/** * @param config config to define connection parameters * @param accessTokenStorage to access and refresh tokens */ public AccessTokenSession(@Nonnull SessionConfiguration config, @Nonnull AccessTokenStorage accessTokenStorage) { super(new AccessTokenAuthenticator(config, accessTokenStorage)); } }
boolean signedByOldToken(Response response, AccessToken oAuth2Token) { String value = ApiInterceptor.getAuthorizationHeader(response.request()); String accessToken = createBearerToken(oAuth2Token); return value != null && !value.equals(accessToken); }
public AccessTokenAuthenticator(SessionConfiguration sessionConfiguration, AccessTokenStorage tokenStorage) { this(sessionConfiguration, tokenStorage, createOAuthService(String.format(TOKEN_URL, sessionConfiguration.getLoginHost()))); }
Request refreshAndSign(Response response, AccessToken auth2Token) throws IOException { AccessToken token = refreshToken(auth2Token); return resign(response, token); }
protected synchronized Request doRefresh(Response response) throws IOException { final AccessToken token = tokenStorage.getAccessToken(); if (signedByOldToken(response, token)) { return resign(response, token); } else { return refreshAndSign(response, token); } }
@Test public void testRefreshAndSign_callsRefreshAndCallsResign() throws Exception { AccessToken newToken = mock(AccessToken.class); doReturn(newToken).when(authenticator).refreshToken(eq(accessToken)); authenticator.refreshAndSign(dummyResponse, accessToken); verify(authenticator).refreshToken(eq(accessToken)); verify(authenticator).resign(eq(dummyResponse), eq(newToken)); }
@Test public void testDoRefreshToken_ifNotSignedByOldToken_refreshAndResign() throws Exception { when(accessTokenStorage.getAccessToken()).thenReturn(accessToken); doReturn(false).when(authenticator).signedByOldToken(eq(dummyResponse), eq(accessToken)); doReturn(dummyRequest).when(authenticator).refreshAndSign(eq(dummyResponse), eq(accessToken)); Request result = authenticator.doRefresh(dummyResponse); verify(authenticator).refreshAndSign(eq(dummyResponse), eq(accessToken)); assertEquals(dummyRequest, result); }
@Test public void testDoRefreshToken_ifSignedByOldToken_resign() throws Exception { when(accessTokenStorage.getAccessToken()).thenReturn(accessToken); doReturn(true).when(authenticator).signedByOldToken(eq(dummyResponse), eq(accessToken)); doReturn(dummyRequest).when(authenticator).resign(eq(dummyResponse), eq(accessToken)); Request result = authenticator.doRefresh(dummyResponse); verify(authenticator).resign(eq(dummyResponse), eq(accessToken)); assertEquals(dummyRequest, result); }
@Test public void testSignedByOldToken_whenEqual_returnFalse() throws Exception { when(accessToken.getToken()).thenReturn("token1234"); doCallRealMethod().when(authenticator).createBearerToken(eq(accessToken)); Request request = dummyRequest.newBuilder().header("Authorization", "Bearer token1234").build(); Response response = dummyResponse.newBuilder().request(request).build(); assertFalse(authenticator.signedByOldToken(response, accessToken)); }
@Test public void testResign_callsSetBearerToken() throws Exception { authenticator.resign(dummyResponse, accessToken); verify(authenticator).setBearerToken(any(Request.Builder.class), eq(accessToken)); }
Request resign(Response response, AccessToken auth2Token) { Request.Builder builder = response.request().newBuilder(); setBearerToken(builder, auth2Token); return builder.build(); }
@Test public void testSignRequest_callsSetBearerToken() throws Exception { when(accessTokenStorage.getAccessToken()).thenReturn(accessToken); when(accessToken.getToken()).thenReturn("token"); Request.Builder builder = dummyRequest.newBuilder(); authenticator.signRequest(builder); verify(authenticator).setBearerToken(eq(builder), eq(accessToken)); }
@Test public void testRefreshToken() throws Exception { when(accessToken.getRefreshToken()).thenReturn("refresh"); when(config.getClientId()).thenReturn("clientId"); when(service.refresh(eq("refresh"), eq("clientId"))).thenReturn(serviceResult); when(serviceResult.execute()).thenReturn(retrofit2.Response.success(accessToken)); assertEquals(accessToken, authenticator.refreshToken(accessToken)); verify(accessTokenStorage).setAccessToken(accessToken); }
protected synchronized Request doRefresh(Response response) throws IOException { final AccessToken token = tokenStorage.getAccessToken(); if (signedByOldToken(response, token)) { return resign(response, token); } else { return refreshAndSign(response, token); } }
@Test public void testSignedByOldToken_whenNotEqual_returnTrue() throws Exception { when(accessToken.getToken()).thenReturn("token1234"); doCallRealMethod().when(authenticator).createBearerToken(eq(accessToken)); Request request = dummyRequest.newBuilder().header("Authorization", "Bearer token123").build(); Response response = dummyResponse.newBuilder().request(request).build(); assertTrue(authenticator.signedByOldToken(response, accessToken)); }
Request refreshAndSign(Response response, AccessToken auth2Token) throws IOException { AccessToken token = refreshToken(auth2Token); return resign(response, token); }
Request resign(Response response, AccessToken auth2Token) { Request.Builder builder = response.request().newBuilder(); setBearerToken(builder, auth2Token); return builder.build(); }
boolean signedByOldToken(Response response, AccessToken oAuth2Token) { String value = ApiInterceptor.getAuthorizationHeader(response.request()); String accessToken = createBearerToken(oAuth2Token); return value != null && !value.equals(accessToken); }
@Override public void signRequest(Request.Builder builder) { if(tokenStorage.getAccessToken() != null && tokenStorage.getAccessToken().getToken() != null) { setBearerToken(builder, tokenStorage.getAccessToken()); } }
public AccessTokenAuthenticator(SessionConfiguration sessionConfiguration, AccessTokenStorage tokenStorage) { this(sessionConfiguration, tokenStorage, createOAuthService(String.format(TOKEN_URL, sessionConfiguration.getLoginHost()))); }