cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1561006 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src: main/java/org/apache/cxf/rs/security/oauth2/common/ main/java/org/apache/cxf/rs/security/oauth2/grants/code/ main/java/org/apache/cxf/rs/security/oauth2/provider/ main/java/or...
Date Fri, 24 Jan 2014 13:53:20 GMT
Author: sergeyb
Date: Fri Jan 24 13:53:19 2014
New Revision: 1561006

URL: http://svn.apache.org/r1561006
Log:
[CXF-5417] More basic tests and some updates

Added:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/CodeGrantEncryptingDataProvider.java
  (with props)
Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServiceException.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/ModelEncryptionSupport.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptingDataProvider.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
Fri Jan 24 13:53:19 2014
@@ -23,7 +23,7 @@ public class OOBAuthorizationResponse {
     private String authorizationCode;
     private String clientId;
     private String userId;
-    private long lifetime;
+    private long expiresIn;
     
     public String getAuthorizationCode() {
         return authorizationCode;
@@ -49,12 +49,21 @@ public class OOBAuthorizationResponse {
         this.userId = userId;
     }
 
+    @Deprecated
     public long getLifetime() {
-        return lifetime;
+        return expiresIn;
     }
-
+    @Deprecated
     public void setLifetime(long lifetime) {
-        this.lifetime = lifetime;
+        this.expiresIn = lifetime;
+    }
+    
+    public long getExpiresIn() {
+        return expiresIn;
+    }
+
+    public void setExpiresIn(long lifetime) {
+        this.expiresIn = lifetime;
     }
     
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
Fri Jan 24 13:53:19 2014
@@ -51,7 +51,7 @@ public class AuthorizationCodeGrantHandl
             return null;
         }
         // check it has not expired, the client ids are the same
-        if (OAuthUtils.isExpired(grant.getIssuedAt(), grant.getLifetime())) {
+        if (OAuthUtils.isExpired(grant.getIssuedAt(), grant.getExpiresIn())) {
             throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
         }
         if (!grant.getClient().getClientId().equals(client.getClientId())) {

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServiceException.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServiceException.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServiceException.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServiceException.java
Fri Jan 24 13:53:19 2014
@@ -20,6 +20,7 @@
 package org.apache.cxf.rs.security.oauth2.provider;
 
 import org.apache.cxf.rs.security.oauth2.common.OAuthError;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
 
 /**
@@ -38,6 +39,10 @@ public class OAuthServiceException exten
         super(message, cause);
     }
     
+    public OAuthServiceException(Throwable cause) {
+        super(OAuthConstants.SERVER_ERROR, cause);
+    }
+    
     public OAuthServiceException(OAuthError error) {
         this.error = error;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
Fri Jan 24 13:53:19 2014
@@ -86,7 +86,7 @@ public class AuthorizationCodeGrantServi
             oobResponse.setClientId(client.getClientId());
             oobResponse.setAuthorizationCode(grant.getCode());
             oobResponse.setUserId(userSubject.getLogin());
-            oobResponse.setLifetime(grant.getLifetime());
+            oobResponse.setExpiresIn(grant.getExpiresIn());
             return deliverOOBResponse(oobResponse);
         } else {
             // return the code by appending it as a query parameter to the redirect URI

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
Fri Jan 24 13:53:19 2014
@@ -28,6 +28,8 @@ import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
+import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+
 
 /**
  * Encryption helpers
@@ -40,7 +42,7 @@ public final class EncryptionUtils {
         try {
             return Base64UrlUtility.encode(key.getEncoded());
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     
@@ -86,7 +88,7 @@ public final class EncryptionUtils {
             SecretKey key = decodeSecretKey(encodedSecretKey, props.getKeyAlgo());
             return decryptSequence(encodedData, key, props);
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     
@@ -102,7 +104,7 @@ public final class EncryptionUtils {
             byte[] bytes = processBytes(encryptedBytes, secretKey, props, Cipher.DECRYPT_MODE);
             return new String(bytes, "UTF-8");
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     
@@ -119,7 +121,7 @@ public final class EncryptionUtils {
                                         Cipher.ENCRYPT_MODE);
             return Base64UrlUtility.encode(bytes);
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     
@@ -142,7 +144,7 @@ public final class EncryptionUtils {
             }
             return c.doFinal(bytes);
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     
@@ -151,7 +153,7 @@ public final class EncryptionUtils {
             byte[] secretKeyBytes = decodeSequence(encodedSecretKey);
             return new SecretKeySpec(secretKeyBytes, algo);
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     
@@ -159,7 +161,7 @@ public final class EncryptionUtils {
         try {
             return Base64UrlUtility.decode(encodedSequence);
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/ModelEncryptionSupport.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/ModelEncryptionSupport.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/ModelEncryptionSupport.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/ModelEncryptionSupport.java
Fri Jan 24 13:53:19 2014
@@ -35,6 +35,7 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
 
 
@@ -108,7 +109,7 @@ public final class ModelEncryptionSuppor
             String decryptedSequence = EncryptionUtils.decryptSequence(encodedData, secretKey,
props);
             return recreateClient(decryptedSequence);
         } catch (Exception ex) {
-            throw new RuntimeException(ex);
+            throw new OAuthServiceException(ex);
         }
     }
     
@@ -336,9 +337,10 @@ public final class ModelEncryptionSuppor
 
     private static Client recreateClientInternal(String sequence) {
         String[] parts = getParts(sequence);
-        Client c = new Client(parts[0], parts[1], Boolean.valueOf(parts[2]), parts[3], parts[4]);
-        c.setApplicationDescription(parts[5]);
-        c.setApplicationLogoUri(parts[6]);
+        Client c = new Client(parts[0], parts[1], Boolean.valueOf(parts[2]), 
+                              getStringPart(parts[3]), getStringPart(parts[4]));
+        c.setApplicationDescription(getStringPart(parts[5]));
+        c.setApplicationLogoUri(getStringPart(parts[6]));
         c.setAllowedGrantTypes(parseSimpleList(parts[7]));
         c.setRegisteredScopes(parseSimpleList(parts[8]));
         c.setRedirectUris(parseSimpleList(parts[9]));
@@ -397,9 +399,9 @@ public final class ModelEncryptionSuppor
                                                                               parts[1],
                                                                               Long.valueOf(parts[2]),
                                                                               Long.valueOf(parts[3]));
-        grant.setRedirectUri(parts[4]);
-        grant.setAudience(parts[5]);
-        grant.setClientCodeVerifier(parts[6]);
+        grant.setRedirectUri(getStringPart(parts[4]));
+        grant.setAudience(getStringPart(parts[5]));
+        grant.setClientCodeVerifier(getStringPart(parts[6]));
         grant.setApprovedScopes(parseSimpleList(parts[7]));
         grant.setSubject(recreateUserSubject(parts[8]));
         return grant; 

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/CodeGrantEncryptingDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/CodeGrantEncryptingDataProvider.java?rev=1561006&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/CodeGrantEncryptingDataProvider.java
(added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/CodeGrantEncryptingDataProvider.java
Fri Jan 24 13:53:19 2014
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.utils;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider;
+import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration;
+import org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+
+public class CodeGrantEncryptingDataProvider extends EncryptingDataProvider
+    implements AuthorizationCodeDataProvider {
+
+    private Set<String> grants = new HashSet<String>();
+    
+    public CodeGrantEncryptingDataProvider() throws Exception {
+        super();
+    }
+    
+    @Override
+    public ServerAuthorizationCodeGrant createCodeGrant(AuthorizationCodeRegistration reg)
+        throws OAuthServiceException {
+        ServerAuthorizationCodeGrant grant = 
+            new ServerAuthorizationCodeGrant(reg.getClient(), 123);
+        grant.setAudience(reg.getAudience());
+        String encrypted = ModelEncryptionSupport.encryptCodeGrant(grant, key);
+        grant.setCode(encrypted);
+        grants.add(encrypted);
+        return grant;
+    }
+
+    @Override
+    public ServerAuthorizationCodeGrant removeCodeGrant(String code) throws OAuthServiceException
{
+        grants.remove(code);
+        return ModelEncryptionSupport.decryptCodeGrant(this, code, key);
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/CodeGrantEncryptingDataProvider.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/CodeGrantEncryptingDataProvider.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptingDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptingDataProvider.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptingDataProvider.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptingDataProvider.java
Fri Jan 24 13:53:19 2014
@@ -39,20 +39,20 @@ import org.apache.cxf.rs.security.oauth2
 
 public class EncryptingDataProvider implements OAuthDataProvider {
 
-    SecretKey tokenKey;
-    private Map<String, Client> clients;
-    
+    SecretKey key;
+    private Map<String, String> clients;
     private Set<String> tokens = new HashSet<String>();
     private Map<String, String> refreshTokens = new HashMap<String, String>();
     
     public EncryptingDataProvider() throws Exception {
-        tokenKey = EncryptionUtils.getSecretKey();
-        clients = Collections.singletonMap("1", new Client("1", "2", true));
+        key = EncryptionUtils.getSecretKey();
+        String encryptedClient = ModelEncryptionSupport.encryptClient(new Client("1", "2",
true), key);
+        clients = Collections.singletonMap("1", encryptedClient);
     }
     
     @Override
     public Client getClient(String clientId) throws OAuthServiceException {
-        return clients.get(clientId);
+        return ModelEncryptionSupport.decryptClient(clients.get(clientId), key);
     }
 
     @Override
@@ -60,26 +60,29 @@ public class EncryptingDataProvider impl
         throws OAuthServiceException {
         
         ServerAccessToken token = createAccessTokenInternal(accessTokenReg);
-        
-        String encryptedToken = 
-            ModelEncryptionSupport.encryptAccessToken(token, tokenKey);
-        
-        tokens.add(encryptedToken);
-        refreshTokens.put(token.getRefreshToken(), encryptedToken);
-        token.setTokenKey(encryptedToken);
+        encryptAccessToken(token);
         return token;
     }
     
     @Override
     public ServerAccessToken getAccessToken(String accessTokenKey) throws OAuthServiceException
{
-        return ModelEncryptionSupport.decryptAccessToken(this, accessTokenKey, tokenKey);
+        return ModelEncryptionSupport.decryptAccessToken(this, accessTokenKey, key);
     }
 
     @Override
     public ServerAccessToken refreshAccessToken(Client client, String refreshToken,
                                                 List<String> requestedScopes)
         throws OAuthServiceException {
-        return null;
+        String encrypted = refreshTokens.remove(refreshToken);
+        ServerAccessToken token = ModelEncryptionSupport.decryptAccessToken(this, encrypted,
key);
+        tokens.remove(token.getTokenKey());
+        
+        // create a new refresh token
+        createRefreshToken(token);
+        // possibly update other token properties 
+        encryptAccessToken(token);
+        
+        return token;
     }
 
     @Override
@@ -90,7 +93,10 @@ public class EncryptingDataProvider impl
     @Override
     public void revokeToken(Client client, String token, String tokenTypeHint)
         throws OAuthServiceException {
-        // complete
+        // the fast way: if it is the refresh token then there will be a matching value for
it
+        String accessToken = refreshTokens.remove(token);
+        // if no matching value then the token parameter is access token key
+        tokens.remove(accessToken == null ? token : accessToken);
     }
 
     @Override
@@ -109,14 +115,7 @@ public class EncryptingDataProvider impl
         BearerAccessToken token = new BearerAccessToken(accessTokenReg.getClient(), 3600L);
         token.setSubject(accessTokenReg.getSubject());
         
-        RefreshToken refreshToken = new RefreshToken(accessTokenReg.getClient(),
-                                                     "refresh",
-                                                     1200L,
-                                                     OAuthUtils.getIssuedAt());
-        
-        String encryptedRefreshToken = 
-            ModelEncryptionSupport.encryptRefreshToken(refreshToken, tokenKey);
-        token.setRefreshToken(encryptedRefreshToken);
+        createRefreshToken(token);
         
         token.setGrantType(accessTokenReg.getGrantType());
         token.setAudience(accessTokenReg.getAudience());
@@ -126,4 +125,20 @@ public class EncryptingDataProvider impl
         return token;
     }
     
+    private void encryptAccessToken(ServerAccessToken token) {
+        String encryptedToken = ModelEncryptionSupport.encryptAccessToken(token, key);
+        tokens.add(encryptedToken);
+        refreshTokens.put(token.getRefreshToken(), encryptedToken);
+        token.setTokenKey(encryptedToken);
+    }
+    
+    private void createRefreshToken(ServerAccessToken token) {
+        RefreshToken refreshToken = new RefreshToken(token.getClient(),
+                                                     "refresh",
+                                                     1200L,
+                                                     OAuthUtils.getIssuedAt());
+        
+        String encryptedRefreshToken = ModelEncryptionSupport.encryptRefreshToken(refreshToken,
key);
+        token.setRefreshToken(encryptedRefreshToken);
+    }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java?rev=1561006&r1=1561005&r2=1561006&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java
Fri Jan 24 13:53:19 2014
@@ -33,6 +33,8 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration;
+import org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant;
 import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
 import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
 
@@ -43,11 +45,11 @@ import org.junit.Test;
 
 public class EncryptionUtilsTest extends Assert {
     
-    private EncryptingDataProvider p;
+    private CodeGrantEncryptingDataProvider p;
     
     @Before
     public void setUp() throws Exception {
-        p = new EncryptingDataProvider();
+        p = new CodeGrantEncryptingDataProvider();
     }
     
     @After
@@ -69,6 +71,17 @@ public class EncryptionUtilsTest extends
     }
     
     @Test
+    public void testEncryptDecryptCodeGrant() throws Exception {
+        AuthorizationCodeRegistration codeReg = new AuthorizationCodeRegistration(); 
+        codeReg.setAudience("http://bar");
+        codeReg.setClient(p.getClient("1"));
+        ServerAuthorizationCodeGrant grant = p.createCodeGrant(codeReg);
+        ServerAuthorizationCodeGrant grant2 = p.removeCodeGrant(grant.getCode());
+        assertEquals("http://bar", grant2.getAudience());
+        assertEquals("1", grant2.getClient().getClientId());
+    }
+    
+    @Test
     public void testBearerTokenJSON() throws Exception {
         AccessTokenRegistration atr = prepareTokenRegistration();
         
@@ -80,8 +93,8 @@ public class EncryptionUtilsTest extends
         jsonp.writeTo(token, BearerAccessToken.class, new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,
                       new MetadataMap<String, Object>(), bos);
         
-        String encrypted = EncryptionUtils.encryptSequence(bos.toString(), p.tokenKey);
-        String decrypted = EncryptionUtils.decryptSequence(encrypted, p.tokenKey);
+        String encrypted = EncryptionUtils.encryptSequence(bos.toString(), p.key);
+        String decrypted = EncryptionUtils.decryptSequence(encrypted, p.key);
         ServerAccessToken token2 = jsonp.readFrom(BearerAccessToken.class, BearerAccessToken.class,

                                                   new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,

                                                   new MetadataMap<String, String>(),

@@ -91,6 +104,55 @@ public class EncryptionUtilsTest extends
         compareAccessTokens(token, token2);
     }
     
+    @Test
+    public void testClientJSON() throws Exception {
+        Client c = new Client("client", "secret", true);
+        c.setSubject(new UserSubject("subject", "id"));
+        JSONProvider<Client> jsonp = new JSONProvider<Client>();
+        jsonp.setMarshallAsJaxbElement(true);
+        jsonp.setUnmarshallAsJaxbElement(true);
+        ByteArrayOutputStream bos = new ByteArrayOutputStream();
+        jsonp.writeTo(c, Client.class, new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,
+                      new MetadataMap<String, Object>(), bos);
+        
+        String encrypted = EncryptionUtils.encryptSequence(bos.toString(), p.key);
+        String decrypted = EncryptionUtils.decryptSequence(encrypted, p.key);
+        Client c2 = jsonp.readFrom(Client.class, Client.class, 
+                                                  new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,

+                                                  new MetadataMap<String, String>(),

+                                                  new ByteArrayInputStream(decrypted.getBytes()));
+        
+        assertEquals(c.getClientId(), c2.getClientId());
+        assertEquals(c.getClientSecret(), c2.getClientSecret());
+        assertTrue(c2.isConfidential());
+        assertEquals("subject", c2.getSubject().getLogin());
+        assertEquals("id", c2.getSubject().getId());
+    }
+    
+    @Test
+    public void testCodeGrantJSON() throws Exception {
+        Client c = new Client("client", "secret", true);
+        ServerAuthorizationCodeGrant grant = new ServerAuthorizationCodeGrant(c, "code",
1, 2); 
+        JSONProvider<ServerAuthorizationCodeGrant> jsonp = new JSONProvider<ServerAuthorizationCodeGrant>();
+        jsonp.setMarshallAsJaxbElement(true);
+        jsonp.setUnmarshallAsJaxbElement(true);
+        ByteArrayOutputStream bos = new ByteArrayOutputStream();
+        jsonp.writeTo(grant, ServerAuthorizationCodeGrant.class, new Annotation[]{}, 
+                      MediaType.APPLICATION_JSON_TYPE,
+                      new MetadataMap<String, Object>(), bos);
+        
+        String encrypted = EncryptionUtils.encryptSequence(bos.toString(), p.key);
+        String decrypted = EncryptionUtils.decryptSequence(encrypted, p.key);
+        ServerAuthorizationCodeGrant grant2 = jsonp.readFrom(ServerAuthorizationCodeGrant.class,
+                                                             Client.class, 
+                                                  new Annotation[]{}, MediaType.APPLICATION_JSON_TYPE,

+                                                  new MetadataMap<String, String>(),

+                                                  new ByteArrayInputStream(decrypted.getBytes()));
+        assertEquals("code", grant2.getCode());
+        assertEquals(1, grant2.getExpiresIn());
+        assertEquals(2, grant2.getIssuedAt());
+    }
+    
     private void compareAccessTokens(ServerAccessToken token, ServerAccessToken token2) {
         assertEquals(token.getTokenKey(), token2.getTokenKey());
         assertEquals(token.getTokenType(), token2.getTokenType());
@@ -99,7 +161,7 @@ public class EncryptionUtilsTest extends
         Client regClient1 = token.getClient();
         Client regClient2 = token2.getClient();
         assertEquals(regClient1.getClientId(), regClient2.getClientId());
-        
+        assertNull(regClient2.getApplicationDescription());
         UserSubject endUser1 = token.getSubject();
         UserSubject endUser2 = token2.getSubject();
         assertEquals(endUser1.getLogin(), endUser2.getLogin());
@@ -121,7 +183,7 @@ public class EncryptionUtilsTest extends
         assertEquals(perm1.getDescription(), perm2.getDescription());
         
         RefreshToken refreshToken = 
-            ModelEncryptionSupport.decryptRefreshToken(p, token2.getRefreshToken(), p.tokenKey);
+            ModelEncryptionSupport.decryptRefreshToken(p, token2.getRefreshToken(), p.key);
         assertEquals(1200L, refreshToken.getExpiresIn());
     }
     



Mime
View raw message