@RequestMapping(value = "/oauth/check_token") @ResponseBody public Map<String, ?> checkToken(@RequestParam("token") String value) { OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value); if (token == null) { throw new InvalidTokenException("Token was not recognised"); } if (token.isExpired()) { throw new InvalidTokenException("Token has expired"); } OAuth2Authentication authentication = resourceServerTokenServices.loadAuthentication(token.getValue()); Map<String, Object> response = (Map<String, Object>)accessTokenConverter.convertAccessToken(token, authentication); // gh-1070 response.put("active", true); // Always true if token exists and not expired return response; }
OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value); if (token == null) { throw new InvalidTokenException("Token was not recognised");
@Test public void testValidToken() { OAuth2AccessToken token = mock(OAuth2AccessToken.class); when(resourceServerTokenServices.readAccessToken("valid-token")).thenReturn(token); when(token.isExpired()).thenReturn(false); when(token.getValue()).thenReturn("valid-token"); IntrospectionClaims claims = introspectEndpoint.introspect("valid-token"); Assert.assertTrue(claims.isActive()); verify(resourceServerTokenServices).readAccessToken("valid-token"); verify(resourceServerTokenServices).loadAuthentication("valid-token"); verify(token).isExpired(); }
@RequestMapping(value = "/introspect", method = POST) @ResponseBody public IntrospectionClaims introspect(@RequestParam("token") String token) { IntrospectionClaims introspectionClaims = new IntrospectionClaims(); try { OAuth2AccessToken oAuth2AccessToken = resourceServerTokenServices.readAccessToken(token); if (oAuth2AccessToken.isExpired()) { introspectionClaims.setActive(false); return introspectionClaims; } resourceServerTokenServices.loadAuthentication(token); introspectionClaims = getClaimsForToken(oAuth2AccessToken.getValue()); introspectionClaims.setActive(true); } catch (InvalidTokenException e) { introspectionClaims.setActive(false); return introspectionClaims; } return introspectionClaims; }
@Test public void testExpiredTokenIsInactive() { OAuth2AccessToken token = mock(OAuth2AccessToken.class); when(resourceServerTokenServices.readAccessToken("valid-token")).thenReturn(token); when(token.isExpired()).thenReturn(true); IntrospectionClaims claims = introspectEndpoint.introspect("valid-token"); Assert.assertFalse(claims.isActive()); }
@Test public void testInvalidToken_inLoadAuthentication() { OAuth2AccessToken token = mock(OAuth2AccessToken.class); when(resourceServerTokenServices.readAccessToken("valid-token")).thenReturn(token); when(resourceServerTokenServices.loadAuthentication("valid-token")).thenThrow(new InvalidTokenException("Bla")); IntrospectionClaims claims = introspectEndpoint.introspect("valid-token"); Assert.assertFalse(claims.isActive()); }
@Test public void testClaimsForValidToken() { OAuth2AccessToken token = mock(OAuth2AccessToken.class); when(resourceServerTokenServices.readAccessToken("valid-token")).thenReturn(token); when(token.isExpired()).thenReturn(false); when(token.getValue()).thenReturn("valid-token"); IntrospectionClaims claimsResult = introspectEndpoint.introspect("valid-token"); Assert.assertTrue(claimsResult.isActive()); Assert.assertEquals("somename", claimsResult.getName()); }
@Test public void testInvalidJSONInClaims() { OAuth2AccessToken token = mock(OAuth2AccessToken.class); when(resourceServerTokenServices.readAccessToken("valid-token")).thenReturn(token); when(token.isExpired()).thenReturn(false); when(token.getValue()).thenReturn("valid-token"); PowerMockito.mockStatic(JsonUtils.class); Mockito.when(JsonUtils.readValue("claims", IntrospectionClaims.class)).thenThrow(JsonUtils.JsonUtilException.class); IntrospectionClaims claimsResult = introspectEndpoint.introspect("valid-token"); Assert.assertFalse(claimsResult.isActive()); Assert.assertNull(claimsResult.getName()); } }
@Test public void testInvalidToken_inReadAccessToken() { when(resourceServerTokenServices.readAccessToken("valid-token")).thenThrow(new InvalidTokenException("Bla")); IntrospectionClaims claims = introspectEndpoint.introspect("valid-token"); Assert.assertFalse(claims.isActive()); }
@RequestMapping(value = "/oauth/check_token") @ResponseBody public Map<String, ?> checkToken(@RequestParam("token") String value) { OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value); if (token == null) { throw new InvalidTokenException("Token was not recognised"); } if (token.isExpired()) { throw new InvalidTokenException("Token has expired"); } OAuth2Authentication authentication = resourceServerTokenServices.loadAuthentication(token.getValue()); Map<String, Object> response = (Map<String, Object>)accessTokenConverter.convertAccessToken(token, authentication); // gh-1070 response.put("active", true); // Always true if token exists and not expired return response; }
when(token.getScope()).thenReturn(scopes); when(tokenServicesMock.readAccessToken("tokenValue")).thenReturn(token);
public RequestPostProcessor oauth2Authentication(String username, Set<String> scopes, Set<String> roles) { String uuid = String.valueOf(UUID.randomUUID()); given(tokenServices.loadAuthentication(uuid)) .willReturn(createAuthentication(username, scopes, roles)); given(tokenServices.readAccessToken(uuid)).willReturn(new DefaultOAuth2AccessToken(uuid)); return new OAuth2PostProcessor(uuid); }
public RequestPostProcessor oauth2Authentication(String username, Set<String> scopes, Set<String> roles) { String uuid = String.valueOf(UUID.randomUUID()); given(tokenServices.loadAuthentication(uuid)) .willReturn(createAuthentication(username, scopes, roles)); given(tokenServices.readAccessToken(uuid)).willReturn(new DefaultOAuth2AccessToken(uuid)); return new OAuth2PostProcessor(uuid); }
public RequestPostProcessor oauth2Authentication(String username, Set<String> scopes, Set<String> roles) { String uuid = String.valueOf(UUID.randomUUID()); given(tokenServices.loadAuthentication(uuid)) .willReturn(createAuthentication(username, scopes, roles)); given(tokenServices.readAccessToken(uuid)).willReturn(new DefaultOAuth2AccessToken(uuid)); return new OAuth2PostProcessor(uuid); }