| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 1 | package de.ids_mannheim.korap.web.controller; |
| 2 | |
| 3 | import static org.junit.Assert.assertEquals; |
| 4 | import static org.junit.Assert.assertNotNull; |
| 5 | |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 6 | import java.io.IOException; |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 7 | |
| margaretha | b1081b1 | 2018-07-03 23:35:01 +0200 | [diff] [blame] | 8 | import javax.ws.rs.core.MultivaluedMap; |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 9 | import javax.ws.rs.core.Response.Status; |
| margaretha | b1081b1 | 2018-07-03 23:35:01 +0200 | [diff] [blame] | 10 | |
| 11 | import org.apache.http.entity.ContentType; |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 12 | import org.junit.Test; |
| 13 | |
| 14 | import com.fasterxml.jackson.databind.JsonNode; |
| 15 | import com.google.common.net.HttpHeaders; |
| 16 | import com.sun.jersey.api.client.ClientResponse; |
| margaretha | b1081b1 | 2018-07-03 23:35:01 +0200 | [diff] [blame] | 17 | import com.sun.jersey.core.util.MultivaluedMapImpl; |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 18 | |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 19 | import de.ids_mannheim.korap.authentication.http.TransferEncoding; |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 20 | import de.ids_mannheim.korap.config.Attributes; |
| 21 | import de.ids_mannheim.korap.config.SpringJerseyTest; |
| 22 | import de.ids_mannheim.korap.exceptions.KustvaktException; |
| 23 | import de.ids_mannheim.korap.exceptions.StatusCodes; |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 24 | import de.ids_mannheim.korap.oauth2.constant.OAuth2Scope; |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 25 | import de.ids_mannheim.korap.utils.JsonUtils; |
| 26 | |
| 27 | public class OAuth2AccessTokenTest extends SpringJerseyTest { |
| 28 | |
| margaretha | 49cb688 | 2018-07-04 04:19:54 +0200 | [diff] [blame] | 29 | private String requestToken () throws KustvaktException { |
| 30 | MultivaluedMap<String, String> form = new MultivaluedMapImpl(); |
| 31 | form.add("grant_type", "password"); |
| 32 | form.add("client_id", "fCBbQkAyYzI4NzUxMg"); |
| 33 | form.add("client_secret", "secret"); |
| 34 | form.add("username", "dory"); |
| 35 | form.add("password", "password"); |
| margaretha | b1081b1 | 2018-07-03 23:35:01 +0200 | [diff] [blame] | 36 | |
| margaretha | 49cb688 | 2018-07-04 04:19:54 +0200 | [diff] [blame] | 37 | ClientResponse response = resource().path("oauth2").path("token") |
| 38 | .header(HttpHeaders.CONTENT_TYPE, |
| 39 | ContentType.APPLICATION_FORM_URLENCODED) |
| 40 | .entity(form).post(ClientResponse.class); |
| margaretha | b1081b1 | 2018-07-03 23:35:01 +0200 | [diff] [blame] | 41 | |
| margaretha | 49cb688 | 2018-07-04 04:19:54 +0200 | [diff] [blame] | 42 | String entity = response.getEntity(String.class); |
| 43 | JsonNode node = JsonUtils.readTree(entity); |
| 44 | return node.at("/access_token").asText(); |
| margaretha | b1081b1 | 2018-07-03 23:35:01 +0200 | [diff] [blame] | 45 | } |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 46 | |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 47 | @Test |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 48 | public void testListVCScope () throws KustvaktException { |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 49 | MultivaluedMap<String, String> form = new MultivaluedMapImpl(); |
| 50 | form.add("grant_type", "password"); |
| 51 | form.add("client_id", "fCBbQkAyYzI4NzUxMg"); |
| 52 | form.add("client_secret", "secret"); |
| 53 | form.add("username", "dory"); |
| 54 | form.add("password", "password"); |
| 55 | form.add("scope", OAuth2Scope.VC_INFO.toString()); |
| 56 | |
| 57 | ClientResponse response = resource().path("oauth2").path("token") |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 58 | .header(HttpHeaders.AUTHORIZATION, |
| 59 | "Bearer" + TransferEncoding |
| 60 | .encodeBase64("fCBbQkAyYzI4NzUxMg", "secret")) |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 61 | .header(HttpHeaders.CONTENT_TYPE, |
| 62 | ContentType.APPLICATION_FORM_URLENCODED) |
| 63 | .entity(form).post(ClientResponse.class); |
| 64 | |
| 65 | String entity = response.getEntity(String.class); |
| 66 | JsonNode node = JsonUtils.readTree(entity); |
| 67 | String token = node.at("/access_token").asText(); |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 68 | |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 69 | response = resource().path("vc").path("list") |
| 70 | .header(Attributes.AUTHORIZATION, "Bearer " + token) |
| 71 | .get(ClientResponse.class); |
| 72 | |
| 73 | assertEquals(Status.OK.getStatusCode(), response.getStatus()); |
| 74 | entity = response.getEntity(String.class); |
| 75 | node = JsonUtils.readTree(entity); |
| 76 | assertEquals(4, node.size()); |
| 77 | } |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 78 | |
| 79 | @Test |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 80 | public void testListVCScopeNotAuthorized () |
| 81 | throws KustvaktException, IOException { |
| 82 | String accessToken = requestToken(); |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 83 | ClientResponse response = resource().path("vc").path("list") |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 84 | .header(Attributes.AUTHORIZATION, "Bearer " + accessToken) |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 85 | .get(ClientResponse.class); |
| 86 | |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 87 | assertEquals(ClientResponse.Status.UNAUTHORIZED.getStatusCode(), |
| 88 | response.getStatus()); |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 89 | String entity = response.getEntity(String.class); |
| 90 | JsonNode node = JsonUtils.readTree(entity); |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 91 | assertEquals(StatusCodes.AUTHORIZATION_FAILED, |
| 92 | node.at("/errors/0/0").asInt()); |
| 93 | assertEquals("Scope vc_info is not authorized", |
| 94 | node.at("/errors/0/1").asText()); |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 95 | |
| margaretha | 0a45be1 | 2018-07-12 15:06:30 +0200 | [diff] [blame^] | 96 | testListVCAccessBearerNotAuthorize(accessToken); |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 97 | testSearchWithOAuth2Token(accessToken); |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 98 | } |
| 99 | |
| margaretha | 0a45be1 | 2018-07-12 15:06:30 +0200 | [diff] [blame^] | 100 | private void testListVCAccessBearerNotAuthorize (String accessToken) |
| 101 | throws KustvaktException { |
| 102 | ClientResponse response = |
| 103 | resource().path("vc").path("access").path("list") |
| 104 | .header(Attributes.AUTHORIZATION, |
| 105 | "Bearer " + accessToken) |
| 106 | .get(ClientResponse.class); |
| 107 | String entity = response.getEntity(String.class); |
| 108 | assertEquals(ClientResponse.Status.UNAUTHORIZED.getStatusCode(), |
| 109 | response.getStatus()); |
| 110 | JsonNode node = JsonUtils.readTree(entity); |
| 111 | assertEquals(StatusCodes.AUTHORIZATION_FAILED, |
| 112 | node.at("/errors/0/0").asInt()); |
| 113 | assertEquals("Token type Bearer is not allowed", |
| 114 | node.at("/errors/0/1").asText()); |
| 115 | } |
| 116 | |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 117 | private void testSearchWithOAuth2Token (String accessToken) |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 118 | throws KustvaktException, IOException { |
| 119 | ClientResponse response = resource().path("search") |
| 120 | .queryParam("q", "Wasser").queryParam("ql", "poliqarp") |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 121 | .header(Attributes.AUTHORIZATION, "Bearer " + accessToken) |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 122 | .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32") |
| 123 | .get(ClientResponse.class); |
| 124 | |
| margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 125 | String ent = response.getEntity(String.class); |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 126 | |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 127 | assertEquals(ClientResponse.Status.OK.getStatusCode(), |
| 128 | response.getStatus()); |
| margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 129 | |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 130 | JsonNode node = JsonUtils.readTree(ent); |
| 131 | assertNotNull(node); |
| 132 | assertEquals(25, node.at("/matches").size()); |
| 133 | } |
| 134 | |
| 135 | @Test |
| 136 | public void testSearchWithUnknownToken () |
| 137 | throws KustvaktException, IOException { |
| 138 | ClientResponse response = resource().path("search") |
| 139 | .queryParam("q", "Wasser").queryParam("ql", "poliqarp") |
| 140 | .header(Attributes.AUTHORIZATION, |
| 141 | "Bearer ljsa8tKNRSczJhk20öhq92zG8z350") |
| 142 | .get(ClientResponse.class); |
| 143 | |
| 144 | assertEquals(ClientResponse.Status.UNAUTHORIZED.getStatusCode(), |
| 145 | response.getStatus()); |
| 146 | |
| 147 | String ent = response.getEntity(String.class); |
| 148 | JsonNode node = JsonUtils.readTree(ent); |
| 149 | assertEquals(StatusCodes.INVALID_ACCESS_TOKEN, |
| 150 | node.at("/errors/0/0").asInt()); |
| margaretha | a2ce63d | 2018-06-28 10:11:43 +0200 | [diff] [blame] | 151 | assertEquals("Access token is not found", |
| 152 | node.at("/errors/0/1").asText()); |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 153 | } |
| margaretha | cf306d3 | 2018-05-30 19:45:35 +0200 | [diff] [blame] | 154 | } |