From 5907e5baa5ac143043bb11ccb7cc3cc8e2e994d3 Mon Sep 17 00:00:00 2001 From: "Diaz, Sebastien" Date: Tue, 8 Sep 2015 17:30:01 +0200 Subject: [PATCH 1/5] Add request abd response for OpenIdConnectAuthorization --- .idea/libraries/Maven__junit_junit_4_11.xml | 13 + .../Maven__org_hamcrest_hamcrest_core_1_3.xml | 13 + .../as/issuer/MD5Generator.java | 2 +- .../as/issuer/OAuthIssuer.java | 2 +- .../as/issuer/OAuthIssuerImpl.java | 2 +- .../as/issuer/UUIDValueGenerator.java | 2 +- .../as/issuer/ValueGenerator.java | 2 +- .../as/request/AbstractOAuthTokenRequest.java | 2 +- .../as/request/OAuthAuthzRequest.java | 6 +- .../as/request/OAuthRequest.java | 2 +- .../as/request/OAuthTokenRequest.java | 10 +- .../OAuthUnauthenticatedTokenRequest.java | 9 +- .../as/response/OAuthASResponse.java | 2 +- .../as/validator/AssertionValidator.java | 2 +- .../validator/AuthorizationCodeValidator.java | 2 +- .../validator/ClientCredentialValidator.java | 2 +- .../as/validator/CodeTokenValidator.java | 2 +- .../as/validator/CodeValidator.java | 2 +- .../as/validator/PasswordValidator.java | 2 +- .../as/validator/RefreshTokenValidator.java | 2 +- .../as/validator/TokenValidator.java | 2 +- ...thenticatedAuthorizationCodeValidator.java | 2 +- .../UnauthenticatedPasswordValidator.java | 2 +- .../UnauthenticatedRefreshTokenValidator.java | 2 +- .../openidconnect/as/MD5GeneratorTest.java | 52 ++ .../openidconnect/as/OAuthIssuerImplTest.java | 53 ++ .../openidconnect/as/OAuthRequestTest.java | 597 ++++++++++++++++++ .../as/OAuthUnauthenticatedRequestTest.java | 338 ++++++++++ .../as/OauthMockRequestBuilder.java | 122 ++++ .../as/UUIDValueGeneratorTest.java | 41 ++ .../as/response/OAuthASResponseTest.java | 179 ++++++ .../as/validator/TokenValidatorTest.java | 101 +++ oauth-2.0/common/pom.xml | 1 + .../common/message/types/ResponseType.java | 3 +- .../validators/OAuthValidatorMixer.java | 71 +++ ....apache.oltu.openidconnect.authzserver.iml | 66 ++ openid-connect/authzserver/pom.xml | 94 +++ .../src/main/assembly/LICENSE-with-deps | 234 +++++++ .../src/main/assembly/NOTICE-with-deps | 5 + .../authzserver/src/main/assembly/bin.xml | 51 ++ .../as/request/OpenIdConnectAuthzRequest.java | 110 ++++ .../as/response/OpenIdConnectASResponse.java | 122 ++++ .../openidconnect/common/OpenIdConnect.java | 14 + .../common/token/OpenIdConnectToken.java | 18 + .../oltu/oauth2/as/MD5GeneratorTest.java | 0 .../oltu/oauth2/as/OAuthIssuerImplTest.java | 0 .../oltu/oauth2/as/OAuthRequestTest.java | 0 .../as/OAuthUnauthenticatedRequestTest.java | 0 .../oauth2/as/OauthMockRequestBuilder.java | 0 .../oauth2/as/UUIDValueGeneratorTest.java | 0 .../as/response/OAuthASResponseTest.java | 0 .../as/validator/TokenValidatorTest.java | 0 openid-connect/common/pom.xml | 1 + openid-connect/pom.xml | 30 + parent/pom.xml | 2 +- 55 files changed, 2360 insertions(+), 34 deletions(-) create mode 100644 .idea/libraries/Maven__junit_junit_4_11.xml create mode 100644 .idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/issuer/MD5Generator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/issuer/OAuthIssuer.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/issuer/OAuthIssuerImpl.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/issuer/UUIDValueGenerator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/issuer/ValueGenerator.java (95%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/request/AbstractOAuthTokenRequest.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/request/OAuthAuthzRequest.java (93%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/request/OAuthRequest.java (98%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/request/OAuthTokenRequest.java (88%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/request/OAuthUnauthenticatedTokenRequest.java (87%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/response/OAuthASResponse.java (98%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/AssertionValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/AuthorizationCodeValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/ClientCredentialValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/CodeTokenValidator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/CodeValidator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/PasswordValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/RefreshTokenValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/TokenValidator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/UnauthenticatedAuthorizationCodeValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/UnauthenticatedPasswordValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{oauth2 => openidconnect}/as/validator/UnauthenticatedRefreshTokenValidator.java (96%) create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/MD5GeneratorTest.java create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthIssuerImplTest.java create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthRequestTest.java create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthUnauthenticatedRequestTest.java create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OauthMockRequestBuilder.java create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/UUIDValueGeneratorTest.java create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/response/OAuthASResponseTest.java create mode 100644 oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/validator/TokenValidatorTest.java create mode 100644 oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/validators/OAuthValidatorMixer.java create mode 100644 openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml create mode 100644 openid-connect/authzserver/pom.xml create mode 100644 openid-connect/authzserver/src/main/assembly/LICENSE-with-deps create mode 100644 openid-connect/authzserver/src/main/assembly/NOTICE-with-deps create mode 100644 openid-connect/authzserver/src/main/assembly/bin.xml create mode 100644 openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java create mode 100644 openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OpenIdConnectASResponse.java create mode 100644 openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/OpenIdConnect.java create mode 100644 openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/token/OpenIdConnectToken.java rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java (100%) rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java (100%) rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java (100%) rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java (100%) rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java (100%) rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java (100%) rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java (100%) rename {oauth-2.0 => openid-connect}/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java (100%) diff --git a/.idea/libraries/Maven__junit_junit_4_11.xml b/.idea/libraries/Maven__junit_junit_4_11.xml new file mode 100644 index 00000000..f33320d8 --- /dev/null +++ b/.idea/libraries/Maven__junit_junit_4_11.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/.idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml b/.idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml new file mode 100644 index 00000000..f58bbc11 --- /dev/null +++ b/.idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/MD5Generator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/MD5Generator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/MD5Generator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/MD5Generator.java index fe5871f3..172461c9 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/MD5Generator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/MD5Generator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.issuer; +package org.apache.oltu.openidconnect.as.issuer; import java.security.MessageDigest; import java.util.UUID; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuer.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuer.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuer.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuer.java index d4b0d018..2bfdec1f 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuer.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuer.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.issuer; +package org.apache.oltu.openidconnect.as.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuerImpl.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuerImpl.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuerImpl.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuerImpl.java index 7ee95460..b16625ce 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuerImpl.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuerImpl.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.issuer; +package org.apache.oltu.openidconnect.as.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/UUIDValueGenerator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/UUIDValueGenerator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/UUIDValueGenerator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/UUIDValueGenerator.java index 1fcdf1f0..b6376697 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/UUIDValueGenerator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/UUIDValueGenerator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.issuer; +package org.apache.oltu.openidconnect.as.issuer; import java.util.UUID; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/ValueGenerator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/ValueGenerator.java similarity index 95% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/ValueGenerator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/ValueGenerator.java index 24a84058..d98df816 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/ValueGenerator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/ValueGenerator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.issuer; +package org.apache.oltu.openidconnect.as.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/AbstractOAuthTokenRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/AbstractOAuthTokenRequest.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/AbstractOAuthTokenRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/AbstractOAuthTokenRequest.java index 20c47531..5834aac4 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/AbstractOAuthTokenRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/AbstractOAuthTokenRequest.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.request; +package org.apache.oltu.openidconnect.as.request; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthAuthzRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthAuthzRequest.java similarity index 93% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthAuthzRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthAuthzRequest.java index b9883db6..22125eb9 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthAuthzRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthAuthzRequest.java @@ -19,12 +19,12 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.request; +package org.apache.oltu.openidconnect.as.request; import javax.servlet.http.HttpServletRequest; -import org.apache.oltu.oauth2.as.validator.CodeValidator; -import org.apache.oltu.oauth2.as.validator.TokenValidator; +import org.apache.oltu.openidconnect.as.validator.CodeValidator; +import org.apache.oltu.openidconnect.as.validator.TokenValidator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthRequest.java similarity index 98% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthRequest.java index 8898a568..a9accdb2 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthRequest.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.request; +package org.apache.oltu.openidconnect.as.request; import java.util.HashMap; import java.util.Map; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthTokenRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthTokenRequest.java similarity index 88% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthTokenRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthTokenRequest.java index 4c811506..f55f50ce 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthTokenRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthTokenRequest.java @@ -19,14 +19,14 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.request; +package org.apache.oltu.openidconnect.as.request; import javax.servlet.http.HttpServletRequest; -import org.apache.oltu.oauth2.as.validator.AuthorizationCodeValidator; -import org.apache.oltu.oauth2.as.validator.ClientCredentialValidator; -import org.apache.oltu.oauth2.as.validator.PasswordValidator; -import org.apache.oltu.oauth2.as.validator.RefreshTokenValidator; +import org.apache.oltu.openidconnect.as.validator.AuthorizationCodeValidator; +import org.apache.oltu.openidconnect.as.validator.ClientCredentialValidator; +import org.apache.oltu.openidconnect.as.validator.PasswordValidator; +import org.apache.oltu.openidconnect.as.validator.RefreshTokenValidator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthUnauthenticatedTokenRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthUnauthenticatedTokenRequest.java similarity index 87% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthUnauthenticatedTokenRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthUnauthenticatedTokenRequest.java index 0e70af85..d79f3179 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthUnauthenticatedTokenRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthUnauthenticatedTokenRequest.java @@ -15,14 +15,13 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.request; +package org.apache.oltu.openidconnect.as.request; import javax.servlet.http.HttpServletRequest; -import org.apache.oltu.oauth2.as.validator.PasswordValidator; -import org.apache.oltu.oauth2.as.validator.UnauthenticatedAuthorizationCodeValidator; -import org.apache.oltu.oauth2.as.validator.UnauthenticatedPasswordValidator; -import org.apache.oltu.oauth2.as.validator.UnauthenticatedRefreshTokenValidator; +import org.apache.oltu.openidconnect.as.validator.UnauthenticatedAuthorizationCodeValidator; +import org.apache.oltu.openidconnect.as.validator.UnauthenticatedPasswordValidator; +import org.apache.oltu.openidconnect.as.validator.UnauthenticatedRefreshTokenValidator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/response/OAuthASResponse.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OAuthASResponse.java similarity index 98% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/response/OAuthASResponse.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OAuthASResponse.java index 6a6c5899..9c6eef91 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/response/OAuthASResponse.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OAuthASResponse.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.response; +package org.apache.oltu.openidconnect.as.response; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AssertionValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AssertionValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AssertionValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AssertionValidator.java index 82d74df3..5226186f 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AssertionValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AssertionValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import org.apache.oltu.oauth2.common.OAuth; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AuthorizationCodeValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AuthorizationCodeValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AuthorizationCodeValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AuthorizationCodeValidator.java index c6727671..1acdf48c 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AuthorizationCodeValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AuthorizationCodeValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/ClientCredentialValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/ClientCredentialValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/ClientCredentialValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/ClientCredentialValidator.java index 20b5f8c7..f8cd3a8a 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/ClientCredentialValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/ClientCredentialValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeTokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeTokenValidator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeTokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeTokenValidator.java index 5938c3e6..70ad0e62 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeTokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeTokenValidator.java @@ -20,7 +20,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeValidator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeValidator.java index b2931899..5b1ad4b2 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/PasswordValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/PasswordValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/PasswordValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/PasswordValidator.java index e4e36f37..943b2cda 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/PasswordValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/PasswordValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/RefreshTokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/RefreshTokenValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/RefreshTokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/RefreshTokenValidator.java index a9ba1dfc..2e0aa692 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/RefreshTokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/RefreshTokenValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/TokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/TokenValidator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/TokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/TokenValidator.java index feea7b46..f205a1f3 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/TokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/TokenValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedAuthorizationCodeValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedAuthorizationCodeValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedAuthorizationCodeValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedAuthorizationCodeValidator.java index 6882972b..98b242eb 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedAuthorizationCodeValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedAuthorizationCodeValidator.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.validators.AbstractValidator; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedPasswordValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedPasswordValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedPasswordValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedPasswordValidator.java index d8017366..b0e83d36 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedPasswordValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedPasswordValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedRefreshTokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedRefreshTokenValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedRefreshTokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedRefreshTokenValidator.java index ceb65818..dc031a8a 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedRefreshTokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedRefreshTokenValidator.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.as.validator; +package org.apache.oltu.openidconnect.as.validator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.validators.AbstractValidator; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/MD5GeneratorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/MD5GeneratorTest.java new file mode 100644 index 00000000..c16ab308 --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/MD5GeneratorTest.java @@ -0,0 +1,52 @@ +/** + * Copyright 2010 Newcastle University + * + * http://research.ncl.ac.uk/smart/ + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as; + +import junit.framework.Assert; + +import org.apache.oltu.openidconnect.as.issuer.MD5Generator; +import org.apache.oltu.openidconnect.as.issuer.ValueGenerator; +import org.apache.oltu.oauth2.common.exception.OAuthSystemException; +import org.junit.Test; + + +/** + * + * + * + */ +public class MD5GeneratorTest extends Assert { + @Test + public void testGenerateValue() throws Exception { + ValueGenerator g = new MD5Generator(); + Assert.assertNotNull(g.generateValue()); + + Assert.assertNotNull(g.generateValue("test")); + + try { + g.generateValue(null); + fail("Exception not thrown"); + } catch (OAuthSystemException e) { + //ok + } + } +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthIssuerImplTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthIssuerImplTest.java new file mode 100644 index 00000000..d8fce74b --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthIssuerImplTest.java @@ -0,0 +1,53 @@ +/** + * Copyright 2010 Newcastle University + * + * http://research.ncl.ac.uk/smart/ + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as; + +import junit.framework.Assert; + +import org.apache.oltu.openidconnect.as.issuer.OAuthIssuerImpl; +import org.junit.Test; +import org.apache.oltu.openidconnect.as.issuer.MD5Generator; +import org.apache.oltu.openidconnect.as.issuer.OAuthIssuer; + +/** + * + * + * + */ +public class OAuthIssuerImplTest { + private OAuthIssuer issuer = new OAuthIssuerImpl(new MD5Generator()); + + @Test + public void testAccessToken() throws Exception { + Assert.assertNotNull(issuer.accessToken()); + } + + @Test + public void testRefreshToken() throws Exception { + Assert.assertNotNull(issuer.refreshToken()); + } + + @Test + public void testAuthorizationCode() throws Exception { + Assert.assertNotNull(issuer.authorizationCode()); + } +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthRequestTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthRequestTest.java new file mode 100644 index 00000000..55ebbe93 --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthRequestTest.java @@ -0,0 +1,597 @@ +/** + * Copyright 2010 Newcastle University + * + * http://research.ncl.ac.uk/smart/ + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as; + +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; + +import junit.framework.Assert; +import org.apache.commons.codec.binary.Base64; +import org.apache.oltu.openidconnect.as.request.OAuthAuthzRequest; +import org.apache.oltu.openidconnect.as.request.OAuthRequest; +import org.apache.oltu.openidconnect.as.request.OAuthTokenRequest; +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.error.OAuthError; +import org.apache.oltu.oauth2.common.exception.OAuthProblemException; +import org.apache.oltu.oauth2.common.exception.OAuthSystemException; +import org.apache.oltu.oauth2.common.message.types.GrantType; +import org.apache.oltu.oauth2.common.message.types.ResponseType; +import org.apache.oltu.oauth2.common.utils.OAuthUtils; +import org.junit.Test; + +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.fail; + + +/** + * + * + * + */ +public class OAuthRequestTest { + public static final String REDIRECT_URI = "http://www.example.com/callback"; + public static final String CLIENT_ID = "test_client"; + public static final String ACCESS_GRANT = "test_code"; + public static final String SECRET = "secret"; + public static final String USERNAME = "test_username"; + public static final String PASSWORD = "test_password"; + public static final String REFRESH_TOKEN = "refresh_token"; + + @Test + public void testWrongResponseGetRequestParam() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectOauthResponseType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectParam("param", "someparam") + .build(); + + replay(request); + + assertInvalidOAuthRequest(request); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectOauthResponseType(null) + .expectRedirectUri(REDIRECT_URI) + .expectParam("param", "someparam") + .build(); + replay(request); + + assertInvalidOAuthRequest(request); + verify(request); + } + + private void assertInvalidOAuthRequest(HttpServletRequest request) throws OAuthSystemException { + try { + new OAuthAuthzRequest(request); + fail("Exception expected"); + } catch (OAuthProblemException e) { + assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError()); + } + } + + @Test + public void testCodeRequestInvalidMethod() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectHttpMethod(OAuth.HttpMethod.PUT) + .expectOauthResponseType(ResponseType.CODE.toString()) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .build(); + + replay(request); + + assertInvalidOAuthRequest(request); + verify(request); + } + + + @Test + public void testCodeRequestMissingParameter() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectHttpMethod(OAuth.HttpMethod.GET) + .expectOauthResponseType(ResponseType.CODE.toString()) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(null) + .build(); + + replay(request); + + assertInvalidOAuthRequest(request); + verify(request); + } + + @Test + public void testValidCodeRequest() throws Exception { + assertValidCodeRequest(OAuth.HttpMethod.GET); + + assertValidCodeRequest(OAuth.HttpMethod.POST); + } + + private void assertValidCodeRequest(String httpMethod) throws OAuthSystemException { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectHttpMethod(httpMethod) + .expectOauthResponseType(ResponseType.CODE.toString()) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .build(); + + replay(request); + + try { + new OAuthAuthzRequest(request); + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + + verify(request); + } + + @Test + public void testTokenWrongGrantType() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectGrantType(OAuth.ContentType.URL_ENCODED) + .expectParam("param", "someparam") + .build(); + + replay(request); + assertInvalidTokenRequest(request); + + request = new OauthMockRequestBuilder() + .expectRedirectUri(REDIRECT_URI) + .expectGrantType(null) + .expectParam("param", "someparam") + .build(); + + replay(request); + assertInvalidTokenRequest(request); + } + + private void assertInvalidTokenRequest(HttpServletRequest request) throws OAuthSystemException { + try { + new OAuthTokenRequest(request); + fail("Exception expected"); + } catch (OAuthProblemException e) { + assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError()); + } + + verify(request); + } + + @Test + public void testTokenRequestInvalidMethod() throws Exception { + HttpServletRequest request = mockTokenRequestInvalidMethod(GrantType.AUTHORIZATION_CODE.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidMethod(GrantType.PASSWORD.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidMethod(GrantType.REFRESH_TOKEN.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidMethod(null); + assertInvalidTokenRequest(request); + } + + private HttpServletRequest mockTokenRequestInvalidMethod(String grantType) { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectHttpMethod(OAuth.HttpMethod.GET) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectGrantType(grantType) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .build(); + replay(request); + + return request; + } + + @Test + public void testTokenRequestInvalidContentType() throws Exception { + HttpServletRequest request = mockTokenRequestInvalidContentType(GrantType.AUTHORIZATION_CODE.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidContentType(GrantType.PASSWORD.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidContentType(GrantType.REFRESH_TOKEN.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidContentType(null); + assertInvalidTokenRequest(request); + } + + private HttpServletRequest mockTokenRequestInvalidContentType(String grantType) { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(grantType) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.JSON) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .build(); + + replay(request); + return request; + } + + @Test + public void testTokenAuthCodeRequestMissingParameter() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectBasicAuthHeader(null) + .expectGrantType(OAuth.OAUTH_GRANT_TYPE) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(null) + .expectClientSecret(SECRET) + .expectAccessGrant(ACCESS_GRANT) + .build(); + + replay(request); + assertInvalidTokenRequest(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectBasicAuthHeader(null) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectClientSecret(SECRET) + .expectRedirectUri(null) + .expectAccessGrant(null) + .build(); + + replay(request); + assertInvalidTokenRequest(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectBasicAuthHeader(null) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectClientSecret(SECRET) + .expectAccessGrant(null) + .build(); + + replay(request); + assertInvalidTokenRequest(request); + } + + @Test + public void testTokenAuthCodeRequestWithBasicAuthenticationMissingParameter() throws Exception { + HttpServletRequest request = mockOAuthTokenRequestBasicAuth(CLIENT_ID, null); + assertInvalidTokenRequest(request); + + request = mockOAuthTokenRequestBasicAuth(null, SECRET); + assertInvalidTokenRequest(request); + + + // Don't allow to mix basic auth header and body params. + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectClientSecret(null) + .expectRedirectUri(REDIRECT_URI) + .expectAccessGrant(ACCESS_GRANT) + .expectBasicAuthHeader(createBasicAuthHeader(null, SECRET)) + .build(); + + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + } + + private HttpServletRequest mockOAuthTokenRequestBasicAuth(String clientId, String clientSecret) { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(null) + .expectClientSecret(null) + .expectRedirectUri(REDIRECT_URI) + .expectAccessGrant(ACCESS_GRANT) + .expectBasicAuthHeader(createBasicAuthHeader(clientId, clientSecret)) + .build(); + + replay(request); + return request; + } + + private String createBasicAuthHeader(String clientId, String clientSecret) { + clientSecret = OAuthUtils.isEmpty(clientSecret) ? "" : clientSecret; + clientId = OAuthUtils.isEmpty(clientId) ? "" : clientId; + final String authString = clientId + ":" + clientSecret; + return "basic " + Base64.encodeBase64String(authString.getBytes()); + } + + @Test + public void testTokenPasswordRequestMissingParameter() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectClientSecret(SECRET) + .expectBasicAuthHeader(createBasicAuthHeader(null, SECRET)) + .expectOauthUsername(null) + .expectOauthPassword(SECRET) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectBasicAuthHeader(createBasicAuthHeader(null, SECRET)) + .expectOauthUsername(USERNAME) + .expectOauthPassword("") + .build(); + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(null) + .expectClientSecret("") + .expectBasicAuthHeader(null) + .expectOauthUsername(USERNAME) + .expectOauthPassword(PASSWORD) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + } + + @Test + public void testRefreshTokenRequestMissingParameter() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectClientSecret(SECRET) + .expectBasicAuthHeader(null) + .expectOauthRefreshToken(null) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId("") + .expectClientSecret(SECRET) + .expectBasicAuthHeader(null) + .expectOauthRefreshToken(REFRESH_TOKEN) + .build(); + + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(null) + .expectClientSecret(SECRET) + .expectBasicAuthHeader(SECRET) + .expectOauthRefreshToken(null) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + } + + @Test + public void testValidTokenRequest() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectClientSecret(SECRET) + .expectBasicAuthHeader(null) + .expectAccessGrant(ACCESS_GRANT) + .expectRedirectUri(REDIRECT_URI) + .build(); + replay(request); + + OAuthTokenRequest req = null; + try { + req = new OAuthTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + assertEquals(GrantType.AUTHORIZATION_CODE.toString(), req.getGrantType()); + assertEquals(CLIENT_ID, req.getClientId()); + assertEquals(REDIRECT_URI, req.getRedirectURI()); + assertEquals(ACCESS_GRANT, req.getCode()); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectClientSecret(SECRET) + .expectBasicAuthHeader(null) + .expectOauthUsername(USERNAME) + .expectOauthPassword(PASSWORD) + .build(); + replay(request); + + try { + req = new OAuthTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + assertEquals(CLIENT_ID, req.getClientId()); + assertEquals(USERNAME, req.getUsername()); + assertEquals(PASSWORD, req.getPassword()); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.CLIENT_CREDENTIALS.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectBasicAuthHeader(createBasicAuthHeader(CLIENT_ID, SECRET)) + .build(); + replay(request); + + try { + req = new OAuthTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectClientSecret(SECRET) + .expectBasicAuthHeader(null) + .expectOauthRefreshToken(REFRESH_TOKEN) + .build(); + replay(request); + + try { + req = new OAuthTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + assertEquals(CLIENT_ID, req.getClientId()); + assertEquals(REFRESH_TOKEN, req.getRefreshToken()); + assertEquals(SECRET, req.getClientSecret()); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId("") + .expectClientSecret("") + .expectBasicAuthHeader(createBasicAuthHeader(CLIENT_ID, SECRET)) + .expectOauthRefreshToken(REFRESH_TOKEN) + .build(); + replay(request); + + try { + req = new OAuthTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + assertEquals(CLIENT_ID, req.getClientId()); + assertEquals(REFRESH_TOKEN, req.getRefreshToken()); + assertEquals(SECRET, req.getClientSecret()); + + verify(request); + } + + + @Test + public void testScopes() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectOauthResponseType(ResponseType.CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.GET) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectRedirectUri(REDIRECT_URI) + .expectScopes("album photo") + .build(); + replay(request); + + OAuthRequest req = null; + try { + req = new OAuthAuthzRequest(request); + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + + Set scopes = req.getScopes(); + + Assert.assertTrue(findScope(scopes, "album")); + Assert.assertTrue(findScope(scopes, "photo")); + + verify(request); + } + + private boolean findScope(Set scopes, String scope) { + for (String s : scopes) { + if (s.equals(scope)) { + return true; + } + } + return false; + } +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthUnauthenticatedRequestTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthUnauthenticatedRequestTest.java new file mode 100644 index 00000000..5211d05f --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthUnauthenticatedRequestTest.java @@ -0,0 +1,338 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.oltu.openidconnect.as.request.OAuthUnauthenticatedTokenRequest; +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.error.OAuthError; +import org.apache.oltu.oauth2.common.exception.OAuthProblemException; +import org.apache.oltu.oauth2.common.exception.OAuthSystemException; +import org.apache.oltu.oauth2.common.message.types.GrantType; +import org.junit.Test; + +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.fail; + +public class OAuthUnauthenticatedRequestTest { + public static final String REDIRECT_URI = "http://www.example.com/callback"; + public static final String CLIENT_ID = "test_client"; + public static final String ACCESS_GRANT = "test_code"; + public static final String USERNAME = "test_username"; + public static final String PASSWORD = "test_password"; + public static final String REFRESH_TOKEN = "refresh_token"; + public static final String SECRET = ""; + + @Test + public void testTokenWrongGrantType() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectGrantType(OAuth.ContentType.URL_ENCODED) + .expectParam("param", "someparam") + .build(); + + replay(request); + assertInvalidTokenRequest(request); + + request = new OauthMockRequestBuilder() + .expectRedirectUri(REDIRECT_URI) + .expectGrantType(null) + .expectParam("param", "someparam") + .build(); + + replay(request); + assertInvalidTokenRequest(request); + } + + private void assertInvalidTokenRequest(HttpServletRequest request) throws OAuthSystemException { + try { + new OAuthUnauthenticatedTokenRequest(request); + fail("Exception expected"); + } catch (OAuthProblemException e) { + assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError()); + } + + verify(request); + } + + @Test + public void testTokenRequestInvalidMethod() throws Exception { + HttpServletRequest request = mockTokenRequestInvalidMethod(GrantType.AUTHORIZATION_CODE.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidMethod(GrantType.PASSWORD.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidMethod(GrantType.REFRESH_TOKEN.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidMethod(null); + assertInvalidTokenRequest(request); + } + + private HttpServletRequest mockTokenRequestInvalidMethod(String grantType) { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectHttpMethod(OAuth.HttpMethod.GET) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectGrantType(grantType) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .build(); + replay(request); + + return request; + } + + @Test + public void testTokenRequestInvalidContentType() throws Exception { + HttpServletRequest request = mockTokenRequestInvalidContentType(GrantType.AUTHORIZATION_CODE.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidContentType(GrantType.PASSWORD.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidContentType(GrantType.REFRESH_TOKEN.toString()); + assertInvalidTokenRequest(request); + + request = mockTokenRequestInvalidContentType(null); + assertInvalidTokenRequest(request); + } + + private HttpServletRequest mockTokenRequestInvalidContentType(String grantType) { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(grantType) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.JSON) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .build(); + + replay(request); + return request; + } + + @Test + public void testTokenAuthCodeRequestMissingParameter() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectGrantType(OAuth.OAUTH_GRANT_TYPE) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(null) + .expectAccessGrant(ACCESS_GRANT) + .build(); + + replay(request); + assertInvalidTokenRequest(request); + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectRedirectUri(null) + .expectAccessGrant(null) + .build(); + + replay(request); + + assertInvalidTokenRequest(request); + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectAccessGrant(null) + .build(); + + replay(request); + assertInvalidTokenRequest(request); + verify(request); + } + + @Test + public void testTokenPasswordRequestMissingParameter() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectOauthUsername(null) + .expectOauthPassword(PASSWORD) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectOauthUsername(USERNAME) + .expectOauthPassword("") + .build(); + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(null) + .expectOauthUsername(USERNAME) + .expectOauthPassword(PASSWORD) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + + verify(request); + } + + @Test + public void testRefreshTokenRequestMissingParameter() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(CLIENT_ID) + .expectOauthRefreshToken(null) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId("") + .expectOauthRefreshToken(REFRESH_TOKEN) + .build(); + + replay(request); + + assertInvalidTokenRequest(request); + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectRedirectUri(REDIRECT_URI) + .expectClientId(null) + .expectOauthRefreshToken(null) + .build(); + replay(request); + + assertInvalidTokenRequest(request); + verify(request); + } + + @Test + public void testValidTokenRequest() throws Exception { + HttpServletRequest request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectAccessGrant(ACCESS_GRANT) + .expectRedirectUri(REDIRECT_URI) + .expectBasicAuthHeader(null) + .build(); + replay(request); + + OAuthUnauthenticatedTokenRequest req = null; + try { + req = new OAuthUnauthenticatedTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + assertEquals(GrantType.AUTHORIZATION_CODE.toString(), req.getGrantType()); + assertEquals(CLIENT_ID, req.getClientId()); + assertEquals(REDIRECT_URI, req.getRedirectURI()); + assertEquals(ACCESS_GRANT, req.getCode()); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.PASSWORD.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectBasicAuthHeader(null) + .expectOauthUsername(USERNAME) + .expectOauthPassword(PASSWORD) + .build(); + replay(request); + + try { + req = new OAuthUnauthenticatedTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + assertEquals(CLIENT_ID, req.getClientId()); + assertEquals(USERNAME, req.getUsername()); + assertEquals(PASSWORD, req.getPassword()); + + verify(request); + + request = new OauthMockRequestBuilder() + .expectGrantType(GrantType.REFRESH_TOKEN.toString()) + .expectHttpMethod(OAuth.HttpMethod.POST) + .expectContentType(OAuth.ContentType.URL_ENCODED) + .expectClientId(CLIENT_ID) + .expectOauthRefreshToken(REFRESH_TOKEN) + .expectBasicAuthHeader(null) + .build(); + replay(request); + + try { + req = new OAuthUnauthenticatedTokenRequest(request); + + } catch (OAuthProblemException e) { + fail("Exception not expected"); + } + assertEquals(CLIENT_ID, req.getClientId()); + assertEquals(REFRESH_TOKEN, req.getRefreshToken()); + + verify(request); + } +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OauthMockRequestBuilder.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OauthMockRequestBuilder.java new file mode 100644 index 00000000..a7e476c9 --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OauthMockRequestBuilder.java @@ -0,0 +1,122 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.oltu.oauth2.common.OAuth; + +import static org.easymock.EasyMock.createMock; +import static org.easymock.EasyMock.expect; + +public class OauthMockRequestBuilder { + + private HttpServletRequest request; + + public OauthMockRequestBuilder() { + request = createMock(HttpServletRequest.class); + } + + public OauthMockRequestBuilder expectOauthResponseType(String oauthResponseType) { + expect(request.getParameter(OAuth.OAUTH_RESPONSE_TYPE)).andStubReturn(oauthResponseType); + + return this; + } + + public OauthMockRequestBuilder expectRedirectUri(String redirectUri) { + expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn(redirectUri); + + return this; + } + + public OauthMockRequestBuilder expectParam(String paramName, String paramValue) { + expect(request.getParameter(paramName)).andStubReturn(paramValue); + + return this; + } + + public HttpServletRequest build() { + return request; + } + + public OauthMockRequestBuilder expectContentType(String contentType) { + expect(request.getContentType()).andStubReturn(contentType); + + return this; + } + + public OauthMockRequestBuilder expectHttpMethod(String method) { + expect(request.getMethod()).andStubReturn(method); + + return this; + } + + public OauthMockRequestBuilder expectClientId(String clientId) { + expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn(clientId); + + return this; + } + + public OauthMockRequestBuilder expectClientSecret(String secret) { + expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn(secret); + + return this; + } + + public OauthMockRequestBuilder expectGrantType(String grantType) { + expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE)).andStubReturn(grantType); + + return this; + } + + public OauthMockRequestBuilder expectBasicAuthHeader(String authorizationHeader) { + expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn(authorizationHeader); + + return this; + } + + public OauthMockRequestBuilder expectAccessGrant(String accessGrant) { + expect(request.getParameter(OAuth.OAUTH_CODE)).andStubReturn(accessGrant); + + return this; + } + + public OauthMockRequestBuilder expectOauthUsername(String oauthUsername) { + expect(request.getParameter(OAuth.OAUTH_USERNAME)).andStubReturn(oauthUsername); + + return this; + } + + public OauthMockRequestBuilder expectOauthPassword(String secret) { + expect(request.getParameter(OAuth.OAUTH_PASSWORD)).andStubReturn(secret); + + return this; + } + + public OauthMockRequestBuilder expectOauthRefreshToken(String refreshToken) { + expect(request.getParameter(OAuth.OAUTH_REFRESH_TOKEN)).andStubReturn(refreshToken); + + return this; + } + + public OauthMockRequestBuilder expectScopes(String scopes) { + expect(request.getParameter(OAuth.OAUTH_SCOPE)).andStubReturn(scopes); + + return this; + } +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/UUIDValueGeneratorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/UUIDValueGeneratorTest.java new file mode 100644 index 00000000..0afba2a6 --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/UUIDValueGeneratorTest.java @@ -0,0 +1,41 @@ +/** + * Copyright 2010 Newcastle University + * + * http://research.ncl.ac.uk/smart/ + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as; + +import org.apache.oltu.openidconnect.as.issuer.UUIDValueGenerator; +import org.junit.Assert; +import org.junit.Test; + +/** + * + * + * + */ +public class UUIDValueGeneratorTest extends Assert { + @Test + public void testGenerateValue() throws Exception { + UUIDValueGenerator uvg = new UUIDValueGenerator(); + Assert.assertNotNull(uvg.generateValue()); + + Assert.assertNotNull(uvg.generateValue("test")); + } +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/response/OAuthASResponseTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/response/OAuthASResponseTest.java new file mode 100644 index 00000000..6ec0bc65 --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/response/OAuthASResponseTest.java @@ -0,0 +1,179 @@ +/** + * Copyright 2010 Newcastle University + * + * http://research.ncl.ac.uk/smart/ + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as.response; + +import static org.easymock.EasyMock.createMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.error.OAuthError; +import org.apache.oltu.oauth2.common.exception.OAuthProblemException; +import org.apache.oltu.oauth2.common.message.OAuthResponse; +import org.junit.Assert; +import org.junit.Test; + +/** + * + * + * + */ +public class OAuthASResponseTest { + + @Test + public void testAuthzResponse() throws Exception { + HttpServletRequest request = createMock(HttpServletRequest.class); + OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200) + .location("http://www.example.com") + .setCode("code") + .setState("ok") + .setParam("testValue", "value2") + .buildQueryMessage(); + + String url = oAuthResponse.getLocationUri(); + + Assert.assertEquals("http://www.example.com?testValue=value2&state=ok&code=code", url); + Assert.assertEquals(200, oAuthResponse.getResponseStatus()); + + } + + @Test + public void testAuthzResponseWithState() throws Exception { + HttpServletRequest request = createMock(HttpServletRequest.class); + expect(request.getParameter(OAuth.OAUTH_STATE)).andStubReturn("ok"); + replay(request); + OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200) + .location("http://www.example.com") + .setCode("code") + .setParam("testValue", "value2") + .buildQueryMessage(); + + String url = oAuthResponse.getLocationUri(); + + Assert.assertEquals("http://www.example.com?testValue=value2&state=ok&code=code", url); + Assert.assertEquals(200, oAuthResponse.getResponseStatus()); + + } + + @Test + public void testAuthzImplicitResponseWithState() throws Exception { + HttpServletRequest request = createMock(HttpServletRequest.class); + expect(request.getParameter(OAuth.OAUTH_STATE)).andStubReturn("ok"); + replay(request); + OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200) + .location("http://www.example.com") + .setAccessToken("access_111") + .setExpiresIn("400") + .setParam("testValue", "value2") + .buildQueryMessage(); + + String url = oAuthResponse.getLocationUri(); + Assert.assertEquals("http://www.example.com#testValue=value2&state=ok&expires_in=400&access_token=access_111", url); + Assert.assertEquals(200, oAuthResponse.getResponseStatus()); + } + + + @Test + public void testTokenResponse() throws Exception { + + OAuthResponse oAuthResponse = OAuthASResponse.tokenResponse(200).setAccessToken("access_token") + .setExpiresIn("200").setRefreshToken("refresh_token2") + .buildBodyMessage(); + + String body = oAuthResponse.getBody(); + Assert.assertEquals( + "expires_in=200&refresh_token=refresh_token2&access_token=access_token", + body); + + } + + @Test + public void testTokenResponseAdditionalParam() throws Exception { + + OAuthResponse oAuthResponse = OAuthASResponse.tokenResponse(200).setAccessToken("access_token") + .setExpiresIn("200").setRefreshToken("refresh_token2").setParam("some_param", "new_param") + .buildBodyMessage(); + + String body = oAuthResponse.getBody(); + Assert.assertEquals( + "some_param=new_param&expires_in=200&refresh_token=refresh_token2&access_token=access_token", + body); + + } + + @Test + public void testErrorResponse() throws Exception { + + OAuthProblemException ex = OAuthProblemException + .error(OAuthError.CodeResponse.ACCESS_DENIED, "Access denied") + .setParameter("testparameter", "testparameter_value") + .scope("album") + .uri("http://www.example.com/error"); + + OAuthResponse oAuthResponse = OAuthResponse.errorResponse(400).error(ex).buildJSONMessage(); + + Assert.assertEquals( + "{\"error_uri\":\"http://www.example.com/error\",\"error\":\"access_denied\",\"error_description\":\"Access denied\"}", + oAuthResponse.getBody()); + + + oAuthResponse = OAuthResponse.errorResponse(500) + .location("http://www.example.com/redirect?param2=true").error(ex).buildQueryMessage(); + Assert.assertEquals( + "http://www.example.com/redirect?param2=true&error_uri=http%3A%2F%2Fwww.example.com%2Ferror" + + "&error=access_denied&error_description=Access+denied", + oAuthResponse.getLocationUri()); + } + + @Test + public void testErrorResponse2() throws Exception { + OAuthProblemException ex = OAuthProblemException + .error(OAuthError.CodeResponse.ACCESS_DENIED, "Access denied") + .setParameter("testparameter", "testparameter_value") + .scope("album") + .uri("http://www.example.com/error"); + + OAuthResponse oAuthResponse = OAuthResponse.errorResponse(500) + .location("http://www.example.com/redirect?param2=true").error(ex).buildQueryMessage(); + Assert.assertEquals( + "http://www.example.com/redirect?param2=true&error_uri=http%3A%2F%2Fwww.example.com%2Ferror" + + "&error=access_denied&error_description=Access+denied", + oAuthResponse.getLocationUri()); + } + + @Test + public void testHeaderResponse() throws Exception { + HttpServletRequest request = createMock(HttpServletRequest.class); + OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,400).setCode("oauth_code") + .setState("state_ok") + .buildHeaderMessage(); + + String header = oAuthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE); + Assert.assertEquals("Bearer state=\"state_ok\",code=\"oauth_code\"", header); + + header = oAuthResponse.getHeaders().get(OAuth.HeaderType.WWW_AUTHENTICATE); + Assert.assertEquals("Bearer state=\"state_ok\",code=\"oauth_code\"", header); + } + +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/validator/TokenValidatorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/validator/TokenValidatorTest.java new file mode 100644 index 00000000..cdfd3d74 --- /dev/null +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/validator/TokenValidatorTest.java @@ -0,0 +1,101 @@ +/** + * Copyright 2010 Newcastle University + * + * http://research.ncl.ac.uk/smart/ + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as.validator; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.exception.OAuthProblemException; +import org.junit.Assert; +import org.junit.Test; + +import static org.easymock.EasyMock.createStrictMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.reset; +import static org.easymock.EasyMock.verify; + + +/** + * + * + * + */ +public class TokenValidatorTest { + @Test + public void testValidateMethod() throws Exception { + HttpServletRequest request = createStrictMock(HttpServletRequest.class); + expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET); + + replay(request); + TokenValidator validator = new TokenValidator(); + validator.validateMethod(request); + + verify(request); + + reset(request); + + request = createStrictMock(HttpServletRequest.class); + expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST); + + replay(request); + validator = new TokenValidator(); + validator.validateMethod(request); + + verify(request); + + reset(request); + + request = createStrictMock(HttpServletRequest.class); + expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.DELETE); + + replay(request); + validator = new TokenValidator(); + + try { + validator.validateMethod(request); + Assert.fail("Expected validation exception"); + } catch (OAuthProblemException e) { + //ok, expected + } + + verify(request); + } + + @Test + public void testRequiredParams() throws Exception { + HttpServletRequest request = createStrictMock(HttpServletRequest.class); + + expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET); + expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED); + + expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback"); + expect(request.getParameter(OAuth.OAUTH_RESPONSE_TYPE)).andStubReturn("response_type"); + expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("client_id"); + + replay(request); + + TokenValidator validator = new TokenValidator(); + validator.performAllValidations(request); + verify(request); + } +} diff --git a/oauth-2.0/common/pom.xml b/oauth-2.0/common/pom.xml index 99a7e853..54221e98 100644 --- a/oauth-2.0/common/pom.xml +++ b/oauth-2.0/common/pom.xml @@ -22,6 +22,7 @@ org.apache.oltu.oauth2 org.apache.oltu.oauth2.parent 1.0.1-SNAPSHOT + ../pom.xml org.apache.oltu.oauth2.common diff --git a/oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/message/types/ResponseType.java b/oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/message/types/ResponseType.java index f32d0970..e8922732 100644 --- a/oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/message/types/ResponseType.java +++ b/oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/message/types/ResponseType.java @@ -29,7 +29,8 @@ public enum ResponseType { CODE("code"), - TOKEN("token"); + TOKEN("token"), + ID_TOKEN("id_token"); private String code; diff --git a/oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/validators/OAuthValidatorMixer.java b/oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/validators/OAuthValidatorMixer.java new file mode 100644 index 00000000..95a904ba --- /dev/null +++ b/oauth-2.0/common/src/main/java/org/apache/oltu/oauth2/common/validators/OAuthValidatorMixer.java @@ -0,0 +1,71 @@ +package org.apache.oltu.oauth2.common.validators; + +import java.util.ArrayList; +import java.util.Collection; +import javax.servlet.http.HttpServletRequest; + +import org.apache.oltu.oauth2.common.exception.OAuthProblemException; +import org.apache.oltu.oauth2.common.exception.OAuthSystemException; +import org.apache.oltu.oauth2.common.utils.OAuthUtils; +import org.apache.oltu.oauth2.common.validators.OAuthValidator; + + +public class OAuthValidatorMixer implements OAuthValidator { + + + private final Collection> valids; + + public OAuthValidatorMixer(Collection>> valids) throws OAuthSystemException { + this.valids=transform(valids); + } + + private Collection> transform(Collection>> valids) throws OAuthSystemException { + Collection> newList=new ArrayList>(); + for(Class> classez:valids){ + newList.add(OAuthUtils.instantiateClass(classez)); + } + return newList; + } + + public void validateMethod(HttpServletRequest request) throws OAuthProblemException { + for(OAuthValidator validator:valids){ + validator.validateMethod(request); + } + } + + public void validateContentType(HttpServletRequest request) throws OAuthProblemException { + for(OAuthValidator validator:valids){ + validator.validateContentType(request); + } + } + + public void validateRequiredParameters(HttpServletRequest request) throws OAuthProblemException { + for(OAuthValidator validator:valids){ + validator.validateRequiredParameters(request); + } + } + + public void validateOptionalParameters(HttpServletRequest request) throws OAuthProblemException { + for(OAuthValidator validator:valids){ + validator.validateOptionalParameters(request); + } + } + + public void validateNotAllowedParameters(HttpServletRequest request) throws OAuthProblemException { + for(OAuthValidator validator:valids){ + validator.validateNotAllowedParameters(request); + } + } + + public void validateClientAuthenticationCredentials(HttpServletRequest request) throws OAuthProblemException { + for(OAuthValidator validator:valids){ + validator.validateClientAuthenticationCredentials(request); + } + } + + public void performAllValidations(HttpServletRequest request) throws OAuthProblemException { + for(OAuthValidator validator:valids){ + validator.performAllValidations(request); + } + } +} diff --git a/openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml b/openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml new file mode 100644 index 00000000..22243ae1 --- /dev/null +++ b/openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml @@ -0,0 +1,66 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/openid-connect/authzserver/pom.xml b/openid-connect/authzserver/pom.xml new file mode 100644 index 00000000..050005c6 --- /dev/null +++ b/openid-connect/authzserver/pom.xml @@ -0,0 +1,94 @@ + + + + 4.0.0 + + + org.apache.oltu.openidconnect + org.apache.oltu.openidconnect.parent + 1-SNAPSHOT + + + org.apache.oltu.openidconnect.authzserver + bundle + + Apache Oltu - Open IdConnect - Authorization Server + + + + org.apache.oltu.oauth2 + org.apache.oltu.oauth2.common + 1.0.1-SNAPSHOT + + + + org.json + json + + + + org.apache.cxf + cxf-rt-frontend-jaxrs + ${cxf.version} + test + + + + org.apache.cxf + cxf-testutils + ${cxf.version} + test + + + + + + + ${basedir}../../ + META-INF + + LICENSE + NOTICE + + + + + + + + org.apache.maven.plugins + maven-assembly-plugin + + + release-assembly + package + + single + + + + ${basedir}/src/main/assembly/bin.xml + + + + + + + + + diff --git a/openid-connect/authzserver/src/main/assembly/LICENSE-with-deps b/openid-connect/authzserver/src/main/assembly/LICENSE-with-deps new file mode 100644 index 00000000..c2622deb --- /dev/null +++ b/openid-connect/authzserver/src/main/assembly/LICENSE-with-deps @@ -0,0 +1,234 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + +Copyright [yyyy] [name of copyright owner] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +APACHE AMBER OAUTH 2.0 CLIENT DEPENDENCIES: + +The Apache Amber OAuth2.0 client distribution packages include a number of dependencies with +separate copyright notices and license terms. Your use of the binaries for these +dependencies is subject to the terms and conditions of the following licenses. + +For the SLF4J component (http://www.slf4j.org/) +This is licensed under the MIT license +Copyright (c) 2004-2011 QOS.ch + All rights reserved. + + Permission is hereby granted, free of charge, to any person obtaining + a copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +For the Jettison component (http://jettison.codehaus.org/) +This is licensed under the The Apache Software License, Version 2.0, see above diff --git a/openid-connect/authzserver/src/main/assembly/NOTICE-with-deps b/openid-connect/authzserver/src/main/assembly/NOTICE-with-deps new file mode 100644 index 00000000..c64ced11 --- /dev/null +++ b/openid-connect/authzserver/src/main/assembly/NOTICE-with-deps @@ -0,0 +1,5 @@ +Apache Amber +Copyright 2010-2012 The Apache Software Foundation + +This product includes software developed by +The Apache Software Foundation (http://www.apache.org/). diff --git a/openid-connect/authzserver/src/main/assembly/bin.xml b/openid-connect/authzserver/src/main/assembly/bin.xml new file mode 100644 index 00000000..b38bf6c1 --- /dev/null +++ b/openid-connect/authzserver/src/main/assembly/bin.xml @@ -0,0 +1,51 @@ + + + + + bin + + tar.gz + zip + + true + ${project.build.finalName} + + + + ${basedir}/src/main/assembly/LICENSE-with-deps + LICENSE + / + 666 + + + ${basedir}/src/main/assembly/NOTICE-with-deps + NOTICE + / + 666 + + + + + + true + /lib + + + + diff --git a/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java new file mode 100644 index 00000000..2f772756 --- /dev/null +++ b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java @@ -0,0 +1,110 @@ +/** + * Copyright 2010 Newcastle University + * + * http://research.ncl.ac.uk/smart/ + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.oltu.openidconnect.as.request; + +import java.util.ArrayList; +import java.util.Collection; +import javax.servlet.http.HttpServletRequest; + +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.exception.OAuthProblemException; +import org.apache.oltu.oauth2.common.exception.OAuthSystemException; +import org.apache.oltu.oauth2.common.message.types.ResponseType; +import org.apache.oltu.oauth2.common.utils.OAuthUtils; +import org.apache.oltu.oauth2.common.validators.OAuthValidator; +import org.apache.oltu.oauth2.common.validators.OAuthValidatorMixer; +import org.apache.oltu.openidconnect.as.validator.CodeValidator; +import org.apache.oltu.openidconnect.as.validator.TokenValidator; +import org.apache.oltu.openidconnect.common.OpenIdConnect; + +/** + * + * + * + */ +public class OpenIdConnectAuthzRequest extends OAuthRequest { + + public OpenIdConnectAuthzRequest(HttpServletRequest request) throws OAuthSystemException, OAuthProblemException { + super(request); + } + + @Override + protected OAuthValidator initValidator() throws OAuthProblemException, OAuthSystemException { + //end user authorization validators + validators.put(ResponseType.CODE.toString(), CodeValidator.class); + validators.put(ResponseType.TOKEN.toString(), TokenValidator.class); + validators.put(ResponseType.ID_TOKEN.toString(), TokenValidator.class); + final String requestTypeValue = getParam(OAuth.OAUTH_RESPONSE_TYPE); + final String[]splitedRequestTypeValue=requestTypeValue.split(" "); + + if (OAuthUtils.isEmpty(requestTypeValue)||splitedRequestTypeValue.length==0) { + throw OAuthUtils.handleOAuthProblemException("Missing response_type parameter value"); + } + Collection>> valids=new ArrayList>>(); + for(int i=0;i> clazz = validators.get(splitedRequestTypeValue[i]); + if (clazz == null) { + throw OAuthUtils.handleOAuthProblemException("Invalid response_type parameter value"); + } + valids.add(clazz); + } + return merge(valids); + + } + + /** + * Mix validator in one + * @param valids + * @return + */ + private OAuthValidator merge(Collection>> valids) throws OAuthSystemException { + return new OAuthValidatorMixer(valids); + } + + public String getState() { + return getParam(OAuth.OAUTH_STATE); + } + + public String[] getResponseType() { + return getParam(OAuth.OAUTH_RESPONSE_TYPE).split(" "); + } + + public String getNonce() { + return getParam(OpenIdConnect.OPENIDCONNECT_NONE); + } + public String getDisplay() { + return getParam(OpenIdConnect.OPENIDCONNECT_DISPLAY); + } + public String getPrompt() { + return getParam(OpenIdConnect.OPENIDCONNECT_PROMPT); + } + public String getMacAge() { + return getParam(OpenIdConnect.OPENIDCONNECT_MAX_AGE); + } + public String getUiLocales() {return getParam(OpenIdConnect.OPENIDCONNECT_UI_LOCALES);} + public String getIdTokenHint() {return getParam(OpenIdConnect.OPENIDCONNECT_ID_TOKEN_HINT);} + public String getLoginHint() {return getParam(OpenIdConnect.OPENIDCONNECT_LOGIN_HINT);} + public String getAcrValues() {return getParam(OpenIdConnect.OPENIDCONNECT_ACR_VALUES);} + + + +} diff --git a/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OpenIdConnectASResponse.java b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OpenIdConnectASResponse.java new file mode 100644 index 00000000..c957ea31 --- /dev/null +++ b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OpenIdConnectASResponse.java @@ -0,0 +1,122 @@ +package org.apache.oltu.openidconnect.as.response; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.message.OAuthResponse; +import org.apache.oltu.openidconnect.common.OpenIdConnect; + + +public class OpenIdConnectASResponse extends OAuthResponse { + protected OpenIdConnectASResponse(String uri, int responseStatus) { + super(uri, responseStatus); + } + + + public static OpenIdConnectAuthorizationResponseBuilder authorizationResponse(HttpServletRequest request,int code) { + return new OpenIdConnectAuthorizationResponseBuilder(request,code); + } + + public static OpenIdConnectTokenResponseBuilder tokenResponse(int code) { + return new OpenIdConnectTokenResponseBuilder(code); + } + + public static class OpenIdConnectAuthorizationResponseBuilder extends OAuthResponseBuilder { + + public OpenIdConnectAuthorizationResponseBuilder(HttpServletRequest request,int responseCode) { + super(responseCode); + //AMBER-45 + String state=request.getParameter(OAuth.OAUTH_STATE); + if (state!=null){ + this.setState(state); + } + } + + OpenIdConnectAuthorizationResponseBuilder setState(String state) { + this.parameters.put(OAuth.OAUTH_STATE, state); + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder setCode(String code) { + this.parameters.put(OAuth.OAUTH_CODE, code); + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder setAccessToken(String token) { + this.parameters.put(OAuth.OAUTH_ACCESS_TOKEN, token); + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder setTokenType(String tokenType) { + this.parameters.put(OAuth.OAUTH_TOKEN_TYPE, tokenType); + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder setExpiresIn(String expiresIn) { + this.parameters.put(OAuth.OAUTH_EXPIRES_IN, expiresIn == null ? null : Long.valueOf(expiresIn)); + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder setExpiresIn(Long expiresIn) { + this.parameters.put(OAuth.OAUTH_EXPIRES_IN, expiresIn); + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder setIdToken(String idtoken) { + this.parameters.put(OpenIdConnect.OPENIDCONNECT_ID_TOKEN, idtoken); + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder location(String location) { + this.location = location; + return this; + } + + public OpenIdConnectAuthorizationResponseBuilder setParam(String key, String value) { + this.parameters.put(key, value); + return this; + } + } + + + public static class OpenIdConnectTokenResponseBuilder extends OAuthResponseBuilder { + + public OpenIdConnectTokenResponseBuilder(int responseCode) { + super(responseCode); + } + + public OpenIdConnectTokenResponseBuilder setAccessToken(String token) { + this.parameters.put(OAuth.OAUTH_ACCESS_TOKEN, token); + return this; + } + + public OpenIdConnectTokenResponseBuilder setExpiresIn(String expiresIn) { + this.parameters.put(OAuth.OAUTH_EXPIRES_IN, expiresIn == null ? null : Long.valueOf(expiresIn)); + return this; + } + + public OpenIdConnectTokenResponseBuilder setRefreshToken(String refreshToken) { + this.parameters.put(OAuth.OAUTH_REFRESH_TOKEN, refreshToken); + return this; + } + + public OpenIdConnectTokenResponseBuilder setTokenType(String tokenType) { + this.parameters.put(OAuth.OAUTH_TOKEN_TYPE, tokenType); + return this; + } + public OpenIdConnectTokenResponseBuilder setIdToken(String idtoken) { + this.parameters.put(OpenIdConnect.OPENIDCONNECT_ID_TOKEN, idtoken); + return this; + } + + public OpenIdConnectTokenResponseBuilder setParam(String key, String value) { + this.parameters.put(key, value); + return this; + } + + public OpenIdConnectTokenResponseBuilder location(String location) { + this.location = location; + return this; + } + } +} diff --git a/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/OpenIdConnect.java b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/OpenIdConnect.java new file mode 100644 index 00000000..282a7a00 --- /dev/null +++ b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/OpenIdConnect.java @@ -0,0 +1,14 @@ +package org.apache.oltu.openidconnect.common; + + +public class OpenIdConnect { + public static final String OPENIDCONNECT_NONE = "none"; + public static final String OPENIDCONNECT_DISPLAY = "display"; + public static final String OPENIDCONNECT_PROMPT = "prompt"; + public static final String OPENIDCONNECT_MAX_AGE = "max_age"; + public static final String OPENIDCONNECT_UI_LOCALES = "ui_locales"; + public static final String OPENIDCONNECT_ID_TOKEN_HINT = "id_token_hint"; + public static final String OPENIDCONNECT_LOGIN_HINT = "login_hint"; + public static final String OPENIDCONNECT_ACR_VALUES = "acr_values"; + public static final String OPENIDCONNECT_ID_TOKEN = "id_token"; +} diff --git a/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/token/OpenIdConnectToken.java b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/token/OpenIdConnectToken.java new file mode 100644 index 00000000..4369c1c3 --- /dev/null +++ b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/common/token/OpenIdConnectToken.java @@ -0,0 +1,18 @@ +package org.apache.oltu.openidconnect.common.token; + +import org.apache.oltu.oauth2.common.token.OAuthToken; + + +public interface OpenIdConnectToken { + + String getiss(); + String getSub(); + String getAud(); + long getExp(); + long getIat(); + long getAuth_time(); + String getNonce(); + String getAcr(); + String getAmr(); + String getAzp(); +} diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java similarity index 100% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java rename to openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java diff --git a/openid-connect/common/pom.xml b/openid-connect/common/pom.xml index 5c959d07..db37d305 100644 --- a/openid-connect/common/pom.xml +++ b/openid-connect/common/pom.xml @@ -22,6 +22,7 @@ org.apache.oltu.openidconnect org.apache.oltu.openidconnect.parent 1-SNAPSHOT + ../pom.xml org.apache.oltu.openidconnect.common diff --git a/openid-connect/pom.xml b/openid-connect/pom.xml index a7a0bcb8..c7fb4e77 100644 --- a/openid-connect/pom.xml +++ b/openid-connect/pom.xml @@ -17,6 +17,18 @@ --> 4.0.0 + + + org.apache.oltu.oauth2 + org.apache.oltu.oauth2.authzserver + 1.0.0 + + + org.apache.oltu.oauth2 + org.apache.oltu.oauth2.common + 1.0.0 + + org.apache.oltu @@ -58,12 +70,30 @@ + + 2.2.10 + common client + authzserver + + + + org.json + json + 20140107 + + + commons-codec + commons-codec + 1.9 + + + site diff --git a/parent/pom.xml b/parent/pom.xml index 11aacc8c..dcf4e1b5 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -27,7 +27,7 @@ org.apache.oltu org.apache.oltu.parent - 4-SNAPSHOT + 3-SNAPSHOT pom Apache Oltu - Parent From b773dac92847e518fa2052f7f774f2b3ea104a12 Mon Sep 17 00:00:00 2001 From: "Diaz, Sebastien" Date: Tue, 8 Sep 2015 17:32:15 +0200 Subject: [PATCH 2/5] Add request abd response for OpenIdConnectAuthorization --- .../oltu/oauth2/as/MD5GeneratorTest.java | 52 -- .../oltu/oauth2/as/OAuthIssuerImplTest.java | 53 -- .../oltu/oauth2/as/OAuthRequestTest.java | 597 ------------------ .../as/OAuthUnauthenticatedRequestTest.java | 338 ---------- .../oauth2/as/OauthMockRequestBuilder.java | 122 ---- .../oauth2/as/UUIDValueGeneratorTest.java | 42 -- .../as/response/OAuthASResponseTest.java | 180 ------ .../as/validator/TokenValidatorTest.java | 102 --- 8 files changed, 1486 deletions(-) delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java delete mode 100644 openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java deleted file mode 100644 index 4c485e64..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java +++ /dev/null @@ -1,52 +0,0 @@ -/** - * Copyright 2010 Newcastle University - * - * http://research.ncl.ac.uk/smart/ - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as; - -import junit.framework.Assert; - -import org.apache.oltu.oauth2.as.issuer.MD5Generator; -import org.apache.oltu.oauth2.as.issuer.ValueGenerator; -import org.apache.oltu.oauth2.common.exception.OAuthSystemException; -import org.junit.Test; - - -/** - * - * - * - */ -public class MD5GeneratorTest extends Assert { - @Test - public void testGenerateValue() throws Exception { - ValueGenerator g = new MD5Generator(); - Assert.assertNotNull(g.generateValue()); - - Assert.assertNotNull(g.generateValue("test")); - - try { - g.generateValue(null); - fail("Exception not thrown"); - } catch (OAuthSystemException e) { - //ok - } - } -} diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java deleted file mode 100644 index 3ddc8164..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Copyright 2010 Newcastle University - * - * http://research.ncl.ac.uk/smart/ - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as; - -import junit.framework.Assert; - -import org.junit.Test; -import org.apache.oltu.oauth2.as.issuer.MD5Generator; -import org.apache.oltu.oauth2.as.issuer.OAuthIssuer; -import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl; - -/** - * - * - * - */ -public class OAuthIssuerImplTest { - private OAuthIssuer issuer = new OAuthIssuerImpl(new MD5Generator()); - - @Test - public void testAccessToken() throws Exception { - Assert.assertNotNull(issuer.accessToken()); - } - - @Test - public void testRefreshToken() throws Exception { - Assert.assertNotNull(issuer.refreshToken()); - } - - @Test - public void testAuthorizationCode() throws Exception { - Assert.assertNotNull(issuer.authorizationCode()); - } -} diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java deleted file mode 100644 index 8453455c..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java +++ /dev/null @@ -1,597 +0,0 @@ -/** - * Copyright 2010 Newcastle University - * - * http://research.ncl.ac.uk/smart/ - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as; - -import java.util.Set; - -import javax.servlet.http.HttpServletRequest; - -import junit.framework.Assert; -import org.apache.commons.codec.binary.Base64; -import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest; -import org.apache.oltu.oauth2.as.request.OAuthRequest; -import org.apache.oltu.oauth2.as.request.OAuthTokenRequest; -import org.apache.oltu.oauth2.common.OAuth; -import org.apache.oltu.oauth2.common.error.OAuthError; -import org.apache.oltu.oauth2.common.exception.OAuthProblemException; -import org.apache.oltu.oauth2.common.exception.OAuthSystemException; -import org.apache.oltu.oauth2.common.message.types.GrantType; -import org.apache.oltu.oauth2.common.message.types.ResponseType; -import org.apache.oltu.oauth2.common.utils.OAuthUtils; -import org.junit.Test; - -import static org.easymock.EasyMock.replay; -import static org.easymock.EasyMock.verify; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.fail; - - -/** - * - * - * - */ -public class OAuthRequestTest { - public static final String REDIRECT_URI = "http://www.example.com/callback"; - public static final String CLIENT_ID = "test_client"; - public static final String ACCESS_GRANT = "test_code"; - public static final String SECRET = "secret"; - public static final String USERNAME = "test_username"; - public static final String PASSWORD = "test_password"; - public static final String REFRESH_TOKEN = "refresh_token"; - - @Test - public void testWrongResponseGetRequestParam() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectOauthResponseType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectParam("param", "someparam") - .build(); - - replay(request); - - assertInvalidOAuthRequest(request); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectOauthResponseType(null) - .expectRedirectUri(REDIRECT_URI) - .expectParam("param", "someparam") - .build(); - replay(request); - - assertInvalidOAuthRequest(request); - verify(request); - } - - private void assertInvalidOAuthRequest(HttpServletRequest request) throws OAuthSystemException { - try { - new OAuthAuthzRequest(request); - fail("Exception expected"); - } catch (OAuthProblemException e) { - assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError()); - } - } - - @Test - public void testCodeRequestInvalidMethod() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectHttpMethod(OAuth.HttpMethod.PUT) - .expectOauthResponseType(ResponseType.CODE.toString()) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .build(); - - replay(request); - - assertInvalidOAuthRequest(request); - verify(request); - } - - - @Test - public void testCodeRequestMissingParameter() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectHttpMethod(OAuth.HttpMethod.GET) - .expectOauthResponseType(ResponseType.CODE.toString()) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(null) - .build(); - - replay(request); - - assertInvalidOAuthRequest(request); - verify(request); - } - - @Test - public void testValidCodeRequest() throws Exception { - assertValidCodeRequest(OAuth.HttpMethod.GET); - - assertValidCodeRequest(OAuth.HttpMethod.POST); - } - - private void assertValidCodeRequest(String httpMethod) throws OAuthSystemException { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectHttpMethod(httpMethod) - .expectOauthResponseType(ResponseType.CODE.toString()) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .build(); - - replay(request); - - try { - new OAuthAuthzRequest(request); - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - - verify(request); - } - - @Test - public void testTokenWrongGrantType() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectGrantType(OAuth.ContentType.URL_ENCODED) - .expectParam("param", "someparam") - .build(); - - replay(request); - assertInvalidTokenRequest(request); - - request = new OauthMockRequestBuilder() - .expectRedirectUri(REDIRECT_URI) - .expectGrantType(null) - .expectParam("param", "someparam") - .build(); - - replay(request); - assertInvalidTokenRequest(request); - } - - private void assertInvalidTokenRequest(HttpServletRequest request) throws OAuthSystemException { - try { - new OAuthTokenRequest(request); - fail("Exception expected"); - } catch (OAuthProblemException e) { - assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError()); - } - - verify(request); - } - - @Test - public void testTokenRequestInvalidMethod() throws Exception { - HttpServletRequest request = mockTokenRequestInvalidMethod(GrantType.AUTHORIZATION_CODE.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidMethod(GrantType.PASSWORD.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidMethod(GrantType.REFRESH_TOKEN.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidMethod(null); - assertInvalidTokenRequest(request); - } - - private HttpServletRequest mockTokenRequestInvalidMethod(String grantType) { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectHttpMethod(OAuth.HttpMethod.GET) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectGrantType(grantType) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .build(); - replay(request); - - return request; - } - - @Test - public void testTokenRequestInvalidContentType() throws Exception { - HttpServletRequest request = mockTokenRequestInvalidContentType(GrantType.AUTHORIZATION_CODE.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidContentType(GrantType.PASSWORD.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidContentType(GrantType.REFRESH_TOKEN.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidContentType(null); - assertInvalidTokenRequest(request); - } - - private HttpServletRequest mockTokenRequestInvalidContentType(String grantType) { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(grantType) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.JSON) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .build(); - - replay(request); - return request; - } - - @Test - public void testTokenAuthCodeRequestMissingParameter() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectBasicAuthHeader(null) - .expectGrantType(OAuth.OAUTH_GRANT_TYPE) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(null) - .expectClientSecret(SECRET) - .expectAccessGrant(ACCESS_GRANT) - .build(); - - replay(request); - assertInvalidTokenRequest(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectBasicAuthHeader(null) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectClientSecret(SECRET) - .expectRedirectUri(null) - .expectAccessGrant(null) - .build(); - - replay(request); - assertInvalidTokenRequest(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectBasicAuthHeader(null) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectClientSecret(SECRET) - .expectAccessGrant(null) - .build(); - - replay(request); - assertInvalidTokenRequest(request); - } - - @Test - public void testTokenAuthCodeRequestWithBasicAuthenticationMissingParameter() throws Exception { - HttpServletRequest request = mockOAuthTokenRequestBasicAuth(CLIENT_ID, null); - assertInvalidTokenRequest(request); - - request = mockOAuthTokenRequestBasicAuth(null, SECRET); - assertInvalidTokenRequest(request); - - - // Don't allow to mix basic auth header and body params. - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectClientSecret(null) - .expectRedirectUri(REDIRECT_URI) - .expectAccessGrant(ACCESS_GRANT) - .expectBasicAuthHeader(createBasicAuthHeader(null, SECRET)) - .build(); - - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - } - - private HttpServletRequest mockOAuthTokenRequestBasicAuth(String clientId, String clientSecret) { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(null) - .expectClientSecret(null) - .expectRedirectUri(REDIRECT_URI) - .expectAccessGrant(ACCESS_GRANT) - .expectBasicAuthHeader(createBasicAuthHeader(clientId, clientSecret)) - .build(); - - replay(request); - return request; - } - - private String createBasicAuthHeader(String clientId, String clientSecret) { - clientSecret = OAuthUtils.isEmpty(clientSecret) ? "" : clientSecret; - clientId = OAuthUtils.isEmpty(clientId) ? "" : clientId; - final String authString = clientId + ":" + clientSecret; - return "basic " + Base64.encodeBase64String(authString.getBytes()); - } - - @Test - public void testTokenPasswordRequestMissingParameter() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectClientSecret(SECRET) - .expectBasicAuthHeader(createBasicAuthHeader(null, SECRET)) - .expectOauthUsername(null) - .expectOauthPassword(SECRET) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectBasicAuthHeader(createBasicAuthHeader(null, SECRET)) - .expectOauthUsername(USERNAME) - .expectOauthPassword("") - .build(); - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(null) - .expectClientSecret("") - .expectBasicAuthHeader(null) - .expectOauthUsername(USERNAME) - .expectOauthPassword(PASSWORD) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - } - - @Test - public void testRefreshTokenRequestMissingParameter() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectClientSecret(SECRET) - .expectBasicAuthHeader(null) - .expectOauthRefreshToken(null) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId("") - .expectClientSecret(SECRET) - .expectBasicAuthHeader(null) - .expectOauthRefreshToken(REFRESH_TOKEN) - .build(); - - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(null) - .expectClientSecret(SECRET) - .expectBasicAuthHeader(SECRET) - .expectOauthRefreshToken(null) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - } - - @Test - public void testValidTokenRequest() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectClientSecret(SECRET) - .expectBasicAuthHeader(null) - .expectAccessGrant(ACCESS_GRANT) - .expectRedirectUri(REDIRECT_URI) - .build(); - replay(request); - - OAuthTokenRequest req = null; - try { - req = new OAuthTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - assertEquals(GrantType.AUTHORIZATION_CODE.toString(), req.getGrantType()); - assertEquals(CLIENT_ID, req.getClientId()); - assertEquals(REDIRECT_URI, req.getRedirectURI()); - assertEquals(ACCESS_GRANT, req.getCode()); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectClientSecret(SECRET) - .expectBasicAuthHeader(null) - .expectOauthUsername(USERNAME) - .expectOauthPassword(PASSWORD) - .build(); - replay(request); - - try { - req = new OAuthTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - assertEquals(CLIENT_ID, req.getClientId()); - assertEquals(USERNAME, req.getUsername()); - assertEquals(PASSWORD, req.getPassword()); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.CLIENT_CREDENTIALS.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectBasicAuthHeader(createBasicAuthHeader(CLIENT_ID, SECRET)) - .build(); - replay(request); - - try { - req = new OAuthTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectClientSecret(SECRET) - .expectBasicAuthHeader(null) - .expectOauthRefreshToken(REFRESH_TOKEN) - .build(); - replay(request); - - try { - req = new OAuthTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - assertEquals(CLIENT_ID, req.getClientId()); - assertEquals(REFRESH_TOKEN, req.getRefreshToken()); - assertEquals(SECRET, req.getClientSecret()); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId("") - .expectClientSecret("") - .expectBasicAuthHeader(createBasicAuthHeader(CLIENT_ID, SECRET)) - .expectOauthRefreshToken(REFRESH_TOKEN) - .build(); - replay(request); - - try { - req = new OAuthTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - assertEquals(CLIENT_ID, req.getClientId()); - assertEquals(REFRESH_TOKEN, req.getRefreshToken()); - assertEquals(SECRET, req.getClientSecret()); - - verify(request); - } - - - @Test - public void testScopes() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectOauthResponseType(ResponseType.CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.GET) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectRedirectUri(REDIRECT_URI) - .expectScopes("album photo") - .build(); - replay(request); - - OAuthRequest req = null; - try { - req = new OAuthAuthzRequest(request); - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - - Set scopes = req.getScopes(); - - Assert.assertTrue(findScope(scopes, "album")); - Assert.assertTrue(findScope(scopes, "photo")); - - verify(request); - } - - private boolean findScope(Set scopes, String scope) { - for (String s : scopes) { - if (s.equals(scope)) { - return true; - } - } - return false; - } -} diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java deleted file mode 100644 index bc6751ca..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java +++ /dev/null @@ -1,338 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as; - -import javax.servlet.http.HttpServletRequest; - -import org.apache.oltu.oauth2.as.request.OAuthUnauthenticatedTokenRequest; -import org.apache.oltu.oauth2.common.OAuth; -import org.apache.oltu.oauth2.common.error.OAuthError; -import org.apache.oltu.oauth2.common.exception.OAuthProblemException; -import org.apache.oltu.oauth2.common.exception.OAuthSystemException; -import org.apache.oltu.oauth2.common.message.types.GrantType; -import org.junit.Test; - -import static org.easymock.EasyMock.replay; -import static org.easymock.EasyMock.verify; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.fail; - -public class OAuthUnauthenticatedRequestTest { - public static final String REDIRECT_URI = "http://www.example.com/callback"; - public static final String CLIENT_ID = "test_client"; - public static final String ACCESS_GRANT = "test_code"; - public static final String USERNAME = "test_username"; - public static final String PASSWORD = "test_password"; - public static final String REFRESH_TOKEN = "refresh_token"; - public static final String SECRET = ""; - - @Test - public void testTokenWrongGrantType() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectGrantType(OAuth.ContentType.URL_ENCODED) - .expectParam("param", "someparam") - .build(); - - replay(request); - assertInvalidTokenRequest(request); - - request = new OauthMockRequestBuilder() - .expectRedirectUri(REDIRECT_URI) - .expectGrantType(null) - .expectParam("param", "someparam") - .build(); - - replay(request); - assertInvalidTokenRequest(request); - } - - private void assertInvalidTokenRequest(HttpServletRequest request) throws OAuthSystemException { - try { - new OAuthUnauthenticatedTokenRequest(request); - fail("Exception expected"); - } catch (OAuthProblemException e) { - assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError()); - } - - verify(request); - } - - @Test - public void testTokenRequestInvalidMethod() throws Exception { - HttpServletRequest request = mockTokenRequestInvalidMethod(GrantType.AUTHORIZATION_CODE.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidMethod(GrantType.PASSWORD.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidMethod(GrantType.REFRESH_TOKEN.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidMethod(null); - assertInvalidTokenRequest(request); - } - - private HttpServletRequest mockTokenRequestInvalidMethod(String grantType) { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectHttpMethod(OAuth.HttpMethod.GET) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectGrantType(grantType) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .build(); - replay(request); - - return request; - } - - @Test - public void testTokenRequestInvalidContentType() throws Exception { - HttpServletRequest request = mockTokenRequestInvalidContentType(GrantType.AUTHORIZATION_CODE.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidContentType(GrantType.PASSWORD.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidContentType(GrantType.REFRESH_TOKEN.toString()); - assertInvalidTokenRequest(request); - - request = mockTokenRequestInvalidContentType(null); - assertInvalidTokenRequest(request); - } - - private HttpServletRequest mockTokenRequestInvalidContentType(String grantType) { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(grantType) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.JSON) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .build(); - - replay(request); - return request; - } - - @Test - public void testTokenAuthCodeRequestMissingParameter() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectGrantType(OAuth.OAUTH_GRANT_TYPE) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(null) - .expectAccessGrant(ACCESS_GRANT) - .build(); - - replay(request); - assertInvalidTokenRequest(request); - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectRedirectUri(null) - .expectAccessGrant(null) - .build(); - - replay(request); - - assertInvalidTokenRequest(request); - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectAccessGrant(null) - .build(); - - replay(request); - assertInvalidTokenRequest(request); - verify(request); - } - - @Test - public void testTokenPasswordRequestMissingParameter() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectOauthUsername(null) - .expectOauthPassword(PASSWORD) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectOauthUsername(USERNAME) - .expectOauthPassword("") - .build(); - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(null) - .expectOauthUsername(USERNAME) - .expectOauthPassword(PASSWORD) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - - verify(request); - } - - @Test - public void testRefreshTokenRequestMissingParameter() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(CLIENT_ID) - .expectOauthRefreshToken(null) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId("") - .expectOauthRefreshToken(REFRESH_TOKEN) - .build(); - - replay(request); - - assertInvalidTokenRequest(request); - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectRedirectUri(REDIRECT_URI) - .expectClientId(null) - .expectOauthRefreshToken(null) - .build(); - replay(request); - - assertInvalidTokenRequest(request); - verify(request); - } - - @Test - public void testValidTokenRequest() throws Exception { - HttpServletRequest request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.AUTHORIZATION_CODE.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectAccessGrant(ACCESS_GRANT) - .expectRedirectUri(REDIRECT_URI) - .expectBasicAuthHeader(null) - .build(); - replay(request); - - OAuthUnauthenticatedTokenRequest req = null; - try { - req = new OAuthUnauthenticatedTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - assertEquals(GrantType.AUTHORIZATION_CODE.toString(), req.getGrantType()); - assertEquals(CLIENT_ID, req.getClientId()); - assertEquals(REDIRECT_URI, req.getRedirectURI()); - assertEquals(ACCESS_GRANT, req.getCode()); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.PASSWORD.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectBasicAuthHeader(null) - .expectOauthUsername(USERNAME) - .expectOauthPassword(PASSWORD) - .build(); - replay(request); - - try { - req = new OAuthUnauthenticatedTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - assertEquals(CLIENT_ID, req.getClientId()); - assertEquals(USERNAME, req.getUsername()); - assertEquals(PASSWORD, req.getPassword()); - - verify(request); - - request = new OauthMockRequestBuilder() - .expectGrantType(GrantType.REFRESH_TOKEN.toString()) - .expectHttpMethod(OAuth.HttpMethod.POST) - .expectContentType(OAuth.ContentType.URL_ENCODED) - .expectClientId(CLIENT_ID) - .expectOauthRefreshToken(REFRESH_TOKEN) - .expectBasicAuthHeader(null) - .build(); - replay(request); - - try { - req = new OAuthUnauthenticatedTokenRequest(request); - - } catch (OAuthProblemException e) { - fail("Exception not expected"); - } - assertEquals(CLIENT_ID, req.getClientId()); - assertEquals(REFRESH_TOKEN, req.getRefreshToken()); - - verify(request); - } -} diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java deleted file mode 100644 index f3855972..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java +++ /dev/null @@ -1,122 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as; - -import javax.servlet.http.HttpServletRequest; - -import org.apache.oltu.oauth2.common.OAuth; - -import static org.easymock.EasyMock.createMock; -import static org.easymock.EasyMock.expect; - -public class OauthMockRequestBuilder { - - private HttpServletRequest request; - - public OauthMockRequestBuilder() { - request = createMock(HttpServletRequest.class); - } - - public OauthMockRequestBuilder expectOauthResponseType(String oauthResponseType) { - expect(request.getParameter(OAuth.OAUTH_RESPONSE_TYPE)).andStubReturn(oauthResponseType); - - return this; - } - - public OauthMockRequestBuilder expectRedirectUri(String redirectUri) { - expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn(redirectUri); - - return this; - } - - public OauthMockRequestBuilder expectParam(String paramName, String paramValue) { - expect(request.getParameter(paramName)).andStubReturn(paramValue); - - return this; - } - - public HttpServletRequest build() { - return request; - } - - public OauthMockRequestBuilder expectContentType(String contentType) { - expect(request.getContentType()).andStubReturn(contentType); - - return this; - } - - public OauthMockRequestBuilder expectHttpMethod(String method) { - expect(request.getMethod()).andStubReturn(method); - - return this; - } - - public OauthMockRequestBuilder expectClientId(String clientId) { - expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn(clientId); - - return this; - } - - public OauthMockRequestBuilder expectClientSecret(String secret) { - expect(request.getParameter(OAuth.OAUTH_CLIENT_SECRET)).andStubReturn(secret); - - return this; - } - - public OauthMockRequestBuilder expectGrantType(String grantType) { - expect(request.getParameter(OAuth.OAUTH_GRANT_TYPE)).andStubReturn(grantType); - - return this; - } - - public OauthMockRequestBuilder expectBasicAuthHeader(String authorizationHeader) { - expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn(authorizationHeader); - - return this; - } - - public OauthMockRequestBuilder expectAccessGrant(String accessGrant) { - expect(request.getParameter(OAuth.OAUTH_CODE)).andStubReturn(accessGrant); - - return this; - } - - public OauthMockRequestBuilder expectOauthUsername(String oauthUsername) { - expect(request.getParameter(OAuth.OAUTH_USERNAME)).andStubReturn(oauthUsername); - - return this; - } - - public OauthMockRequestBuilder expectOauthPassword(String secret) { - expect(request.getParameter(OAuth.OAUTH_PASSWORD)).andStubReturn(secret); - - return this; - } - - public OauthMockRequestBuilder expectOauthRefreshToken(String refreshToken) { - expect(request.getParameter(OAuth.OAUTH_REFRESH_TOKEN)).andStubReturn(refreshToken); - - return this; - } - - public OauthMockRequestBuilder expectScopes(String scopes) { - expect(request.getParameter(OAuth.OAUTH_SCOPE)).andStubReturn(scopes); - - return this; - } -} diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java deleted file mode 100644 index 3f189fdc..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Copyright 2010 Newcastle University - * - * http://research.ncl.ac.uk/smart/ - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as; - -import org.junit.Assert; -import org.junit.Test; - -import org.apache.oltu.oauth2.as.issuer.UUIDValueGenerator; - -/** - * - * - * - */ -public class UUIDValueGeneratorTest extends Assert { - @Test - public void testGenerateValue() throws Exception { - UUIDValueGenerator uvg = new UUIDValueGenerator(); - Assert.assertNotNull(uvg.generateValue()); - - Assert.assertNotNull(uvg.generateValue("test")); - } -} diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java deleted file mode 100644 index e0a8d20e..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java +++ /dev/null @@ -1,180 +0,0 @@ -/** - * Copyright 2010 Newcastle University - * - * http://research.ncl.ac.uk/smart/ - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as.response; - -import static org.easymock.EasyMock.createMock; -import static org.easymock.EasyMock.expect; -import static org.easymock.EasyMock.replay; - -import javax.servlet.http.HttpServletRequest; - -import org.apache.oltu.oauth2.as.response.OAuthASResponse; -import org.apache.oltu.oauth2.common.OAuth; -import org.apache.oltu.oauth2.common.error.OAuthError; -import org.apache.oltu.oauth2.common.exception.OAuthProblemException; -import org.apache.oltu.oauth2.common.message.OAuthResponse; -import org.junit.Assert; -import org.junit.Test; - -/** - * - * - * - */ -public class OAuthASResponseTest { - - @Test - public void testAuthzResponse() throws Exception { - HttpServletRequest request = createMock(HttpServletRequest.class); - OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200) - .location("http://www.example.com") - .setCode("code") - .setState("ok") - .setParam("testValue", "value2") - .buildQueryMessage(); - - String url = oAuthResponse.getLocationUri(); - - Assert.assertEquals("http://www.example.com?testValue=value2&state=ok&code=code", url); - Assert.assertEquals(200, oAuthResponse.getResponseStatus()); - - } - - @Test - public void testAuthzResponseWithState() throws Exception { - HttpServletRequest request = createMock(HttpServletRequest.class); - expect(request.getParameter(OAuth.OAUTH_STATE)).andStubReturn("ok"); - replay(request); - OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200) - .location("http://www.example.com") - .setCode("code") - .setParam("testValue", "value2") - .buildQueryMessage(); - - String url = oAuthResponse.getLocationUri(); - - Assert.assertEquals("http://www.example.com?testValue=value2&state=ok&code=code", url); - Assert.assertEquals(200, oAuthResponse.getResponseStatus()); - - } - - @Test - public void testAuthzImplicitResponseWithState() throws Exception { - HttpServletRequest request = createMock(HttpServletRequest.class); - expect(request.getParameter(OAuth.OAUTH_STATE)).andStubReturn("ok"); - replay(request); - OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,200) - .location("http://www.example.com") - .setAccessToken("access_111") - .setExpiresIn("400") - .setParam("testValue", "value2") - .buildQueryMessage(); - - String url = oAuthResponse.getLocationUri(); - Assert.assertEquals("http://www.example.com#testValue=value2&state=ok&expires_in=400&access_token=access_111", url); - Assert.assertEquals(200, oAuthResponse.getResponseStatus()); - } - - - @Test - public void testTokenResponse() throws Exception { - - OAuthResponse oAuthResponse = OAuthASResponse.tokenResponse(200).setAccessToken("access_token") - .setExpiresIn("200").setRefreshToken("refresh_token2") - .buildBodyMessage(); - - String body = oAuthResponse.getBody(); - Assert.assertEquals( - "expires_in=200&refresh_token=refresh_token2&access_token=access_token", - body); - - } - - @Test - public void testTokenResponseAdditionalParam() throws Exception { - - OAuthResponse oAuthResponse = OAuthASResponse.tokenResponse(200).setAccessToken("access_token") - .setExpiresIn("200").setRefreshToken("refresh_token2").setParam("some_param", "new_param") - .buildBodyMessage(); - - String body = oAuthResponse.getBody(); - Assert.assertEquals( - "some_param=new_param&expires_in=200&refresh_token=refresh_token2&access_token=access_token", - body); - - } - - @Test - public void testErrorResponse() throws Exception { - - OAuthProblemException ex = OAuthProblemException - .error(OAuthError.CodeResponse.ACCESS_DENIED, "Access denied") - .setParameter("testparameter", "testparameter_value") - .scope("album") - .uri("http://www.example.com/error"); - - OAuthResponse oAuthResponse = OAuthResponse.errorResponse(400).error(ex).buildJSONMessage(); - - Assert.assertEquals( - "{\"error_uri\":\"http://www.example.com/error\",\"error\":\"access_denied\",\"error_description\":\"Access denied\"}", - oAuthResponse.getBody()); - - - oAuthResponse = OAuthResponse.errorResponse(500) - .location("http://www.example.com/redirect?param2=true").error(ex).buildQueryMessage(); - Assert.assertEquals( - "http://www.example.com/redirect?param2=true&error_uri=http%3A%2F%2Fwww.example.com%2Ferror" - + "&error=access_denied&error_description=Access+denied", - oAuthResponse.getLocationUri()); - } - - @Test - public void testErrorResponse2() throws Exception { - OAuthProblemException ex = OAuthProblemException - .error(OAuthError.CodeResponse.ACCESS_DENIED, "Access denied") - .setParameter("testparameter", "testparameter_value") - .scope("album") - .uri("http://www.example.com/error"); - - OAuthResponse oAuthResponse = OAuthResponse.errorResponse(500) - .location("http://www.example.com/redirect?param2=true").error(ex).buildQueryMessage(); - Assert.assertEquals( - "http://www.example.com/redirect?param2=true&error_uri=http%3A%2F%2Fwww.example.com%2Ferror" - + "&error=access_denied&error_description=Access+denied", - oAuthResponse.getLocationUri()); - } - - @Test - public void testHeaderResponse() throws Exception { - HttpServletRequest request = createMock(HttpServletRequest.class); - OAuthResponse oAuthResponse = OAuthASResponse.authorizationResponse(request,400).setCode("oauth_code") - .setState("state_ok") - .buildHeaderMessage(); - - String header = oAuthResponse.getHeader(OAuth.HeaderType.WWW_AUTHENTICATE); - Assert.assertEquals("Bearer state=\"state_ok\",code=\"oauth_code\"", header); - - header = oAuthResponse.getHeaders().get(OAuth.HeaderType.WWW_AUTHENTICATE); - Assert.assertEquals("Bearer state=\"state_ok\",code=\"oauth_code\"", header); - } - -} diff --git a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java b/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java deleted file mode 100644 index f67ad859..00000000 --- a/openid-connect/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java +++ /dev/null @@ -1,102 +0,0 @@ -/** - * Copyright 2010 Newcastle University - * - * http://research.ncl.ac.uk/smart/ - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.oltu.oauth2.as.validator; - -import javax.servlet.http.HttpServletRequest; - -import org.apache.oltu.oauth2.as.validator.TokenValidator; -import org.apache.oltu.oauth2.common.OAuth; -import org.apache.oltu.oauth2.common.exception.OAuthProblemException; -import org.junit.Assert; -import org.junit.Test; - -import static org.easymock.EasyMock.createStrictMock; -import static org.easymock.EasyMock.expect; -import static org.easymock.EasyMock.replay; -import static org.easymock.EasyMock.reset; -import static org.easymock.EasyMock.verify; - - -/** - * - * - * - */ -public class TokenValidatorTest { - @Test - public void testValidateMethod() throws Exception { - HttpServletRequest request = createStrictMock(HttpServletRequest.class); - expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET); - - replay(request); - TokenValidator validator = new TokenValidator(); - validator.validateMethod(request); - - verify(request); - - reset(request); - - request = createStrictMock(HttpServletRequest.class); - expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST); - - replay(request); - validator = new TokenValidator(); - validator.validateMethod(request); - - verify(request); - - reset(request); - - request = createStrictMock(HttpServletRequest.class); - expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.DELETE); - - replay(request); - validator = new TokenValidator(); - - try { - validator.validateMethod(request); - Assert.fail("Expected validation exception"); - } catch (OAuthProblemException e) { - //ok, expected - } - - verify(request); - } - - @Test - public void testRequiredParams() throws Exception { - HttpServletRequest request = createStrictMock(HttpServletRequest.class); - - expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET); - expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED); - - expect(request.getParameter(OAuth.OAUTH_REDIRECT_URI)).andStubReturn("http://example.com/callback"); - expect(request.getParameter(OAuth.OAUTH_RESPONSE_TYPE)).andStubReturn("response_type"); - expect(request.getParameter(OAuth.OAUTH_CLIENT_ID)).andStubReturn("client_id"); - - replay(request); - - TokenValidator validator = new TokenValidator(); - validator.performAllValidations(request); - verify(request); - } -} From 9f40caec31f268a7510f962e1a0ddca08d90fe5a Mon Sep 17 00:00:00 2001 From: "Diaz, Sebastien" Date: Tue, 8 Sep 2015 17:47:20 +0200 Subject: [PATCH 3/5] Add request abd response for OpenIdConnectAuthorization --- .../as/request/AbstractOAuthTokenRequest.java | 2 +- .../as/request/OAuthAuthzRequest.java | 6 +++--- .../as/request/OAuthRequest.java | 2 +- .../as/request/OAuthTokenRequest.java | 12 +++++------- .../as/request/OAuthUnauthenticatedTokenRequest.java | 10 ++++------ .../as/response/OAuthASResponse.java | 2 +- .../as/validator/AssertionValidator.java | 2 +- .../as/validator/AuthorizationCodeValidator.java | 2 +- .../as/validator/ClientCredentialValidator.java | 2 +- .../as/validator/CodeTokenValidator.java | 2 +- .../as/validator/CodeValidator.java | 2 +- .../as/validator/PasswordValidator.java | 2 +- .../as/validator/RefreshTokenValidator.java | 2 +- .../as/validator/TokenValidator.java | 2 +- .../UnauthenticatedAuthorizationCodeValidator.java | 2 +- .../validator/UnauthenticatedPasswordValidator.java | 2 +- .../UnauthenticatedRefreshTokenValidator.java | 2 +- .../as => oauth2}/issuer/MD5Generator.java | 2 +- .../as => oauth2}/issuer/OAuthIssuer.java | 2 +- .../as => oauth2}/issuer/OAuthIssuerImpl.java | 2 +- .../as => oauth2}/issuer/UUIDValueGenerator.java | 2 +- .../as => oauth2}/issuer/ValueGenerator.java | 2 +- .../as/MD5GeneratorTest.java | 6 +++--- .../as/OAuthIssuerImplTest.java | 8 ++++---- .../as/OAuthRequestTest.java | 8 ++++---- .../as/OAuthUnauthenticatedRequestTest.java | 4 ++-- .../as/OauthMockRequestBuilder.java | 2 +- .../as/UUIDValueGeneratorTest.java | 4 ++-- .../as/response/OAuthASResponseTest.java | 2 +- .../as/validator/TokenValidatorTest.java | 2 +- .../as/request/OpenIdConnectAuthzRequest.java | 5 +++-- 31 files changed, 52 insertions(+), 55 deletions(-) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/request/AbstractOAuthTokenRequest.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/request/OAuthAuthzRequest.java (93%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/request/OAuthRequest.java (98%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/request/OAuthTokenRequest.java (85%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/request/OAuthUnauthenticatedTokenRequest.java (85%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/response/OAuthASResponse.java (98%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/AssertionValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/AuthorizationCodeValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/ClientCredentialValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/CodeTokenValidator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/CodeValidator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/PasswordValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/RefreshTokenValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/TokenValidator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/UnauthenticatedAuthorizationCodeValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/UnauthenticatedPasswordValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/UnauthenticatedRefreshTokenValidator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect/as => oauth2}/issuer/MD5Generator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect/as => oauth2}/issuer/OAuthIssuer.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect/as => oauth2}/issuer/OAuthIssuerImpl.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect/as => oauth2}/issuer/UUIDValueGenerator.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/{openidconnect/as => oauth2}/issuer/ValueGenerator.java (95%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/MD5GeneratorTest.java (89%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/OAuthIssuerImplTest.java (86%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/OAuthRequestTest.java (98%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/OAuthUnauthenticatedRequestTest.java (99%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/OauthMockRequestBuilder.java (98%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/UUIDValueGeneratorTest.java (92%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/response/OAuthASResponseTest.java (99%) rename oauth-2.0/authzserver/src/test/java/org/apache/oltu/{openidconnect => oauth2}/as/validator/TokenValidatorTest.java (98%) diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/AbstractOAuthTokenRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/AbstractOAuthTokenRequest.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/AbstractOAuthTokenRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/AbstractOAuthTokenRequest.java index 5834aac4..20c47531 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/AbstractOAuthTokenRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/AbstractOAuthTokenRequest.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.request; +package org.apache.oltu.oauth2.as.request; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthAuthzRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthAuthzRequest.java similarity index 93% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthAuthzRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthAuthzRequest.java index 22125eb9..b9883db6 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthAuthzRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthAuthzRequest.java @@ -19,12 +19,12 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.request; +package org.apache.oltu.oauth2.as.request; import javax.servlet.http.HttpServletRequest; -import org.apache.oltu.openidconnect.as.validator.CodeValidator; -import org.apache.oltu.openidconnect.as.validator.TokenValidator; +import org.apache.oltu.oauth2.as.validator.CodeValidator; +import org.apache.oltu.oauth2.as.validator.TokenValidator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthRequest.java similarity index 98% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthRequest.java index a9accdb2..8898a568 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthRequest.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.request; +package org.apache.oltu.oauth2.as.request; import java.util.HashMap; import java.util.Map; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthTokenRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthTokenRequest.java similarity index 85% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthTokenRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthTokenRequest.java index f55f50ce..55148b8a 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthTokenRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthTokenRequest.java @@ -19,19 +19,17 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.request; +package org.apache.oltu.oauth2.as.request; import javax.servlet.http.HttpServletRequest; -import org.apache.oltu.openidconnect.as.validator.AuthorizationCodeValidator; -import org.apache.oltu.openidconnect.as.validator.ClientCredentialValidator; -import org.apache.oltu.openidconnect.as.validator.PasswordValidator; -import org.apache.oltu.openidconnect.as.validator.RefreshTokenValidator; -import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.as.validator.RefreshTokenValidator; +import org.apache.oltu.oauth2.as.validator.AuthorizationCodeValidator; +import org.apache.oltu.oauth2.as.validator.ClientCredentialValidator; +import org.apache.oltu.oauth2.as.validator.PasswordValidator; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.apache.oltu.oauth2.common.message.types.GrantType; -import org.apache.oltu.oauth2.common.utils.OAuthUtils; import org.apache.oltu.oauth2.common.validators.OAuthValidator; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthUnauthenticatedTokenRequest.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthUnauthenticatedTokenRequest.java similarity index 85% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthUnauthenticatedTokenRequest.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthUnauthenticatedTokenRequest.java index d79f3179..036066f8 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OAuthUnauthenticatedTokenRequest.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/request/OAuthUnauthenticatedTokenRequest.java @@ -15,18 +15,16 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.request; +package org.apache.oltu.oauth2.as.request; import javax.servlet.http.HttpServletRequest; -import org.apache.oltu.openidconnect.as.validator.UnauthenticatedAuthorizationCodeValidator; -import org.apache.oltu.openidconnect.as.validator.UnauthenticatedPasswordValidator; -import org.apache.oltu.openidconnect.as.validator.UnauthenticatedRefreshTokenValidator; -import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.as.validator.UnauthenticatedPasswordValidator; +import org.apache.oltu.oauth2.as.validator.UnauthenticatedRefreshTokenValidator; +import org.apache.oltu.oauth2.as.validator.UnauthenticatedAuthorizationCodeValidator; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.apache.oltu.oauth2.common.message.types.GrantType; -import org.apache.oltu.oauth2.common.utils.OAuthUtils; import org.apache.oltu.oauth2.common.validators.OAuthValidator; /** diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OAuthASResponse.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/response/OAuthASResponse.java similarity index 98% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OAuthASResponse.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/response/OAuthASResponse.java index 9c6eef91..6a6c5899 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/response/OAuthASResponse.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/response/OAuthASResponse.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.response; +package org.apache.oltu.oauth2.as.response; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AssertionValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AssertionValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AssertionValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AssertionValidator.java index 5226186f..82d74df3 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AssertionValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AssertionValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import org.apache.oltu.oauth2.common.OAuth; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AuthorizationCodeValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AuthorizationCodeValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AuthorizationCodeValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AuthorizationCodeValidator.java index 1acdf48c..c6727671 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/AuthorizationCodeValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/AuthorizationCodeValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/ClientCredentialValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/ClientCredentialValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/ClientCredentialValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/ClientCredentialValidator.java index f8cd3a8a..20b5f8c7 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/ClientCredentialValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/ClientCredentialValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeTokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeTokenValidator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeTokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeTokenValidator.java index 70ad0e62..5938c3e6 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeTokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeTokenValidator.java @@ -20,7 +20,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeValidator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeValidator.java index 5b1ad4b2..b2931899 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/CodeValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/CodeValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/PasswordValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/PasswordValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/PasswordValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/PasswordValidator.java index 943b2cda..e4e36f37 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/PasswordValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/PasswordValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/RefreshTokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/RefreshTokenValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/RefreshTokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/RefreshTokenValidator.java index 2e0aa692..a9ba1dfc 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/RefreshTokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/RefreshTokenValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/TokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/TokenValidator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/TokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/TokenValidator.java index f205a1f3..feea7b46 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/TokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/TokenValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedAuthorizationCodeValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedAuthorizationCodeValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedAuthorizationCodeValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedAuthorizationCodeValidator.java index 98b242eb..6882972b 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedAuthorizationCodeValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedAuthorizationCodeValidator.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.validators.AbstractValidator; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedPasswordValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedPasswordValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedPasswordValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedPasswordValidator.java index b0e83d36..d8017366 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedPasswordValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedPasswordValidator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedRefreshTokenValidator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedRefreshTokenValidator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedRefreshTokenValidator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedRefreshTokenValidator.java index dc031a8a..ceb65818 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/validator/UnauthenticatedRefreshTokenValidator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/validator/UnauthenticatedRefreshTokenValidator.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.validators.AbstractValidator; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/MD5Generator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/MD5Generator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/MD5Generator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/MD5Generator.java index 172461c9..28688ceb 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/MD5Generator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/MD5Generator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.issuer; +package org.apache.oltu.oauth2.issuer; import java.security.MessageDigest; import java.util.UUID; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuer.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuer.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuer.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuer.java index 2bfdec1f..af00e80d 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuer.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuer.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.issuer; +package org.apache.oltu.oauth2.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuerImpl.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuerImpl.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuerImpl.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuerImpl.java index b16625ce..54bf00c4 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/OAuthIssuerImpl.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuerImpl.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.issuer; +package org.apache.oltu.oauth2.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/UUIDValueGenerator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/UUIDValueGenerator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/UUIDValueGenerator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/UUIDValueGenerator.java index b6376697..965cc6e5 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/UUIDValueGenerator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/UUIDValueGenerator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.issuer; +package org.apache.oltu.oauth2.issuer; import java.util.UUID; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/ValueGenerator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/ValueGenerator.java similarity index 95% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/ValueGenerator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/ValueGenerator.java index d98df816..33cb6f0a 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/openidconnect/as/issuer/ValueGenerator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/ValueGenerator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.issuer; +package org.apache.oltu.oauth2.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/MD5GeneratorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java similarity index 89% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/MD5GeneratorTest.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java index c16ab308..2317ee6f 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/MD5GeneratorTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java @@ -19,12 +19,12 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as; +package org.apache.oltu.oauth2.as; import junit.framework.Assert; -import org.apache.oltu.openidconnect.as.issuer.MD5Generator; -import org.apache.oltu.openidconnect.as.issuer.ValueGenerator; +import org.apache.oltu.oauth2.issuer.MD5Generator; +import org.apache.oltu.oauth2.issuer.ValueGenerator; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.junit.Test; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthIssuerImplTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java similarity index 86% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthIssuerImplTest.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java index d8fce74b..4108cb89 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthIssuerImplTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java @@ -19,14 +19,14 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as; +package org.apache.oltu.oauth2.as; import junit.framework.Assert; -import org.apache.oltu.openidconnect.as.issuer.OAuthIssuerImpl; +import org.apache.oltu.oauth2.issuer.OAuthIssuerImpl; import org.junit.Test; -import org.apache.oltu.openidconnect.as.issuer.MD5Generator; -import org.apache.oltu.openidconnect.as.issuer.OAuthIssuer; +import org.apache.oltu.oauth2.issuer.MD5Generator; +import org.apache.oltu.oauth2.issuer.OAuthIssuer; /** * diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthRequestTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java similarity index 98% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthRequestTest.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java index 55ebbe93..27327b12 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthRequestTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthRequestTest.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as; +package org.apache.oltu.oauth2.as; import java.util.Set; @@ -27,9 +27,9 @@ import junit.framework.Assert; import org.apache.commons.codec.binary.Base64; -import org.apache.oltu.openidconnect.as.request.OAuthAuthzRequest; -import org.apache.oltu.openidconnect.as.request.OAuthRequest; -import org.apache.oltu.openidconnect.as.request.OAuthTokenRequest; +import org.apache.oltu.oauth2.as.request.OAuthRequest; +import org.apache.oltu.oauth2.as.request.OAuthTokenRequest; +import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.error.OAuthError; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthUnauthenticatedRequestTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java similarity index 99% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthUnauthenticatedRequestTest.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java index 5211d05f..bc6751ca 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OAuthUnauthenticatedRequestTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthUnauthenticatedRequestTest.java @@ -15,11 +15,11 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as; +package org.apache.oltu.oauth2.as; import javax.servlet.http.HttpServletRequest; -import org.apache.oltu.openidconnect.as.request.OAuthUnauthenticatedTokenRequest; +import org.apache.oltu.oauth2.as.request.OAuthUnauthenticatedTokenRequest; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.error.OAuthError; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OauthMockRequestBuilder.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java similarity index 98% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OauthMockRequestBuilder.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java index a7e476c9..f3855972 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/OauthMockRequestBuilder.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OauthMockRequestBuilder.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as; +package org.apache.oltu.oauth2.as; import javax.servlet.http.HttpServletRequest; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/UUIDValueGeneratorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java similarity index 92% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/UUIDValueGeneratorTest.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java index 0afba2a6..9b7c4bce 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/UUIDValueGeneratorTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java @@ -19,9 +19,9 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as; +package org.apache.oltu.oauth2.as; -import org.apache.oltu.openidconnect.as.issuer.UUIDValueGenerator; +import org.apache.oltu.oauth2.issuer.UUIDValueGenerator; import org.junit.Assert; import org.junit.Test; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/response/OAuthASResponseTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java similarity index 99% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/response/OAuthASResponseTest.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java index 6ec0bc65..899c4b56 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/response/OAuthASResponseTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/response/OAuthASResponseTest.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.response; +package org.apache.oltu.oauth2.as.response; import static org.easymock.EasyMock.createMock; import static org.easymock.EasyMock.expect; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/validator/TokenValidatorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java similarity index 98% rename from oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/validator/TokenValidatorTest.java rename to oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java index cdfd3d74..e22dc3de 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/openidconnect/as/validator/TokenValidatorTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/validator/TokenValidatorTest.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.openidconnect.as.validator; +package org.apache.oltu.oauth2.as.validator; import javax.servlet.http.HttpServletRequest; diff --git a/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java index 2f772756..ec157f03 100644 --- a/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java +++ b/openid-connect/authzserver/src/main/java/org/apache/oltu/openidconnect/as/request/OpenIdConnectAuthzRequest.java @@ -25,6 +25,7 @@ import java.util.Collection; import javax.servlet.http.HttpServletRequest; +import org.apache.oltu.oauth2.as.request.OAuthRequest; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; @@ -32,8 +33,8 @@ import org.apache.oltu.oauth2.common.utils.OAuthUtils; import org.apache.oltu.oauth2.common.validators.OAuthValidator; import org.apache.oltu.oauth2.common.validators.OAuthValidatorMixer; -import org.apache.oltu.openidconnect.as.validator.CodeValidator; -import org.apache.oltu.openidconnect.as.validator.TokenValidator; +import org.apache.oltu.oauth2.as.validator.CodeValidator; +import org.apache.oltu.oauth2.as.validator.TokenValidator; import org.apache.oltu.openidconnect.common.OpenIdConnect; /** From 46d6ab01e40295d28bb773cb8efb937709c82a9c Mon Sep 17 00:00:00 2001 From: "Diaz, Sebastien" Date: Tue, 8 Sep 2015 17:48:23 +0200 Subject: [PATCH 4/5] Add request abd response for OpenIdConnectAuthorization --- .../apache/oltu/oauth2/{ => as}/issuer/MD5Generator.java | 2 +- .../org/apache/oltu/oauth2/{ => as}/issuer/OAuthIssuer.java | 2 +- .../apache/oltu/oauth2/{ => as}/issuer/OAuthIssuerImpl.java | 2 +- .../oltu/oauth2/{ => as}/issuer/UUIDValueGenerator.java | 2 +- .../apache/oltu/oauth2/{ => as}/issuer/ValueGenerator.java | 2 +- .../java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java | 4 ++-- .../java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java | 6 +++--- .../org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java | 2 +- 8 files changed, 11 insertions(+), 11 deletions(-) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/{ => as}/issuer/MD5Generator.java (98%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/{ => as}/issuer/OAuthIssuer.java (96%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/{ => as}/issuer/OAuthIssuerImpl.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/{ => as}/issuer/UUIDValueGenerator.java (97%) rename oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/{ => as}/issuer/ValueGenerator.java (96%) diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/MD5Generator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/MD5Generator.java similarity index 98% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/MD5Generator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/MD5Generator.java index 28688ceb..fe5871f3 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/MD5Generator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/MD5Generator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.issuer; +package org.apache.oltu.oauth2.as.issuer; import java.security.MessageDigest; import java.util.UUID; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuer.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuer.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuer.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuer.java index af00e80d..d4b0d018 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuer.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuer.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.issuer; +package org.apache.oltu.oauth2.as.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuerImpl.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuerImpl.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuerImpl.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuerImpl.java index 54bf00c4..7ee95460 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/OAuthIssuerImpl.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/OAuthIssuerImpl.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.issuer; +package org.apache.oltu.oauth2.as.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/UUIDValueGenerator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/UUIDValueGenerator.java similarity index 97% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/UUIDValueGenerator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/UUIDValueGenerator.java index 965cc6e5..1fcdf1f0 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/UUIDValueGenerator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/UUIDValueGenerator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.issuer; +package org.apache.oltu.oauth2.as.issuer; import java.util.UUID; diff --git a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/ValueGenerator.java b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/ValueGenerator.java similarity index 96% rename from oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/ValueGenerator.java rename to oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/ValueGenerator.java index 33cb6f0a..24a84058 100644 --- a/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/issuer/ValueGenerator.java +++ b/oauth-2.0/authzserver/src/main/java/org/apache/oltu/oauth2/as/issuer/ValueGenerator.java @@ -19,7 +19,7 @@ * limitations under the License. */ -package org.apache.oltu.oauth2.issuer; +package org.apache.oltu.oauth2.as.issuer; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java index 2317ee6f..4c485e64 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/MD5GeneratorTest.java @@ -23,8 +23,8 @@ import junit.framework.Assert; -import org.apache.oltu.oauth2.issuer.MD5Generator; -import org.apache.oltu.oauth2.issuer.ValueGenerator; +import org.apache.oltu.oauth2.as.issuer.MD5Generator; +import org.apache.oltu.oauth2.as.issuer.ValueGenerator; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.junit.Test; diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java index 4108cb89..4a532769 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/OAuthIssuerImplTest.java @@ -23,10 +23,10 @@ import junit.framework.Assert; -import org.apache.oltu.oauth2.issuer.OAuthIssuerImpl; +import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl; import org.junit.Test; -import org.apache.oltu.oauth2.issuer.MD5Generator; -import org.apache.oltu.oauth2.issuer.OAuthIssuer; +import org.apache.oltu.oauth2.as.issuer.MD5Generator; +import org.apache.oltu.oauth2.as.issuer.OAuthIssuer; /** * diff --git a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java index 9b7c4bce..a6b1a599 100644 --- a/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java +++ b/oauth-2.0/authzserver/src/test/java/org/apache/oltu/oauth2/as/UUIDValueGeneratorTest.java @@ -21,7 +21,7 @@ package org.apache.oltu.oauth2.as; -import org.apache.oltu.oauth2.issuer.UUIDValueGenerator; +import org.apache.oltu.oauth2.as.issuer.UUIDValueGenerator; import org.junit.Assert; import org.junit.Test; From 293a635ebfc17fa9139389cd7933c07ea2e417e5 Mon Sep 17 00:00:00 2001 From: "Diaz, Sebastien" Date: Tue, 8 Sep 2015 17:51:32 +0200 Subject: [PATCH 5/5] clean idea --- .idea/libraries/Maven__junit_junit_4_11.xml | 13 ---- .../Maven__org_hamcrest_hamcrest_core_1_3.xml | 13 ---- ....apache.oltu.openidconnect.authzserver.iml | 66 ------------------- 3 files changed, 92 deletions(-) delete mode 100644 .idea/libraries/Maven__junit_junit_4_11.xml delete mode 100644 .idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml delete mode 100644 openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml diff --git a/.idea/libraries/Maven__junit_junit_4_11.xml b/.idea/libraries/Maven__junit_junit_4_11.xml deleted file mode 100644 index f33320d8..00000000 --- a/.idea/libraries/Maven__junit_junit_4_11.xml +++ /dev/null @@ -1,13 +0,0 @@ - - - - - - - - - - - - - \ No newline at end of file diff --git a/.idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml b/.idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml deleted file mode 100644 index f58bbc11..00000000 --- a/.idea/libraries/Maven__org_hamcrest_hamcrest_core_1_3.xml +++ /dev/null @@ -1,13 +0,0 @@ - - - - - - - - - - - - - \ No newline at end of file diff --git a/openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml b/openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml deleted file mode 100644 index 22243ae1..00000000 --- a/openid-connect/authzserver/org.apache.oltu.openidconnect.authzserver.iml +++ /dev/null @@ -1,66 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file