cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/9] cxf git commit: Adding more OAuth 2 filter system tests
Date Wed, 20 Jan 2016 16:21:21 GMT
Adding more OAuth 2 filter system tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/962f9393
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/962f9393
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/962f9393

Branch: refs/heads/3.0.x-fixes
Commit: 962f9393adcd06f12b0a35c266a853126e8271ab
Parents: 7d96d7a
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Jan 20 12:24:46 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Jan 20 15:36:56 2016 +0000

----------------------------------------------------------------------
 .../oauth2/filters/OAuth2FiltersTest.java       | 189 +++++++++++++++++++
 .../oauth2/filters/OAuthDataProviderImpl.java   |  10 +
 2 files changed, 199 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/962f9393/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
index 79a708a..e69ab9c 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
@@ -23,6 +23,7 @@ import java.net.URL;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.UUID;
 
 import javax.ws.rs.core.Form;
 import javax.ws.rs.core.Response;
@@ -89,6 +90,194 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase
{
         assertEquals(returnedBook.getName(), "book");
         assertEquals(returnedBook.getId(), 123L);
     }
+    
+    @org.junit.Test
+    public void testServiceWithFakeToken() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Now invoke on the service with the faked access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + UUID.randomUUID().toString());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithNoToken() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Now invoke on the service with the faked access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithEmptyToken() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Now invoke on the service with the faked access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer ");
+        
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndScope() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",

+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "create_book");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient,
code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertEquals(response.getStatus(), 200);
+        
+        Book returnedBook = response.readEntity(Book.class);
+        assertEquals(returnedBook.getName(), "book");
+        assertEquals(returnedBook.getId(), 123L);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndIncorrectScopeVerb() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",

+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "read_book");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient,
code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+        // We don't have the scope to post a book here
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndIncorrectScopeURI() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",

+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "create_image");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient,
code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+        // We don't have the scope to post a book here
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndMultipleScopes() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice",

+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "read_book create_image create_book");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient,
code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertEquals(response.getStatus(), 200);
+        
+        Book returnedBook = response.readEntity(Book.class);
+        assertEquals(returnedBook.getName(), "book");
+        assertEquals(returnedBook.getId(), 123L);
+    }
 
     private List<Object> setupProviders() {
         List<Object> providers = new ArrayList<Object>();

http://git-wip-us.apache.org/repos/asf/cxf/blob/962f9393/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
index 20f17a0..9953821 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
@@ -42,6 +42,7 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider
{
         
         client.getRegisteredScopes().add("read_book");
         client.getRegisteredScopes().add("create_book");
+        client.getRegisteredScopes().add("create_image");
         
         this.setClient(client);
     }
@@ -77,6 +78,15 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider
{
                 permission.setUris(uris);
                 
                 permissions.add(permission);
+            } else if ("create_image".equals(requestedScope)) {
+                OAuthPermission permission = new OAuthPermission();
+                permission.setHttpVerbs(Collections.singletonList("POST"));
+                List<String> uris = new ArrayList<>();
+                String partnerAddress = "/secured/bookstore/image/*";
+                uris.add(partnerAddress);
+                permission.setUris(uris);
+                
+                permissions.add(permission);
             } else {
                 throw new OAuthServiceException("invalid_scope");
             }


Mime
View raw message