/** * The refresh token validity period in seconds * * @param clientAuth the current authorization request * @return the refresh token validity period in seconds */ protected int getRefreshTokenValiditySeconds(OAuth2Request clientAuth) { if (clientDetailsService != null) { ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId()); Integer validity = client.getRefreshTokenValiditySeconds(); if (validity != null) { return validity; } } return refreshTokenValiditySeconds; }
@Override public Integer getValiditySeconds(String clientId) { ClientDetails clientDetails; try { clientDetails = clientServicesExtension.loadClientByClientId(clientId, IdentityZoneHolder.get().getId()); } catch (ClientRegistrationException e) { logger.info("Could not load details for client " + clientId, e); return null; } return clientDetails.getRefreshTokenValiditySeconds(); }
@Test public void testRefreshClientValidity_whenClientPresent_doesNotHaveARefreshTokenValiditySet() { when(clientDetails.getRefreshTokenValiditySeconds()).thenReturn(null); assertThat(clientRefreshTokenValidity.getValiditySeconds("clientId"), is(nullValue())); }
@Before public void setUp() { clientServicesExtension = mock(ClientServicesExtension.class); clientDetails = mock(ClientDetails.class); when(clientDetails.getRefreshTokenValiditySeconds()).thenReturn(42); defaultZone = IdentityZone.getUaa(); PowerMockito.mockStatic(IdentityZoneHolder.class); when(IdentityZoneHolder.get()).thenReturn(defaultZone); when(clientServicesExtension.loadClientByClientId("clientId", "uaa")).thenReturn(clientDetails); clientRefreshTokenValidity = new ClientRefreshTokenValidity(clientServicesExtension); }
@Test public void testRefreshClientValidity_whenClientPresentInADifferentZone() { IdentityZone notUaa = new IdentityZone(); notUaa.setId("uaa_not"); clientDetails = mock(ClientDetails.class); when(IdentityZoneHolder.get()).thenReturn(notUaa); when(clientDetails.getRefreshTokenValiditySeconds()).thenReturn(24); when(clientServicesExtension.loadClientByClientId("clientId", "uaa_not")).thenReturn(clientDetails); Integer validitySeconds = clientRefreshTokenValidity.getValiditySeconds("clientId"); assertThat(validitySeconds, is(24)); }
private Object[] getFieldsForUpdate(ClientDetails clientDetails, String zoneId) { Map<String, Object> additionalInformation = new HashMap(clientDetails.getAdditionalInformation()); Collection<String> requiredGroups = (Collection<String>) additionalInformation.remove(REQUIRED_USER_GROUPS); String json; try { json = JsonUtils.writeValueAsString(additionalInformation); } catch (Exception e) { logger.warn("Could not serialize additional information: " + clientDetails, e); throw new InvalidDataAccessResourceUsageException("Could not serialize additional information:"+clientDetails.getClientId(), e); } return new Object[] { collectionToString(clientDetails.getResourceIds()), collectionToString(clientDetails.getScope()), collectionToString(clientDetails.getAuthorizedGrantTypes()), collectionToString(clientDetails.getRegisteredRedirectUri()), collectionToString(clientDetails.getAuthorities()), clientDetails.getAccessTokenValiditySeconds(), clientDetails.getRefreshTokenValiditySeconds(), json, getAutoApproveScopes(clientDetails), new Timestamp(System.currentTimeMillis()), collectionToString(requiredGroups), clientDetails.getClientId(), zoneId }; }
assertEquals(validity, created.getAccessTokenValiditySeconds()); validity = (Integer) map.get("refresh-token-validity"); assertEquals(validity, created.getRefreshTokenValiditySeconds());
details.setRefreshTokenValiditySeconds(existing.getRefreshTokenValiditySeconds());
@Test public void testUpdateClients() throws Exception { BaseClientDetails[] clients = doCreateClients(); headers = getAuthenticatedHeaders(getClientCredentialsAccessToken("clients.admin,clients.read,clients.write,clients.secret")); headers.add("Accept", "application/json"); for (int i = 0; i < clients.length; i++) { clients[i].setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("some.crap")); clients[i].setAccessTokenValiditySeconds(60); clients[i].setRefreshTokenValiditySeconds(120); } ResponseEntity<BaseClientDetails[]> result = serverRunning.getRestTemplate().exchange( serverRunning.getUrl("/oauth/clients/tx"), HttpMethod.PUT, new HttpEntity<BaseClientDetails[]>(clients, headers), BaseClientDetails[].class); assertEquals(HttpStatus.OK, result.getStatusCode()); validateClients(clients, result.getBody()); for (int i = 0; i < clients.length; i++) { ClientDetails client = getClient(clients[i].getClientId()); assertNotNull(client); assertEquals((Integer) 120, client.getRefreshTokenValiditySeconds()); assertEquals((Integer) 60, client.getAccessTokenValiditySeconds()); } }
clientDetails.getAccessTokenValiditySeconds()); assertEquals(new Integer(200), clientDetails.getRefreshTokenValiditySeconds());
public BaseClientDetails(ClientDetails prototype) { this(); setAccessTokenValiditySeconds(prototype.getAccessTokenValiditySeconds()); setRefreshTokenValiditySeconds(prototype .getRefreshTokenValiditySeconds()); setAuthorities(prototype.getAuthorities()); setAuthorizedGrantTypes(prototype.getAuthorizedGrantTypes()); setClientId(prototype.getClientId()); setClientSecret(prototype.getClientSecret()); setRegisteredRedirectUri(prototype.getRegisteredRedirectUri()); setScope(prototype.getScope()); setResourceIds(prototype.getResourceIds()); }
private Object[] getFieldsForUpdate(ClientDetails clientDetails) { String json = null; try { json = mapper.write(clientDetails.getAdditionalInformation()); } catch (Exception e) { logger.warn("Could not serialize additional information: " + clientDetails, e); } return new Object[] { clientDetails.getResourceIds() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails .getResourceIds()) : null, clientDetails.getScope() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails .getScope()) : null, clientDetails.getAuthorizedGrantTypes() != null ? StringUtils .collectionToCommaDelimitedString(clientDetails.getAuthorizedGrantTypes()) : null, clientDetails.getRegisteredRedirectUri() != null ? StringUtils .collectionToCommaDelimitedString(clientDetails.getRegisteredRedirectUri()) : null, clientDetails.getAuthorities() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails .getAuthorities()) : null, clientDetails.getAccessTokenValiditySeconds(), clientDetails.getRefreshTokenValiditySeconds(), json, getAutoApproveScopes(clientDetails), clientDetails.getClientId() }; }
clientDetails.getAccessTokenValiditySeconds()); assertEquals(new Integer(200), clientDetails.getRefreshTokenValiditySeconds()); assertTrue(clientDetails.isAutoApprove("read"));
@Test void testDeleteClientsTxRollbackInvalidId() throws Exception { int count = 5; BaseClientDetails[] details = new BaseClientDetails[count]; for (int i = 0; i < details.length; i++) { details[i] = (BaseClientDetails) createClient(adminToken, null, SECRET, null); } String firstId = details[0].getClientId(); details[0].setClientId("unknown.client.id"); MockHttpServletRequestBuilder deleteClientsPost = post("/oauth/clients/tx/delete") .header("Authorization", "Bearer " + adminToken) .accept(APPLICATION_JSON) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(details)); ResultActions result = mockMvc.perform(deleteClientsPost); result.andExpect(status().isNotFound()); details[0].setClientId(firstId); for (ClientDetails client : details) { ClientDetails c = getClient(client.getClientId()); assertNotNull(c); assertNull(c.getClientSecret()); assertNull(c.getRefreshTokenValiditySeconds()); } verify(mockApplicationEventPublisher, times(count)).publishEvent(abstractUaaEventCaptor.capture()); }
for (ClientDetails client : clients) { assertNotNull(getClient(client.getClientId())); assertEquals(new Integer(120), client.getRefreshTokenValiditySeconds());
@Test void testUpdateClientsTxInvalidId() throws Exception { int count = 5; BaseClientDetails[] details = new BaseClientDetails[count]; for (int i = 0; i < details.length; i++) { details[i] = (BaseClientDetails) createClient(adminToken, null, SECRET, null); details[i].setRefreshTokenValiditySeconds(120); } String firstId = details[0].getClientId(); details[0].setClientId("unknown.client.id"); MockHttpServletRequestBuilder updateClientPut = put("/oauth/clients/tx") .header("Authorization", "Bearer " + adminToken) .accept(APPLICATION_JSON) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(details)); ResultActions result = mockMvc.perform(updateClientPut); result.andExpect(status().isNotFound()); details[0].setClientId(firstId); for (ClientDetails client : details) { ClientDetails c = getClient(client.getClientId()); assertNotNull(c); assertNull(c.getClientSecret()); assertNull(c.getRefreshTokenValiditySeconds()); } //create and then update events verify(mockApplicationEventPublisher, times(count)).publishEvent(abstractUaaEventCaptor.capture()); }
ClientDetails c = getClient(details[i].getClientId()); assertNotNull(c); assertEquals(new Integer(120), c.getRefreshTokenValiditySeconds()); ClientDetails c = getClient(details[i].getClientId()); assertNotNull(c); assertNull(c.getRefreshTokenValiditySeconds());
ClientDetails c = getClient(details[i].getClientId()); assertNotNull(c); assertNull(c.getRefreshTokenValiditySeconds());
private Object[] getFieldsForUpdate(ClientDetails clientDetails) { String json = null; try { json = this.mapper.write(clientDetails.getAdditionalInformation()); } catch (Exception var4) { logger.warn("Could not serialize additional information: " + clientDetails, var4); } return new Object[]{clientDetails.getResourceIds() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getResourceIds()) : null, clientDetails.getScope() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getScope()) : null, clientDetails.getAuthorizedGrantTypes() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorizedGrantTypes()) : null, clientDetails.getRegisteredRedirectUri() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getRegisteredRedirectUri()) : null, clientDetails.getAuthorities() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorities()) : null, clientDetails.getAccessTokenValiditySeconds(), clientDetails.getRefreshTokenValiditySeconds(), json, this.getAutoApproveScopes(clientDetails), clientDetails.getClientId()}; }
public BaseClientDetails(ClientDetails prototype) { this(); setAccessTokenValiditySeconds(prototype.getAccessTokenValiditySeconds()); setRefreshTokenValiditySeconds(prototype .getRefreshTokenValiditySeconds()); setAuthorities(prototype.getAuthorities()); setAuthorizedGrantTypes(prototype.getAuthorizedGrantTypes()); setClientId(prototype.getClientId()); setClientSecret(prototype.getClientSecret()); setRegisteredRedirectUri(prototype.getRegisteredRedirectUri()); setScope(prototype.getScope()); setResourceIds(prototype.getResourceIds()); }