/** * Full constructor. Sets this TokenRequest's requestParameters map to an unmodifiable version of the one provided. * * @param requestParameters * @param clientId * @param scope * @param grantType */ public TokenRequest(Map<String, String> requestParameters, String clientId, Collection<String> scope, String grantType) { setClientId(clientId); setRequestParameters(requestParameters); setScope(scope); this.grantType = grantType; }
protected void missing_parameter(String parameter) { when(authentication.isAuthenticated()).thenReturn(true); when(authentication.getUserAuthentication()).thenReturn(null); when(authentication.getUserAuthentication()).thenReturn(userAuthentication); when(userAuthentication.isAuthenticated()).thenReturn(true); requestParameters.remove(parameter); tokenRequest = new PublicTokenRequest(); tokenRequest.setClientId(receivingClient.getClientId()); tokenRequest.setRequestParameters(requestParameters); tokenRequest.setGrantType(requestParameters.get(GRANT_TYPE)); granter.validateRequest(tokenRequest); }
protected void missing_parameter(String parameter) { when(authentication.isAuthenticated()).thenReturn(true); when(authentication.getUserAuthentication()).thenReturn(null); when(authentication.getUserAuthentication()).thenReturn(userAuthentication); when(userAuthentication.isAuthenticated()).thenReturn(true); requestParameters.remove(parameter); tokenRequest = new PublicTokenRequest(); tokenRequest.setClientId(receivingClient.getClientId()); tokenRequest.setRequestParameters(requestParameters); tokenRequest.setGrantType(requestParameters.get(GRANT_TYPE)); granter.validateRequest(tokenRequest); }
@Test public void test_getAccessToken() { Collection me = AuthorityUtils.commaSeparatedStringToAuthorityList("openid,foo.bar,uaa.user,one.read"); OAuth2Request myReq = new OAuth2Request(requestParameters, receivingClient.getClientId(), receivingClient.getAuthorities(), true, receivingClient.getScope(), receivingClient.getResourceIds(), null, null, null); requestingClient.setScope(StringUtils.commaDelimitedListToSet("openid,foo.bar")); when(userAuthentication.getAuthorities()).thenReturn(me); tokenRequest.setClientId(receivingClient.getClientId()); when(authentication.isAuthenticated()).thenReturn(true); when(authentication.getUserAuthentication()).thenReturn(null); when(authentication.getUserAuthentication()).thenReturn(userAuthentication); when(userAuthentication.isAuthenticated()).thenReturn(true); when(requestFactory.createOAuth2Request(receivingClient, tokenRequest)).thenReturn(myReq); ReflectionTestUtils.setField(granter, "requestFactory", requestFactory); granter.getAccessToken(receivingClient, tokenRequest); }
@Test public void testWrongClientDoesNotLeakToken() { AuthorizationRequest ar = mock(AuthorizationRequest.class); OAuth2AccessToken accessToken = getOAuth2AccessToken(); TokenRequest refreshTokenRequest = getRefreshTokenRequest(); try { refreshTokenRequest.setClientId("invalidClientForToken"); tokenServices.refreshAccessToken(accessToken.getRefreshToken().getValue(), refreshTokenRequest); fail(); } catch (InvalidGrantException e) { assertThat(e.getMessage(), startsWith("Wrong client for this refresh token")); assertThat(e.getMessage(), not(containsString(accessToken.getRefreshToken().getValue()))); } }
/** * Full constructor. Sets this TokenRequest's requestParameters map to an unmodifiable version of the one provided. * * @param requestParameters * @param clientId * @param scope * @param grantType */ public TokenRequest(Map<String, String> requestParameters, String clientId, Collection<String> scope, String grantType) { setClientId(clientId); setRequestParameters(requestParameters); setScope(scope); this.grantType = grantType; }