cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Better support for reading TokenIntrospection with the tests (finally...)
Date Fri, 22 Jan 2016 15:48:41 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 3a8a24326 -> 838c97fdf


Better support for reading TokenIntrospection with the tests (finally...)


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/838c97fd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/838c97fd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/838c97fd

Branch: refs/heads/3.1.x-fixes
Commit: 838c97fdffa333db3adf5d3a2ce4547d366fa6e9
Parents: 3a8a243
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Fri Jan 22 15:46:37 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Fri Jan 22 15:48:18 2016 +0000

----------------------------------------------------------------------
 .../oauth2/provider/OAuthJSONProvider.java      | 96 ++++++++++----------
 .../oauth2/provider/OAuthJSONProviderTest.java  | 80 ++++++++++++++++
 2 files changed, 126 insertions(+), 50 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/838c97fd/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
index 01b7d5a..1eb9916 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
@@ -26,7 +26,6 @@ import java.lang.reflect.Type;
 import java.nio.charset.StandardCharsets;
 import java.util.Collections;
 import java.util.LinkedHashMap;
-import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 
@@ -41,6 +40,7 @@ import javax.ws.rs.ext.Provider;
 
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.helpers.IOUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.OAuthError;
@@ -205,70 +205,66 @@ public class OAuthJSONProvider implements MessageBodyWriter<Object>,
     public Object readFrom(Class<Object> cls, Type t, Annotation[] anns, 
                            MediaType mt, MultivaluedMap<String, String> headers, InputStream
is) 
         throws IOException, WebApplicationException {
+        if (TokenIntrospection.class.isAssignableFrom(cls)) {
+            return fromMapToTokenIntrospection(is);
+        }
         Map<String, String> params = readJSONResponse(is);
         if (Map.class.isAssignableFrom(cls)) {
             return params;
-        } else if (ClientAccessToken.class.isAssignableFrom(cls)) {
+        } else {
             ClientAccessToken token = OAuthClientUtils.fromMapToClientToken(params);
             if (token == null) {
                 throw new WebApplicationException(500);
             } else {
                 return token;
             }
-        } else {
-            return fromMapToTokenIntrospection(params);
-        }
+        } 
         
     }
 
-    private Object fromMapToTokenIntrospection(Map<String, String> params) {
+    private Object fromMapToTokenIntrospection(InputStream is) throws IOException {
         TokenIntrospection resp = new TokenIntrospection();
-        resp.setActive(Boolean.valueOf(params.get("active")));
-        if (resp.isActive()) {
-            String clientId = params.get(OAuthConstants.CLIENT_ID);
-            if (clientId != null) {
-                resp.setClientId(clientId);
-            }
-            String username = params.get("username");
-            if (username != null) {
-                resp.setUsername(username);
-            }
-            String scope = params.get(OAuthConstants.SCOPE);
-            if (scope != null) {
-                resp.setScope(scope);
-            }
-            String tokenType = params.get(OAuthConstants.ACCESS_TOKEN_TYPE);
-            if (tokenType != null) {
-                resp.setTokenType(tokenType);
-            }
-            String aud = params.get("aud");
-            if (aud != null) {
-                if (aud.startsWith("[") && aud.endsWith("]")) {
-                    String[] auds = aud.substring(1, aud.length() - 1).split(",");
-                    List<String> list = new LinkedList<String>();
-                    for (String s : auds) {
-                        if (!s.trim().isEmpty()) {
-                            list.add(s.trim());
-                        }
-                    }
-                    resp.setAud(list);
-                } else {
-                    resp.setAud(Collections.singletonList(aud));
-                }
-            }
-            String iss = params.get("iss");
-            if (iss != null) {
-                resp.setIss(iss);
-            }
-            String iat = params.get("iat");
-            if (iat != null) {
-                resp.setIat(Long.valueOf(iat));
-            }
-            String exp = params.get("exp");
-            if (exp != null) {
-                resp.setExp(Long.valueOf(exp));
+        Map<String, Object> params = new JsonMapObjectReaderWriter().fromJson(is);
+        resp.setActive((Boolean)params.get("active"));
+        String clientId = (String)params.get(OAuthConstants.CLIENT_ID);
+        if (clientId != null) {
+            resp.setClientId(clientId);
+        }
+        String username = (String)params.get("username");
+        if (username != null) {
+            resp.setUsername(username);
+        }
+        String scope = (String)params.get(OAuthConstants.SCOPE);
+        if (scope != null) {
+            resp.setScope(scope);
+        }
+        String tokenType = (String)params.get(OAuthConstants.ACCESS_TOKEN_TYPE);
+        if (tokenType != null) {
+            resp.setTokenType(tokenType);
+        }
+        Object aud = params.get("aud");
+        if (aud != null) {
+            if (aud.getClass() == String.class) {
+                resp.setAud(Collections.singletonList((String)aud));
+            } else {
+                @SuppressWarnings("unchecked")
+                List<String> auds = (List<String>)aud;
+                resp.setAud(auds);
             }
         }
+        String iss = (String)params.get("iss");
+        if (iss != null) {
+            resp.setIss(iss);
+        }
+        Long iat = (Long)params.get("iat");
+        if (iat != null) {
+            resp.setIat(iat);
+        }
+        Long exp = (Long)params.get("exp");
+        if (exp != null) {
+            resp.setExp(exp);
+        }
+        
         return resp;
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/838c97fd/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
index 7d04c7d..032e217 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
@@ -29,6 +29,7 @@ import javax.ws.rs.core.MediaType;
 
 import org.apache.cxf.jaxrs.impl.MetadataMap;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth2.common.TokenIntrospection;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
 import org.junit.Assert;
@@ -71,6 +72,85 @@ public class OAuthJSONProviderTest extends Assert {
                                 Collections.singletonMap("my_parameter", "http://abc"));
     }
     
+    
+    @Test
+    @SuppressWarnings({
+        "unchecked", "rawtypes"
+    })
+    public void testReadTokenIntrospection() throws Exception {
+        String response = 
+            "{\"active\":true,\"client_id\":\"WjcK94pnec7CyA\",\"username\":\"alice\",\"token_type\":\"Bearer\""
+            + ",\"scope\":\"a\",\"aud\":\"https://localhost:8082/service\","
+                + "\"iat\":1453472181,\"exp\":1453475781}";
+        OAuthJSONProvider provider = new OAuthJSONProvider();
+        TokenIntrospection t = (TokenIntrospection)provider.readFrom((Class)TokenIntrospection.class,

+                                                                     TokenIntrospection.class,

+                          new Annotation[]{}, 
+                          MediaType.APPLICATION_JSON_TYPE, 
+                          new MetadataMap<String, String>(), 
+                          new ByteArrayInputStream(response.getBytes()));
+        assertTrue(t.isActive());
+        assertEquals("WjcK94pnec7CyA", t.getClientId());
+        assertEquals("alice", t.getUsername());
+        assertEquals("a", t.getScope());
+        assertEquals(1, t.getAud().size());
+        assertEquals("https://localhost:8082/service", t.getAud().get(0));
+        assertEquals(1453472181L, t.getIat().longValue());
+        assertEquals(1453475781L, t.getExp().longValue());
+    }
+    @Test
+    @SuppressWarnings({
+        "unchecked", "rawtypes"
+    })
+    public void testReadTokenIntrospectionMultipleAuds() throws Exception {
+        String response = 
+            "{\"active\":true,\"client_id\":\"WjcK94pnec7CyA\",\"username\":\"alice\",\"token_type\":\"Bearer\""
+            + ",\"scope\":\"a\",\"aud\":[\"https://localhost:8082/service\",\"https://localhost:8083/service\"],"
+                + "\"iat\":1453472181,\"exp\":1453475781}";
+        OAuthJSONProvider provider = new OAuthJSONProvider();
+        TokenIntrospection t = (TokenIntrospection)provider.readFrom((Class)TokenIntrospection.class,
+                                                                     TokenIntrospection.class,

+                          new Annotation[]{}, 
+                          MediaType.APPLICATION_JSON_TYPE, 
+                          new MetadataMap<String, String>(), 
+                          new ByteArrayInputStream(response.getBytes()));
+        assertTrue(t.isActive());
+        assertEquals("WjcK94pnec7CyA", t.getClientId());
+        assertEquals("alice", t.getUsername());
+        assertEquals("a", t.getScope());
+        assertEquals(2, t.getAud().size());
+        assertEquals("https://localhost:8082/service", t.getAud().get(0));
+        assertEquals("https://localhost:8083/service", t.getAud().get(1));
+        assertEquals(1453472181L, t.getIat().longValue());
+        assertEquals(1453475781L, t.getExp().longValue());
+    }
+    
+    @Test
+    @SuppressWarnings({
+        "unchecked", "rawtypes"
+    })
+    public void testReadTokenIntrospectionSingleAudAsArray() throws Exception {
+        String response = 
+            "{\"active\":false,\"client_id\":\"WjcK94pnec7CyA\",\"username\":\"alice\",\"token_type\":\"Bearer\""
+            + ",\"scope\":\"a\",\"aud\":[\"https://localhost:8082/service\"],"
+                + "\"iat\":1453472181,\"exp\":1453475781}";
+        OAuthJSONProvider provider = new OAuthJSONProvider();
+        TokenIntrospection t = (TokenIntrospection)provider.readFrom((Class)TokenIntrospection.class,
+                                                                     TokenIntrospection.class,

+                          new Annotation[]{}, 
+                          MediaType.APPLICATION_JSON_TYPE, 
+                          new MetadataMap<String, String>(), 
+                          new ByteArrayInputStream(response.getBytes()));
+        assertFalse(t.isActive());
+        assertEquals("WjcK94pnec7CyA", t.getClientId());
+        assertEquals("alice", t.getUsername());
+        assertEquals("a", t.getScope());
+        assertEquals(1, t.getAud().size());
+        assertEquals("https://localhost:8082/service", t.getAud().get(0));
+        assertEquals(1453472181L, t.getIat().longValue());
+        assertEquals(1453475781L, t.getExp().longValue());
+    }
+    
     @SuppressWarnings({
         "unchecked", "rawtypes"
     })


Mime
View raw message