ziver/zutil
1
0
Fork 0
Code Issues Pull requests Activity Actions

Implemented OAuth2 refresh_token process

Browse source
This commit is contained in:
Ziver Koc 2020-11-25 00:51:26 +01:00
parent 7519763b62
commit 2786e93df2
5 changed files with 208 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

4
test/zutil/net/http/page/oauth/OAuth2AuthorizationPageTest.java
View file

@ -153,7 +153,7 @@ public class OAuth2AuthorizationPageTest {
assertNotNull(url.getParameter("code"));
assertNull(url.getParameter("state"));
assertTrue(registry.isAuthorizationCodeValid("12345", url.getParameter("code")));
assertTrue(registry.isAuthorizationCodeValid(url.getParameter("code")));
}
@Test
@ -169,6 +169,6 @@ public class OAuth2AuthorizationPageTest {
HttpURL url = new HttpURL(rspHeader.getHeader("Location"));
assertEquals("app_state", url.getParameter("state"));
assertTrue(registry.isAuthorizationCodeValid("12345", url.getParameter("code")));
assertTrue(registry.isAuthorizationCodeValid(url.getParameter("code")));
}
}

53
test/zutil/net/http/page/oauth/OAuth2TokenPageTest.java
View file

@ -157,8 +157,7 @@ public class OAuth2TokenPageTest {
}
@Test
public void requestBasic() throws IOException {
private HttpHeader doBasicRequest() throws IOException {
HttpHeader reqHeader = new HttpHeader();
reqHeader.setURLAttribute("client_id", VALID_CLIENT_ID);
reqHeader.setURLAttribute("redirect_uri", VALID_REDIRECT_URI);
@ -166,6 +165,13 @@ public class OAuth2TokenPageTest {
reqHeader.setURLAttribute("code", VALID_AUTH_CODE);
HttpHeader rspHeader = HttpTestUtil.makeRequest(tokenPage, reqHeader);
return rspHeader;
}
@Test
public void requestBasic() throws IOException {
HttpHeader rspHeader = doBasicRequest();
assertEquals(200, rspHeader.getResponseStatusCode());
assertEquals("application/json", rspHeader.getHeader("Content-Type"));
DataNode json = JSONParser.read(IOUtil.readContentAsString(rspHeader.getInputStream()));
@ -174,6 +180,47 @@ public class OAuth2TokenPageTest {
assertNotNull(json.getString("expires_in"));
assertEquals("bearer", json.getString("token_type"));
assertTrue(registry.isAccessTokenValid(VALID_CLIENT_ID, json.getString("access_token")));
assertTrue(registry.isAccessTokenValid(json.getString("access_token")));
}
@Test
public void revocationCode() throws IOException {
requestBasic();
HttpHeader reqHeader = new HttpHeader();
reqHeader.setURLAttribute("client_id", VALID_CLIENT_ID);
reqHeader.setURLAttribute("redirect_uri", VALID_REDIRECT_URI);
reqHeader.setURLAttribute("grant_type", VALID_GRANT_TYPE);
reqHeader.setURLAttribute("code", VALID_AUTH_CODE);
HttpHeader rspHeader = HttpTestUtil.makeRequest(tokenPage, reqHeader);
assertEquals(400, rspHeader.getResponseStatusCode());
DataNode json = JSONParser.read(IOUtil.readContentAsString(rspHeader.getInputStream()));
assertEquals("invalid_grant", json.getString("error"));
}
@Test
public void requestRefreshToken() throws IOException {
HttpHeader rspHeader = doBasicRequest();
DataNode json = JSONParser.read(IOUtil.readContentAsString(rspHeader.getInputStream()));
String refreshToken = json.getString("refresh_token");
assertTrue(registry.isAuthorizationCodeValid(refreshToken));
HttpHeader reqHeader = new HttpHeader();
reqHeader.setURLAttribute("grant_type", "refresh_token");
reqHeader.setURLAttribute("refresh_token", refreshToken);
rspHeader = HttpTestUtil.makeRequest(tokenPage, reqHeader);
assertEquals(200, rspHeader.getResponseStatusCode());
json = JSONParser.read(IOUtil.readContentAsString(rspHeader.getInputStream()));
assertNotNull(json.getString("refresh_token"));
assertNotNull(json.getString("access_token"));
assertNotNull(json.getString("expires_in"));
assertEquals("bearer", json.getString("token_type"));
assertTrue(registry.isAccessTokenValid(json.getString("access_token")));
assertTrue(registry.isAuthorizationCodeValid(json.getString("refresh_token")));
assertFalse(registry.isAuthorizationCodeValid(refreshToken));
}
}