Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@cxf.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: coheigea@apache.org
To: commits@cxf.apache.org
Date: Wed, 20 Jan 2016 15:14:26 -0000
Message-Id: <9cc542d8afcc459eb0e7d9cc7bc414cd@git.apache.org>
In-Reply-To: <f174cc89b04449738670ae2d5520f9e3@git.apache.org>
References: <f174cc89b04449738670ae2d5520f9e3@git.apache.org>
Subject: [2/7] cxf git commit: Adding more OAuth 2 filter system tests

Adding more OAuth 2 filter system tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f06a1a29
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f06a1a29
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f06a1a29

Branch: refs/heads/3.1.x-fixes
Commit: f06a1a29693f2a8064b830bd911cf38b6084927c
Parents: 3898f33
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Jan 20 12:24:46 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Jan 20 15:02:44 2016 +0000

----------------------------------------------------------------------
 .../oauth2/filters/OAuth2FiltersTest.java       | 189 +++++++++++++++++++
 .../oauth2/filters/OAuthDataProviderImpl.java   |  10 +
 2 files changed, 199 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f06a1a29/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
index 79a708a..e69ab9c 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
@@ -23,6 +23,7 @@ import java.net.URL;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.UUID;
 
 import javax.ws.rs.core.Form;
 import javax.ws.rs.core.Response;
@@ -89,6 +90,194 @@ public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
         assertEquals(returnedBook.getName(), "book");
         assertEquals(returnedBook.getId(), 123L);
     }
+    
+    @org.junit.Test
+    public void testServiceWithFakeToken() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Now invoke on the service with the faked access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + UUID.randomUUID().toString());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithNoToken() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Now invoke on the service with the faked access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithEmptyToken() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Now invoke on the service with the faked access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer ");
+        
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndScope() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice", 
+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "create_book");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertEquals(response.getStatus(), 200);
+        
+        Book returnedBook = response.readEntity(Book.class);
+        assertEquals(returnedBook.getName(), "book");
+        assertEquals(returnedBook.getId(), 123L);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndIncorrectScopeVerb() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice", 
+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "read_book");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+        // We don't have the scope to post a book here
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndIncorrectScopeURI() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice", 
+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "create_image");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+
+        // We don't have the scope to post a book here
+        Response response = client.post(new Book("book", 123L));
+        assertNotEquals(response.getStatus(), 200);
+    }
+    
+    @org.junit.Test
+    public void testServiceWithTokenAndMultipleScopes() throws Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+        
+        // Get Authorization Code
+        String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
+
+        WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "alice", 
+                                                 "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        String code = getAuthorizationCode(oauthClient, "read_book create_image create_book");
+        assertNotNull(code);
+        
+        // Now get the access token
+        oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", 
+                                       "this-is-a-secret", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(oauthClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code);
+        assertNotNull(accessToken.getTokenKey());
+
+        // Now invoke on the service with the access token
+        String address = "https://localhost:" + PORT + "/secured/bookstore/books";
+        WebClient client = WebClient.create(address, setupProviders(), busFile.toString());
+        client.header("Authorization", "Bearer " + accessToken.getTokenKey());
+        
+        Response response = client.post(new Book("book", 123L));
+        assertEquals(response.getStatus(), 200);
+        
+        Book returnedBook = response.readEntity(Book.class);
+        assertEquals(returnedBook.getName(), "book");
+        assertEquals(returnedBook.getId(), 123L);
+    }
 
     private List<Object> setupProviders() {
         List<Object> providers = new ArrayList<Object>();

http://git-wip-us.apache.org/repos/asf/cxf/blob/f06a1a29/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
index 660d505..0426806 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
@@ -42,6 +42,7 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
         
         client.getRegisteredScopes().add("read_book");
         client.getRegisteredScopes().add("create_book");
+        client.getRegisteredScopes().add("create_image");
         
         this.setClient(client);
     }
@@ -77,6 +78,15 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
                 permission.setUris(uris);
                 
                 permissions.add(permission);
+            } else if ("create_image".equals(requestedScope)) {
+                OAuthPermission permission = new OAuthPermission();
+                permission.setHttpVerbs(Collections.singletonList("POST"));
+                List<String> uris = new ArrayList<>();
+                String partnerAddress = "/secured/bookstore/image/*";
+                uris.add(partnerAddress);
+                permission.setUris(uris);
+                
+                permissions.add(permission);
             } else {
                 throw new OAuthServiceException("invalid_scope");
             }