View Javadoc

1   package sparklr.common;
2   
3   import static org.junit.Assert.assertEquals;
4   import static org.junit.Assert.assertFalse;
5   import static org.junit.Assert.assertNotNull;
6   import static org.junit.Assert.assertTrue;
7   
8   import java.util.Map;
9   
10  import org.junit.Test;
11  import org.springframework.http.HttpHeaders;
12  import org.springframework.http.HttpStatus;
13  import org.springframework.http.ResponseEntity;
14  import org.springframework.security.crypto.codec.Base64;
15  import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
16  import org.springframework.security.oauth2.common.OAuth2AccessToken;
17  import org.springframework.util.LinkedMultiValueMap;
18  import org.springframework.util.MultiValueMap;
19  
20  /**
21   * @author Dave Syer
22   */
23  public abstract class AbstractRefreshTokenSupportTests extends AbstractIntegrationTests {
24  
25  	/**
26  	 * tests a happy-day flow of the refresh token provider.
27  	 */
28  	@Test
29  	public void testHappyDay() throws Exception {
30  
31  		OAuth2AccessToken accessToken = getAccessToken("read write", "my-trusted-client");
32  
33  		// now use the refresh token to get a new access token.
34  		assertNotNull(accessToken.getRefreshToken());
35  		OAuth2AccessToken newAccessToken = refreshAccessToken(accessToken.getRefreshToken().getValue());
36  		assertFalse(newAccessToken.getValue().equals(accessToken.getValue()));
37  
38  		verifyAccessTokens(accessToken, newAccessToken);
39  
40  	}
41  
42  	protected void verifyAccessTokens(OAuth2AccessToken oldAccessToken, OAuth2AccessToken newAccessToken) {
43  		// make sure the new access token can be used.
44  		verifyTokenResponse(newAccessToken.getValue(), HttpStatus.OK);
45  		// make sure the old access token isn't valid anymore.
46  		verifyTokenResponse(oldAccessToken.getValue(), HttpStatus.UNAUTHORIZED);
47  	}
48  
49  	protected void verifyTokenResponse(String accessToken, HttpStatus status) {
50  		HttpHeaders headers = new HttpHeaders();
51  		headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, accessToken));
52  		assertEquals(status, http.getStatusCode("/admin/beans", headers));
53  	}
54  
55  	private OAuth2AccessToken refreshAccessToken(String refreshToken) {
56  
57  		MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>();
58  		formData.add("grant_type", "refresh_token");
59  		formData.add("client_id", "my-trusted-client");
60  		formData.add("refresh_token", refreshToken);
61  		formData.add("scope", "read");
62  		HttpHeaders headers = getTokenHeaders("my-trusted-client");
63  
64  		@SuppressWarnings("rawtypes")
65  		ResponseEntity<Map> response = http.postForMap(tokenPath(), headers, formData);
66  		assertEquals(HttpStatus.OK, response.getStatusCode());
67  		assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders()
68  				.getFirst("Cache-Control").contains("no-store"));
69  		@SuppressWarnings("unchecked")
70  		OAuth2AccessToken newAccessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
71  		return newAccessToken;
72  
73  	}
74  
75  	private OAuth2AccessToken getAccessToken(String scope, String clientId) throws Exception {
76  		MultiValueMap<String, String> formData = getTokenFormData(scope, clientId);
77  		HttpHeaders headers = getTokenHeaders(clientId);
78  		@SuppressWarnings("rawtypes")
79  		ResponseEntity<Map> response = http.postForMap(tokenPath(), headers, formData);
80  		assertEquals(HttpStatus.OK, response.getStatusCode());
81  		assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders()
82  				.getFirst("Cache-Control").contains("no-store"));
83  
84  		@SuppressWarnings("unchecked")
85  		OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
86  		return accessToken;
87  	}
88  
89  	private HttpHeaders getTokenHeaders(String clientId) {
90  		HttpHeaders headers = new HttpHeaders();
91  		if (clientId != null) {
92  			headers.set("Authorization", "Basic " + new String(Base64.encode((clientId + ":").getBytes())));
93  		}
94  		return headers ;
95  	}
96  
97  	private MultiValueMap<String, String> getTokenFormData(String scope, String clientId) {
98  		MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>();
99  		formData.add("grant_type", "password");
100 		if (clientId != null) {
101 			formData.add("client_id", clientId);
102 		}
103 		formData.add("scope", scope);
104 		formData.add("username", "user");
105 		formData.add("password", "password");
106 		return formData;
107 	}
108 }