue(node.at("/refresh_token").isMissingNode());
@@ -70,7 +71,7 @@
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.at("/access_token").asText());
assertNotNull(node.at("/refresh_token").asText());
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
testRequestTokenWithUsedAuthorization(code);
String refreshToken = node.at("/refresh_token").asText();
@@ -86,7 +87,7 @@
String entity = response.readEntity(String.class);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_GRANT, node.at("/error").asText());
+ assertEquals(OAuth2Error.INVALID_GRANT, node.at("/error").asText());
assertEquals(node.at("/error_description").asText(), "Invalid authorization");
}
@@ -96,7 +97,7 @@
String entity = response.readEntity(String.class);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, node.at("/error").asText());
+ assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
}
@Test
@@ -149,7 +150,7 @@
Response response = requestToken(tokenForm);
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_GRANT, node.at("/error").asText());
+ assertEquals(OAuth2Error.INVALID_GRANT, node.at("/error").asText());
assertEquals(node.at("/error_description").asText(), "Invalid authorization");
}
@@ -160,7 +161,7 @@
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.at("/access_token").asText());
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
assertEquals(node.at("/scope").asText(), "all");
String refresh = node.at("/refresh_token").asText();
@@ -186,7 +187,7 @@
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.at("/access_token").asText());
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
assertEquals(scope, node.at("/scope").asText());
String refreshToken = node.at("/refresh_token").asText();
@@ -200,7 +201,7 @@
String entity = response.readEntity(String.class);
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.UNAUTHORIZED_CLIENT, node.at("/error").asText());
+ assertEquals(OAuth2Error.UNAUTHORIZED_CLIENT, node.at("/error").asText());
assertEquals(node.at("/error_description").asText(), "Password grant is not allowed for third party clients");
}
@@ -226,7 +227,7 @@
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.at("/access_token").asText());
assertNotNull(node.at("/refresh_token").asText());
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
}
@@ -248,7 +249,7 @@
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.at("/access_token").asText());
assertNotNull(node.at("/refresh_token").asText());
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
}
@@ -261,7 +262,7 @@
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertNotNull(node.at("/error_description").asText());
}
@@ -274,7 +275,7 @@
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, node.at("/error").asText());
+ assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
assertEquals(node.at("/error_description").asText(), "Missing parameter: client_secret");
}
@@ -284,7 +285,7 @@
String entity = response.readEntity(String.class);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertNotNull(node.at("/error_description").asText());
}
@@ -298,7 +299,7 @@
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertNotNull(node.at("/error_description").asText());
}
@@ -316,7 +317,7 @@
// length?
assertNotNull(node.at("/access_token").asText());
assertNotNull(node.at("/refresh_token").asText());
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
}
@@ -334,7 +335,7 @@
String entity = response.readEntity(String.class);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.at("/error").asText());
assertNotNull(node.at("/error_description").asText());
}
@@ -353,7 +354,7 @@
// length?
assertNotNull(node.at("/access_token").asText());
assertNotNull(node.at("/refresh_token").asText());
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
assertEquals(node.at("/scope").asText(), "client_info");
}
@@ -365,7 +366,7 @@
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
String entity = response.readEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, node.at("/error").asText());
+ assertEquals(OAuth2Error.INVALID_REQUEST, node.at("/error").asText());
}
@Test
@@ -377,7 +378,7 @@
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
assertNotNull(node.get("error_description").asText());
- assertEquals(OAuthError.TokenResponse.INVALID_REQUEST,
+ assertEquals(OAuth2Error.INVALID_REQUEST,
node.get("error").asText());
}
@@ -407,7 +408,7 @@
assertNotNull(node.at("/access_token").asText());
String newRefreshToken = node.at("/refresh_token").asText();
assertNotNull(newRefreshToken);
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
assertTrue(!newRefreshToken.equals(refreshToken));
testRequestTokenWithRevokedRefreshToken(clientId, clientSecret, refreshToken);
@@ -442,7 +443,7 @@
assertNotNull(node.at("/access_token").asText());
String newRefreshToken = node.at("/refresh_token").asText();
assertNotNull(newRefreshToken);
- assertEquals(TokenType.BEARER.toString(), node.at("/token_type").asText());
+ assertEquals(TokenType.BEARER.displayName(), node.at("/token_type").asText());
assertNotNull(node.at("/expires_in").asText());
assertTrue(!newRefreshToken.equals(refreshToken));
assertEquals(scope, node.at("/scope").asText());
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
index f922624..6895c26 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2TestBase.java
@@ -8,7 +8,6 @@
import java.util.Set;
import org.apache.http.entity.ContentType;
-import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.glassfish.jersey.client.ClientConfig;
import org.glassfish.jersey.client.ClientProperties;
import org.glassfish.jersey.uri.UriComponent;
@@ -18,6 +17,7 @@
import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.net.HttpHeaders;
+import com.nimbusds.oauth2.sdk.GrantType;
import com.nimbusds.oauth2.sdk.OAuth2Error;
import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
@@ -467,6 +467,7 @@
protected void testInvalidRedirectUri (String entity, String contentType,
boolean includeState, int status) throws KustvaktException {
JsonNode node = JsonUtils.readTree(entity);
+ System.out.println(node);
assertEquals(OAuth2Error.INVALID_REQUEST.getCode(),
node.at("/error").asText());
assertEquals("Invalid redirect URI",