@Test public void testStoreToken_1() throws Exception { OAuth2Token token = new OAuth2TokenPersistence(MockUtils.getDummyEncrypter()); token.setGadgetUri("xxx"); token.setServiceName("yyy"); token.setExpiresAt(2); token.setIssuedAt(1); token.setMacAlgorithm(OAuth2Message.HMAC_SHA_1); token.setMacSecret("shh, it's a secret".getBytes("UTF-8")); token.setScope("mac_scope"); token.setSecret("i'll never tell".getBytes("UTF-8")); token.setTokenType(OAuth2Message.MAC_TOKEN_TYPE); token.setType(OAuth2Token.Type.ACCESS); token.setUser("zzz"); this.cache.storeToken(token); token = this.cache.getToken(token.getGadgetUri(), token.getServiceName(), token.getUser(), token.getScope(), token.getType()); Assert.assertNotNull(token); Assert.assertEquals("xxx", token.getGadgetUri()); Assert.assertEquals("yyy", token.getServiceName()); Assert.assertEquals(2, token.getExpiresAt()); Assert.assertEquals(1, token.getIssuedAt()); Assert.assertEquals(OAuth2Message.HMAC_SHA_1, token.getMacAlgorithm()); Assert.assertEquals("shh, it's a secret", new String(token.getMacSecret(), "UTF-8")); Assert.assertEquals("mac_scope", token.getScope()); Assert.assertEquals("i'll never tell", new String(token.getSecret(), "UTF-8")); Assert.assertEquals(OAuth2Message.MAC_TOKEN_TYPE, token.getTokenType()); Assert.assertEquals(OAuth2Token.Type.ACCESS, token.getType()); Assert.assertEquals("zzz", token.getUser()); }
protected String getTokenKey(final OAuth2Token token) { return this.getTokenKey(token.getGadgetUri(), token.getServiceName(), token.getUser(), token.getScope(), token.getType()); } }
if (accessToken == null || accessToken.getTokenType().length() == 0) { return MacTokenHandler.getError("accessToken is invalid " + accessToken); if (!MacTokenHandler.TOKEN_TYPE.equalsIgnoreCase(accessToken.getTokenType())) { return MacTokenHandler.getError("token type mismatch expected " + MacTokenHandler.TOKEN_TYPE + " but got " + accessToken.getTokenType()); final String algorithm = accessToken.getMacAlgorithm(); if (algorithm == null || algorithm.length() == 0) { return MacTokenHandler.getError("invalid mac algorithm " + algorithm); final byte[] macSecret = accessToken.getMacSecret(); if (macSecret == null) { return MacTokenHandler.getError("mac secret is null");
@Test public void testHandleRequest_5() throws Exception { final CodeAuthorizationResponseHandler fixture = CodeAuthorizationResponseHandlerTest.carh; final OAuth2Accessor accessor = MockUtils.getOAuth2Accessor_Redirecting(); final HttpServletRequest request = new DummyHttpServletRequest(); final OAuth2HandlerError result = fixture.handleRequest(accessor, request); Assert.assertNull(result); final OAuth2Token accessToken = CodeAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.ACCESS); Assert.assertNotNull(accessToken); Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8")); Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType()); Assert.assertTrue(accessToken.getExpiresAt() > 1000); final OAuth2Token refreshToken = CodeAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.REFRESH); Assert.assertNotNull(refreshToken); Assert.assertEquals("yyy", new String(refreshToken.getSecret(), "UTF-8")); }
String ext = accessToken.getMacExt(); if (ext == null || ext.length() == 0) { ext = ""; final String id = new String(accessToken.getSecret(), "UTF-8"); final String nonce = Long.toString(currentTime - accessToken.getIssuedAt()) + ':' + String.valueOf(Math.abs(Crypto.RAND.nextLong())); String bodyHash = MacTokenHandler.getBodyHash(request, accessToken.getMacSecret(), accessToken.getMacAlgorithm()); if (bodyHash == null) { bodyHash = ""; bodyHash, ext, accessToken.getMacSecret(), accessToken.getMacAlgorithm());
if (accessToken == null || accessToken.getTokenType().length() == 0) { return BearerTokenHandler.getError("accessToken is invalid " + accessToken); if (!BearerTokenHandler.TOKEN_TYPE.equalsIgnoreCase(accessToken.getTokenType())) { return BearerTokenHandler.getError("token type mismatch expected " + BearerTokenHandler.TOKEN_TYPE + " but got " + accessToken.getTokenType()); final byte[] secretBytes = accessToken.getSecret(); final String secret = new String(secretBytes, "UTF-8"); queryParams.put(OAuth2Message.ACCESS_TOKEN, secret); + new String(accessToken.getSecret(), "UTF-8"));
final long expiresAt = accessToken.getExpiresAt(); if (expiresAt != 0) { if (currentTime >= expiresAt) { final long expiresAt = refreshToken.getExpiresAt(); if (expiresAt != 0) { if (currentTime >= expiresAt) { final boolean isAllowed = OAuth2Utils.isUriAllowed(request.getUri(), accessor.getAllowedDomains()); if (isAllowed) { String tokenType = accessToken.getTokenType(); if (tokenType == null || tokenType.length() == 0) { tokenType = OAuth2Message.BEARER_TOKEN_TYPE;
queryParams.put(OAuth2Message.GRANT_TYPE, OAuth2Message.REFRESH_TOKEN); queryParams.put(OAuth2Message.REFRESH_TOKEN, new String(accessor.getRefreshToken() .getSecret(), "UTF-8")); if (accessor.getScope() != null && accessor.getScope().length() > 0) { queryParams.put(OAuth2Message.SCOPE, accessor.getScope());
if (other.getGadgetUri() != null) { return false; } else if (!this.gadgetUri.equals(other.getGadgetUri())) { return false; if (other.getServiceName() != null) { return false; } else if (!this.serviceName.equals(other.getServiceName())) { return false; if (other.getUser() != null) { return false; } else if (!this.user.equals(other.getUser())) { return false; if (other.getScope() != null) { return false; } else if (!this.scope.equals(other.getScope())) { return false; if (other.getType() != null) { return false; } else if (!this.type.equals(other.getType())) { return false;
@Test public void testHandleRequest_5() throws Exception { final CodeAuthorizationResponseHandler fixture = CodeAuthorizationResponseHandlerTest.carh; final OAuth2Accessor accessor = MockUtils.getOAuth2Accessor_Redirecting(); final HttpServletRequest request = new DummyHttpServletRequest(); final OAuth2HandlerError result = fixture.handleRequest(accessor, request); Assert.assertNull(result); final OAuth2Token accessToken = CodeAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.ACCESS); Assert.assertNotNull(accessToken); Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8")); Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType()); Assert.assertTrue(accessToken.getExpiresAt() > 1000); final OAuth2Token refreshToken = CodeAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.REFRESH); Assert.assertNotNull(refreshToken); Assert.assertEquals("yyy", new String(refreshToken.getSecret(), "UTF-8")); }
@Test public void testGetToken_1() throws Exception { final OAuth2Token result = this.cache.getToken(MockUtils.GADGET_URI1, MockUtils.SERVICE_NAME, MockUtils.USER, MockUtils.SCOPE, Type.ACCESS); Assert.assertNotNull(result); Assert.assertEquals(MockUtils.ACCESS_SECRET, new String(result.getSecret(), "UTF-8")); }
@Test public void testStoreToken_1() throws Exception { OAuth2Token token = new OAuth2TokenPersistence(MockUtils.getDummyEncrypter()); token.setGadgetUri("xxx"); token.setServiceName("yyy"); token.setExpiresAt(2); token.setIssuedAt(1); token.setMacAlgorithm(OAuth2Message.HMAC_SHA_1); token.setMacSecret("shh, it's a secret".getBytes("UTF-8")); token.setScope("mac_scope"); token.setSecret("i'll never tell".getBytes("UTF-8")); token.setTokenType(OAuth2Message.MAC_TOKEN_TYPE); token.setType(OAuth2Token.Type.ACCESS); token.setUser("zzz"); this.cache.storeToken(token); token = this.cache.getToken(token.getGadgetUri(), token.getServiceName(), token.getUser(), token.getScope(), token.getType()); Assert.assertNotNull(token); Assert.assertEquals("xxx", token.getGadgetUri()); Assert.assertEquals("yyy", token.getServiceName()); Assert.assertEquals(2, token.getExpiresAt()); Assert.assertEquals(1, token.getIssuedAt()); Assert.assertEquals(OAuth2Message.HMAC_SHA_1, token.getMacAlgorithm()); Assert.assertEquals("shh, it's a secret", new String(token.getMacSecret(), "UTF-8")); Assert.assertEquals("mac_scope", token.getScope()); Assert.assertEquals("i'll never tell", new String(token.getSecret(), "UTF-8")); Assert.assertEquals(OAuth2Message.MAC_TOKEN_TYPE, token.getTokenType()); Assert.assertEquals(OAuth2Token.Type.ACCESS, token.getType()); Assert.assertEquals("zzz", token.getUser()); }
final String origGadgetApi = token.getGadgetUri(); final String processedGadgetUri = this.getGadgetUri(token.getGadgetUri(), token.getServiceName()); token.setGadgetUri(processedGadgetUri); try { this.persister.removeToken(processedGadgetUri, token.getServiceName(), token.getUser(), token.getScope(), token.getType()); } finally { token.setGadgetUri(origGadgetApi); + token.getServiceName(), e);
@Test public void testHandleResponse_6() throws Exception { final OAuth2Accessor accessor = MockUtils.getOAuth2Accessor_Code(); final HttpResponseBuilder builder = new HttpResponseBuilder().setStrictNoCache(); builder.setHttpStatusCode(HttpResponse.SC_OK); builder.setHeader("Content-Type", "BAD"); builder.setContent("access_token=xxx&token_type=Bearer&expires=1&refresh_token=yyy&example_parameter=example_value"); final HttpResponse response = builder.create(); final OAuth2HandlerError result = TokenAuthorizationResponseHandlerTest.tarh.handleResponse( accessor, response); Assert.assertNull(result); final OAuth2Token accessToken = TokenAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.ACCESS); Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8")); Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType()); Assert.assertTrue(accessToken.getExpiresAt() > 1000); } }
@Test public void testGetToken_1() throws Exception { final OAuth2Token result = this.cache.getToken(MockUtils.GADGET_URI1, MockUtils.SERVICE_NAME, MockUtils.USER, MockUtils.SCOPE, Type.ACCESS); Assert.assertNotNull(result); Assert.assertEquals(MockUtils.ACCESS_SECRET, new String(result.getSecret(), "UTF-8")); }
final String gadgetUri = token.getGadgetUri(); final String serviceName = token.getServiceName(); token.setGadgetUri(processedGadgetUri); try { final OAuth2Token existingToken = this.getToken(gadgetUri, token.getServiceName(), token.getUser(), token.getScope(), token.getType()); try { if (existingToken == null) { synchronized (existingToken) { try { existingToken.setGadgetUri(processedGadgetUri); this.cache.removeToken(existingToken); this.persister.updateToken(token); } finally { existingToken.setGadgetUri(gadgetUri); token.setGadgetUri(gadgetUri);
@Test public void testHandleResponse_6() throws Exception { final OAuth2Accessor accessor = MockUtils.getOAuth2Accessor_Code(); final HttpResponseBuilder builder = new HttpResponseBuilder().setStrictNoCache(); builder.setHttpStatusCode(HttpResponse.SC_OK); builder.setHeader("Content-Type", "BAD"); builder.setContent("access_token=xxx&token_type=Bearer&expires=1&refresh_token=yyy&example_parameter=example_value"); final HttpResponse response = builder.create(); final OAuth2HandlerError result = TokenAuthorizationResponseHandlerTest.tarh.handleResponse( accessor, response); Assert.assertNull(result); final OAuth2Token accessToken = TokenAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.ACCESS); Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8")); Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType()); Assert.assertTrue(accessToken.getExpiresAt() > 1000); } }
@Test public void testStoreTokens_1() throws Exception { this.cache.clearTokens(); final Collection<OAuth2Token> tokens = new HashSet<OAuth2Token>(2); final OAuth2Token accessToken = MockUtils.getAccessToken(); final OAuth2Token refreshToken = MockUtils.getRefreshToken(); tokens.add(accessToken); tokens.add(refreshToken); this.cache.storeTokens(tokens); Assert.assertNotNull(this.cache.getToken(accessToken.getGadgetUri(), accessToken.getServiceName(), accessToken.getUser(), accessToken.getScope(), accessToken.getType())); Assert.assertNotNull(this.cache.getToken(refreshToken.getGadgetUri(), refreshToken.getServiceName(), refreshToken.getUser(), refreshToken.getScope(), refreshToken.getType())); } }
@Test public void testHandleResponse_4() throws Exception { final OAuth2Accessor accessor = MockUtils.getOAuth2Accessor_Code(); final HttpResponseBuilder builder = new HttpResponseBuilder().setStrictNoCache(); builder.setHttpStatusCode(HttpResponse.SC_OK); builder.setHeader("Content-Type", "text/plain"); builder.setContent("access_token=xxx&token_type=Bearer&expires=1&refresh_token=yyy&example_parameter=example_value"); final HttpResponse response = builder.create(); final OAuth2HandlerError result = TokenAuthorizationResponseHandlerTest.tarh.handleResponse( accessor, response); Assert.assertNull(result); final OAuth2Token accessToken = TokenAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.ACCESS); Assert.assertNotNull(accessToken); Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8")); Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType()); Assert.assertTrue(accessToken.getExpiresAt() > 1000); final OAuth2Token refreshToken = TokenAuthorizationResponseHandlerTest.store.getToken( accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(), accessor.getScope(), OAuth2Token.Type.REFRESH); Assert.assertNotNull(refreshToken); Assert.assertEquals("yyy", new String(refreshToken.getSecret(), "UTF-8")); }
@Test public void testStoreTokens_1() throws Exception { this.cache.clearTokens(); final Collection<OAuth2Token> tokens = new HashSet<OAuth2Token>(2); final OAuth2Token accessToken = MockUtils.getAccessToken(); final OAuth2Token refreshToken = MockUtils.getRefreshToken(); tokens.add(accessToken); tokens.add(refreshToken); this.cache.storeTokens(tokens); Assert.assertNotNull(this.cache.getToken(accessToken.getGadgetUri(), accessToken.getServiceName(), accessToken.getUser(), accessToken.getScope(), accessToken.getType())); Assert.assertNotNull(this.cache.getToken(refreshToken.getGadgetUri(), refreshToken.getServiceName(), refreshToken.getUser(), refreshToken.getScope(), refreshToken.getType())); } }