/** * Gets the {@link OpenIDConsumer} that was configured or defaults to an * {@link OpenID4JavaConsumer}. * @return the {@link OpenIDConsumer} to use * @throws ConsumerException */ private OpenIDConsumer getConsumer() throws ConsumerException { if (this.openIDConsumer == null) { this.openIDConsumer = new OpenID4JavaConsumer(getConsumerManager(), attributesToFetchFactory()); } return this.openIDConsumer; }
@Override public void afterPropertiesSet() { super.afterPropertiesSet(); if (consumer == null) { try { consumer = new OpenID4JavaConsumer(); } catch (ConsumerException e) { throw new IllegalArgumentException("Failed to initialize OpenID", e); } } if (returnToUrlParameters.isEmpty() && getRememberMeServices() instanceof AbstractRememberMeServices) { returnToUrlParameters = new HashSet<>(); returnToUrlParameters .add(((AbstractRememberMeServices) getRememberMeServices()) .getParameter()); } }
@Test public void additionalConstructorsWork() throws Exception { new OpenID4JavaConsumer(); new OpenID4JavaConsumer(new MockAttributesFactory()); }
@Test public void fetchAttributesReturnsExpectedValues() throws Exception { OpenID4JavaConsumer consumer = new OpenID4JavaConsumer( new NullAxFetchListFactory()); Message msg = mock(Message.class); FetchResponse fr = mock(FetchResponse.class); when(msg.hasExtension(AxMessage.OPENID_NS_AX)).thenReturn(true); when(msg.getExtension(AxMessage.OPENID_NS_AX)).thenReturn(fr); when(fr.getAttributeValues("a")).thenReturn(Arrays.asList("x", "y")); List<OpenIDAttribute> fetched = consumer.fetchAxAttributes(msg, attributes); assertThat(fetched).hasSize(1); assertThat(fetched.get(0).getValues()).hasSize(2); }
@Test(expected = OpenIDConsumerException.class) public void messageExceptionFetchingAttributesRaisesOpenIDException() throws Exception { OpenID4JavaConsumer consumer = new OpenID4JavaConsumer( new NullAxFetchListFactory()); Message msg = mock(Message.class); FetchResponse fr = mock(FetchResponse.class); when(msg.hasExtension(AxMessage.OPENID_NS_AX)).thenReturn(true); when(msg.getExtension(AxMessage.OPENID_NS_AX)) .thenThrow(new MessageException("")); when(fr.getAttributeValues("a")).thenReturn(Arrays.asList("x", "y")); consumer.fetchAxAttributes(msg, attributes); }
@Test public void failedVerificationReturnsFailedAuthenticationStatus() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); VerificationResult vr = mock(VerificationResult.class); DiscoveryInformation di = mock(DiscoveryInformation.class); when( mgr.verify(any(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute(DiscoveryInformation.class.getName(), di); OpenIDAuthenticationToken auth = consumer.endConsumption(request); assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.FAILURE); }
@SuppressWarnings("deprecation") @Test public void beginConsumptionCreatesExpectedSessionData() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); AuthRequest authReq = mock(AuthRequest.class); DiscoveryInformation di = mock(DiscoveryInformation.class); when(mgr.authenticate(any(DiscoveryInformation.class), any(), any())) .thenReturn(authReq); when(mgr.associate(any())).thenReturn(di); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new MockAttributesFactory()); MockHttpServletRequest request = new MockHttpServletRequest(); consumer.beginConsumption(request, "", "", ""); assertThat(request.getSession().getAttribute( "SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST")).isEqualTo(attributes); assertThat( request.getSession().getAttribute(DiscoveryInformation.class.getName())).isEqualTo(di); // Check with empty attribute fetch list consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); request = new MockHttpServletRequest(); consumer.beginConsumption(request, "", "", ""); }
@Test(expected = OpenIDConsumerException.class) public void discoveryExceptionRaisesOpenIDException() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); when(mgr.discover(any())).thenThrow(new DiscoveryException("msg")); consumer.beginConsumption(new MockHttpServletRequest(), "", "", ""); }
@SuppressWarnings("serial") @Test public void successfulVerificationReturnsExpectedAuthentication() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); VerificationResult vr = mock(VerificationResult.class); DiscoveryInformation di = mock(DiscoveryInformation.class); Identifier id = new Identifier() { public String getIdentifier() { return "id"; } }; Message msg = mock(Message.class); when( mgr.verify(any(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr); when(vr.getVerifiedId()).thenReturn(id); when(vr.getAuthResponse()).thenReturn(msg); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute(DiscoveryInformation.class.getName(), di); request.getSession().setAttribute( "SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST", attributes); OpenIDAuthenticationToken auth = consumer.endConsumption(request); assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.SUCCESS); }
@Test(expected = OpenIDConsumerException.class) public void missingDiscoveryInformationThrowsException() throws Exception { OpenID4JavaConsumer consumer = new OpenID4JavaConsumer( new NullAxFetchListFactory()); consumer.endConsumption(new MockHttpServletRequest()); }
@Test public void messageOrConsumerAuthenticationExceptionRaisesOpenIDException() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); when(mgr.authenticate(ArgumentMatchers.<DiscoveryInformation>any(), any(), any())) .thenThrow(new MessageException("msg"), new ConsumerException("msg")); try { consumer.beginConsumption(new MockHttpServletRequest(), "", "", ""); fail("OpenIDConsumerException was not thrown"); } catch (OpenIDConsumerException expected) { } try { consumer.beginConsumption(new MockHttpServletRequest(), "", "", ""); fail("OpenIDConsumerException was not thrown"); } catch (OpenIDConsumerException expected) { } }
@Test public void verificationExceptionsRaiseOpenIDException() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory());
/** * Gets the {@link OpenIDConsumer} that was configured or defaults to an * {@link OpenID4JavaConsumer}. * @return the {@link OpenIDConsumer} to use * @throws ConsumerException */ private OpenIDConsumer getConsumer() throws ConsumerException { if (this.openIDConsumer == null) { this.openIDConsumer = new OpenID4JavaConsumer(getConsumerManager(), attributesToFetchFactory()); } return this.openIDConsumer; }
/** * Gets the {@link OpenIDConsumer} that was configured or defaults to an {@link OpenID4JavaConsumer}. * @return the {@link OpenIDConsumer} to use * @throws ConsumerException */ private OpenIDConsumer getConsumer() throws ConsumerException { if(openIDConsumer == null) { openIDConsumer = new OpenID4JavaConsumer(getConsumerManager(), attributesToFetchFactory()); } return openIDConsumer; }
/** * Gets the {@link OpenIDConsumer} that was configured or defaults to an * {@link OpenID4JavaConsumer}. * @return the {@link OpenIDConsumer} to use * @throws ConsumerException */ private OpenIDConsumer getConsumer() throws ConsumerException { if (this.openIDConsumer == null) { this.openIDConsumer = new OpenID4JavaConsumer(getConsumerManager(), attributesToFetchFactory()); } return this.openIDConsumer; }
@Override public void afterPropertiesSet() { super.afterPropertiesSet(); if (consumer == null) { try { consumer = new OpenID4JavaConsumer(); } catch (ConsumerException e) { throw new IllegalArgumentException("Failed to initialize OpenID", e); } } if (returnToUrlParameters.isEmpty() && getRememberMeServices() instanceof AbstractRememberMeServices) { returnToUrlParameters = new HashSet<>(); returnToUrlParameters .add(((AbstractRememberMeServices) getRememberMeServices()) .getParameter()); } }
/** * @return filter */ @Provides public OpenIDAuthFilter getOpenIDFilter() { if (openidFilter == null) { openidFilter = new OpenIDAuthFilter("/" + OpenIDAuthFilter.OPENID_ACTION); try { openidFilter.setConsumer(new OpenID4JavaConsumer(new SimpleAxFetchListFactory())); } catch (ConsumerException ex) { LoggerFactory.getLogger(SecurityModule.class).error(null, ex); } openidFilter.setReturnToUrlParameters(Collections.singleton(Config.getConfigParam("security.returnto", "/"))); openidFilter.setAuthenticationSuccessHandler(getSuccessHandler()); openidFilter.setAuthenticationFailureHandler(getFailureHandler()); openidFilter.setRememberMeServices(getRemembeMeServices()); } return openidFilter; }
/** * @return filter */ @Provides public OpenIDAuthFilter getOpenIDFilter() { if (openidFilter == null) { openidFilter = new OpenIDAuthFilter("/" + OpenIDAuthFilter.OPENID_ACTION); try { openidFilter.setConsumer(new OpenID4JavaConsumer(new SimpleAxFetchListFactory())); } catch (ConsumerException ex) { LoggerFactory.getLogger(SecurityModule.class).error(null, ex); } openidFilter.setReturnToUrlParameters(Collections.singleton(Config.getConfigParam("security.returnto", "/"))); openidFilter.setAuthenticationSuccessHandler(getSuccessHandler()); openidFilter.setAuthenticationFailureHandler(getFailureHandler()); openidFilter.setRememberMeServices(getRemembeMeServices()); } return openidFilter; }
openidFilter.setConsumer(new OpenID4JavaConsumer(new SimpleAxFetchListFactory())); openidFilter.setReturnToUrlParameters(Collections.singleton(confMap.get("security.returnto"))); openidFilter.setAuthenticationSuccessHandler(successHandler);