assertTrue(clientDetails.isSecretRequired()); assertEquals("mySecret", clientDetails.getClientSecret()); assertTrue(clientDetails.isScoped()); assertEquals(1, clientDetails.getScope().size()); assertEquals("myScope", clientDetails.getScope().iterator().next());
assertTrue(clientDetails.isSecretRequired()); assertEquals("mySecret", clientDetails.getClientSecret()); assertTrue(clientDetails.isScoped()); assertEquals(2, clientDetails.getResourceIds().size()); Iterator<String> resourceIds = clientDetails.getResourceIds()
@Test public void testLoadingClientIdWithNoDetails() { int rowsInserted = jdbcTemplate.update(INSERT_SQL, "clientIdWithNoDetails", null, null, null, null, null, null, null, null, null, IdentityZoneHolder.get().getId(), new Timestamp(System.currentTimeMillis()), dbRequestedUserGroups ); assertEquals(1, rowsInserted); ClientDetails clientDetails = service .loadClientByClientId("clientIdWithNoDetails"); assertEquals("clientIdWithNoDetails", clientDetails.getClientId()); assertFalse(clientDetails.isSecretRequired()); assertNull(clientDetails.getClientSecret()); assertFalse(clientDetails.isScoped()); assertEquals(0, clientDetails.getScope().size()); assertEquals(2, clientDetails.getAuthorizedGrantTypes().size()); assertNull(clientDetails.getRegisteredRedirectUri()); assertEquals(0, clientDetails.getAuthorities().size()); assertEquals(null, clientDetails.getAccessTokenValiditySeconds()); assertEquals(null, clientDetails.getAccessTokenValiditySeconds()); }
private void validateScope(ClientDetails clientDetails, Set<String> scopes) { if (clientDetails.isScoped()) { Set<String> validScope = clientDetails.getScope(); if (scopes.isEmpty()) { throw new InvalidScopeException("Invalid scope (none)"); } else if (!containsAny(validScope, ScopePathType.ORCID_PROFILE_CREATE, ScopePathType.WEBHOOK, ScopePathType.PREMIUM_NOTIFICATION, ScopePathType.GROUP_ID_RECORD_READ, ScopePathType.GROUP_ID_RECORD_UPDATE) && !scopes.contains(ScopePathType.READ_PUBLIC.value()) && scopes.size() == 1) { throw new InvalidScopeException("Invalid scope" + (scopes != null && scopes.size() > 1 ? "s: " : ": " + "") + OAuth2Utils.formatParameterList(scopes), validScope); } // The Read public does not have to be granted. It's the implied // read level. We let this through, regardless if (scopes.size() == 1 && scopes.iterator().next().equals(ScopePathType.READ_PUBLIC.value())) { return; } for (String scope : scopes) { if (!validScope.contains(scope)) { throw new InvalidScopeException("Invalid scope: " + scope, validScope); } } } }
public void validateParameters(Map<String, String> parameters, ClientDetails clientDetails, String responseType) { if (parameters.containsKey("scope")) { if (clientDetails.isScoped()) { Set<String> validScope = clientDetails.getScope(); for (String scope : OAuth2Utils.parseParameterList(parameters.get("scope"))) { if (OpenIDConnectScopesToIgnore.contains(scope)) {//ignore openid scopes continue; } ScopePathType scopeType = null; try { scopeType = ScopePathType.fromValue(scope); } catch(Exception e) { throw new InvalidScopeException("Invalid scope: " + scope); } if (scopeType.isClientCreditalScope()) throw new InvalidScopeException("Invalid scope: " + scope); if (!validScope.contains(scope)) throw new InvalidScopeException("Invalid scope: " + scope); } } } }
private ClientDetail getMongoDBClientDetailsFromClient(ClientDetails cd) { ClientDetail clientDetails = new ClientDetail(); clientDetails.setAccessTokenValiditySeconds(cd.getAccessTokenValiditySeconds()); clientDetails.setAdditionalInformation(cd.getAdditionalInformation()); clientDetails.setAuthorizedGrantTypes(cd.getAuthorizedGrantTypes()); clientDetails.setClientId(cd.getClientId()); clientDetails.setClientSecret(cd.getClientSecret()); clientDetails.setRefreshTokenValiditySeconds(cd.getRefreshTokenValiditySeconds()); clientDetails.setRegisteredRedirectUri(cd.getRegisteredRedirectUri()); clientDetails.setResourceIds(cd.getResourceIds()); clientDetails.setScope(cd.getScope()); clientDetails.setScoped(cd.isScoped()); clientDetails.setSecretRequired(cd.isSecretRequired()); clientDetails.setId(cd.getClientId()); return clientDetails; }