@Test // SPR-13801 public void requestParameterFromMultiValueMap() throws Exception { MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("foo", "bar"); params.add("foo", "baz"); this.builder = new MockHttpServletRequestBuilder(HttpMethod.POST, "/foo"); this.builder.params(params); MockHttpServletRequest request = this.builder.buildRequest(this.servletContext); assertArrayEquals(new String[] {"bar", "baz"}, request.getParameterMap().get("foo")); }
@Test public void getWhenUsingDefaultsWithBearerTokenInTwoParametersThenInvalidRequest() throws Exception { this.spring.register(JwkSetUriConfig.class).autowire(); MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("access_token", "token1"); params.add("access_token", "token2"); this.mvc.perform(get("/") .params(params)) .andExpect(status().isBadRequest()) .andExpect(invalidRequestHeader("Found multiple bearer tokens in the request")); }
private void unauthorized(String username, String password, String clientId, String secret) throws Exception { MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("grant_type", "password"); params.add("username", username); params.add("password", password); String hash = new String(Base64.encode((clientId + ":" + secret).getBytes())); ResultActions result = mockMvc.perform(post("/oauth/token") .params(params) .header("Authorization", "Basic " + hash) .accept("application/json;charset=UTF-8")) .andExpect(status().isUnauthorized()); String resultString = result.andReturn().getResponse().getContentAsString(); Assert.assertTrue(StringUtils.isBlank(resultString)); if (!StringUtils.isEmpty(username)) { Collection<OAuth2AccessToken> oauthTokens = apiOAuth2TokenManager.findTokensByUserName(username); Assert.assertEquals(0, oauthTokens.size()); } }
public String obtainAccessToken(MockMvc mockMvc) throws Exception { MultiValueMap<String, String> params = createParams(); ResultActions result = mockMvc.perform(post("/oauth/token") .params(params) .with(httpBasic(userInformation.getClient(), userInformation.getClientPassword())) .accept("application/json;charset=UTF-8")) .andExpect(status().isOk()) .andExpect(content().contentType("application/json;charset=UTF-8")); String resultString = result.andReturn().getResponse().getContentAsString(); JacksonJsonParser jsonParser = new JacksonJsonParser(); return jsonParser.parseMap(resultString).get("access_token").toString(); }
private void invalidClient(String username, String password, String clientId, String secret, String grantType) throws Exception { MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("grant_type", grantType); params.add("username", username); params.add("password", password); String hash = new String(Base64.encode((clientId + ":" + secret).getBytes())); ResultActions result = mockMvc.perform(post("/oauth/token") .params(params) .header("Authorization", "Basic " + hash) .accept("application/json;charset=UTF-8")) .andExpect(status().isUnauthorized()) .andExpect(content().contentType("application/json;charset=UTF-8")); String resultString = result.andReturn().getResponse().getContentAsString(); Assert.assertTrue(StringUtils.isNotBlank(resultString)); result.andExpect(jsonPath("$.error", is("invalid_client"))); String expectedMessage = "Unauthorized grant type: " + grantType; result.andExpect(jsonPath("$.error_description", is(expectedMessage))); Collection<OAuth2AccessToken> oauthTokens = apiOAuth2TokenManager.findTokensByUserName(username); Assert.assertEquals(0, oauthTokens.size()); }
private void missingGrant(String username, String password, String clientId, String secret, String grantType) throws Exception { MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("grant_type", grantType); params.add("username", username); params.add("password", password); String hash = new String(Base64.encode((clientId + ":" + secret).getBytes())); ResultActions result = mockMvc.perform(post("/oauth/token") .params(params) .header("Authorization", "Basic " + hash) .accept("application/json;charset=UTF-8")) .andExpect(status().isBadRequest()) .andExpect(content().contentType("application/json;charset=UTF-8")); String resultString = result.andReturn().getResponse().getContentAsString(); Assert.assertTrue(StringUtils.isNotBlank(resultString)); result.andExpect(jsonPath("$.error", is("invalid_request"))); result.andExpect(jsonPath("$.error_description", is("Missing grant type"))); Collection<OAuth2AccessToken> oauthTokens = apiOAuth2TokenManager.findTokensByUserName(username); Assert.assertEquals(0, oauthTokens.size()); }
private void authenticationFailed(String username, String password) throws Exception { MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("grant_type", "password"); params.add("username", username); params.add("password", password); String hash = new String(Base64.encode("test1_consumer:secret".getBytes())); ResultActions result = mockMvc.perform(post("/oauth/token") .params(params) .header("Authorization", "Basic " + hash) .accept("application/json;charset=UTF-8")) .andExpect(status().isUnauthorized()) .andExpect(content().contentType("application/json;charset=UTF-8")); String resultString = result.andReturn().getResponse().getContentAsString(); Assert.assertTrue(StringUtils.isNotBlank(resultString)); result.andExpect(jsonPath("$.error", is("unauthorized"))); result.andExpect(jsonPath("$.error_description", anything())); if (!StringUtils.isEmpty(username)) { Collection<OAuth2AccessToken> oauthTokens = apiOAuth2TokenManager.findTokensByUserName(username); Assert.assertEquals(0, oauthTokens.size()); } }
ResultActions result = mockMvc.perform(post("/oauth/token") .params(params) .header("Authorization", "Basic " + hash) .accept("application/json;charset=UTF-8"))
ResultActions result = mockMvc.perform(post("/oauth/token") .params(params) .header("Authorization", "Basic " + hash) .accept("application/json;charset=UTF-8"))