cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Adding a scope test
Date Thu, 28 Jan 2016 16:01:55 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 8c568c084 -> f420fe361


Adding a scope test


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f420fe36
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f420fe36
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f420fe36

Branch: refs/heads/3.0.x-fixes
Commit: f420fe361655c628cc5e720c0cee046d369e366c
Parents: 8c568c0
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Jan 28 15:38:27 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Jan 28 16:00:47 2016 +0000

----------------------------------------------------------------------
 .../security/oauth2/common/OAuth2TestUtils.java | 22 ++++++++++++++-
 .../oauth2/grants/AuthorizationGrantTest.java   | 29 ++++++++++++++++++++
 2 files changed, 50 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f420fe36/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 166f996..97896cd 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -35,6 +35,7 @@ import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.SAMLUtil;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.common.saml.builder.SAML1Constants;
+import org.junit.Assert;
 
 /**
  * Some test utils for the OAuth 2.0 tests
@@ -54,6 +55,11 @@ public final class OAuth2TestUtils {
     }
     
     public static String getAuthorizationCode(WebClient client, String scope, String consumerId)
{
+        return getAuthorizationCode(client, scope, consumerId, null, null);
+    }
+    
+    public static String getAuthorizationCode(WebClient client, String scope, String consumerId,
+                                              String nonce, String state) {
         // Make initial authorization request
         client.type("application/json").accept("application/json");
         client.query("client_id", consumerId);
@@ -62,6 +68,13 @@ public final class OAuth2TestUtils {
         if (scope != null) {
             client.query("scope", scope);
         }
+        if (nonce != null) {
+            client.query("nonce", nonce);
+        }
+        if (state != null) {
+            client.query("state", state);
+        }
+
         client.path("authorize/");
         Response response = client.get();
 
@@ -78,10 +91,17 @@ public final class OAuth2TestUtils {
         if (authzData.getProposedScope() != null) {
             form.param("scope", authzData.getProposedScope());
         }
+        if (authzData.getState() != null) {
+            form.param("state", authzData.getState());
+        }
         form.param("oauthDecision", "allow");
 
         response = client.post(form);
-        String location = response.getHeaderString("Location"); 
+        String location = response.getHeaderString("Location");
+        if (state != null) {
+            Assert.assertTrue(location.contains("state=" + state));
+        }
+
         return getSubstring(location, "code");
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f420fe36/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
index 3de3041..835df90 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
@@ -184,6 +184,35 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase
{
     }
     
     @org.junit.Test
+    public void testAuthorizationCodeGrantWithState() throws Exception {
+        URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
+
+        String address = "https://localhost:" + PORT + "/services/";
+        WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
+                                            "alice", "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(client).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        // Get Authorization Code
+        String state = "1234566789";
+        String code = OAuth2TestUtils.getAuthorizationCode(client, "read_balance", "consumer-id",
+                                                           null, state);
+        assertNotNull(code);
+
+        // Now get the access token
+        client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
+                                  "consumer-id", "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(client).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = 
+            OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
+        assertNotNull(accessToken.getTokenKey());
+    }
+    
+    @org.junit.Test
     public void testAuthorizationCodeGrantWithAudience() throws Exception {
         URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
 


Mime
View raw message