This is an automated email from the ASF dual-hosted git repository.
martin_s pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/archiva-redback-core.git
The following commit(s) were added to refs/heads/master by this push:
new 25f4760 Testing token refresh
25f4760 is described below
commit 25f4760b1df3c9f1ff40bbf180be90b5aa128d3a
Author: Martin Stockhammer <[email protected]>
AuthorDate: Tue Jul 14 20:11:08 2020 +0200
Testing token refresh
---
.../archiva/redback/rest/api/model/GrantType.java | 49 ++++++++++++++++++++++
...{RefreshTokenRequest.java => TokenRequest.java} | 26 +++++++-----
.../api/services/v2/AuthenticationService.java | 14 ++-----
.../services/v2/DefaultAuthenticationService.java | 7 ++--
.../v2/NativeAuthenticationServiceTest.java | 32 +++++++++++++-
5 files changed, 104 insertions(+), 24 deletions(-)
diff --git
a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/GrantType.java
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/GrantType.java
new file mode 100644
index 0000000..c9058d1
--- /dev/null
+++
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/GrantType.java
@@ -0,0 +1,49 @@
+package org.apache.archiva.redback.rest.api.model;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import javax.xml.bind.annotation.XmlEnumValue;
+
+public enum GrantType
+{
+ @XmlEnumValue( "refresh_token" )
+ REFRESH_TOKEN("refresh_token"),
+ @XmlEnumValue( "authorization_code" )
+ AUTHORIZATION_CODE("authorization_code");
+
+ private String label;
+
+ GrantType(String label) {
+ this.label = label;
+ }
+
+ public String getLabel() {
+ return this.label;
+ }
+
+ public static GrantType byLabel(String label) {
+ for (GrantType value : values()) {
+ if (value.equals( label )) {
+ return value;
+ }
+ }
+ throw new IllegalArgumentException( "Label does not exist " + label );
+ }
+}
diff --git
a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/RefreshTokenRequest.java
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/TokenRequest.java
similarity index 65%
rename from
redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/RefreshTokenRequest.java
rename to
redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/TokenRequest.java
index a0302c8..7cd327c 100644
---
a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/RefreshTokenRequest.java
+++
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/TokenRequest.java
@@ -18,42 +18,47 @@ package org.apache.archiva.redback.rest.api.model;
* under the License.
*/
+import io.swagger.v3.oas.annotations.media.Schema;
+
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* @author Martin Stockhammer <[email protected]>
*/
-@XmlRootElement(name="refreshToken")
-public class RefreshTokenRequest
+@XmlRootElement( name = "refreshToken" )
+@Schema( name = "TokenRequest", description = "Information for requesting
tokens" )
+public class TokenRequest
{
- String grantType;
+ GrantType grantType;
String refreshToken;
String scope;
- public RefreshTokenRequest( )
+ public TokenRequest( )
{
}
- public RefreshTokenRequest( String grantType, String refreshToken, String
scope )
+ public TokenRequest( GrantType grantType, String refreshToken, String
scope )
{
this.grantType = grantType;
this.refreshToken = refreshToken;
this.scope = scope;
}
- @XmlElement(name = "grant_type")
- public String getGrantType( )
+ @XmlElement( name = "grant_type", required = true)
+ @Schema(description = "The grant type for requesting the token.
'refresh_token' for token refresh")
+ public GrantType getGrantType( )
{
return grantType;
}
- public void setGrantType( String grantType )
+ public void setGrantType( GrantType grantType )
{
this.grantType = grantType;
}
- @XmlElement(name="refresh_token")
+ @XmlElement( name = "refresh_token", required = true)
+ @Schema(description = "The refresh token that is validated before
generating the new access token")
public String getRefreshToken( )
{
return refreshToken;
@@ -64,7 +69,8 @@ public class RefreshTokenRequest
this.refreshToken = refreshToken;
}
- @XmlElement(name="scope")
+ @XmlElement( name = "scope")
+ @Schema(description = "The scope for the new access token.")
public String getScope( )
{
return scope;
diff --git
a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
index f9af1ed..5d1dcf6 100644
---
a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
+++
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
@@ -20,19 +20,14 @@ package org.apache.archiva.redback.rest.api.services.v2;
*/
import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.security.SecurityScheme;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.apache.archiva.redback.authorization.RedbackAuthorization;
-import org.apache.archiva.redback.rest.api.model.ActionStatus;
-import org.apache.archiva.redback.rest.api.model.LoginRequest;
import org.apache.archiva.redback.rest.api.model.PingResult;
-import org.apache.archiva.redback.rest.api.model.RefreshTokenRequest;
+import org.apache.archiva.redback.rest.api.model.TokenRequest;
import org.apache.archiva.redback.rest.api.model.RequestTokenRequest;
-import org.apache.archiva.redback.rest.api.model.Token;
import org.apache.archiva.redback.rest.api.model.TokenResponse;
import org.apache.archiva.redback.rest.api.model.User;
import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
@@ -41,7 +36,6 @@ import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
/**
@@ -92,16 +86,16 @@ public interface AuthenticationService
* Renew the bearer token. The request must send a bearer token in the
HTTP header
*
*/
- @Path( "refresh" )
+ @Path( "token" )
@POST
@RedbackAuthorization( noRestriction = false, noPermission = true )
@Produces( { MediaType.APPLICATION_JSON } )
- @Operation( summary = "Creates a new bearer token. The requester must
present a still valid bearer token in the HTTP header.",
+ @Operation( summary = "Creates a new access token based on the given
payload.",
responses = {
@ApiResponse( description = "The new bearer token," )
}
)
- TokenResponse refreshToken( RefreshTokenRequest refreshTokenRequest )
+ TokenResponse token( TokenRequest tokenRequest )
throws RedbackServiceException;
diff --git
a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
index 89fadd5..b52f39d 100644
---
a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
+++
b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
@@ -32,7 +32,7 @@ import
org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.rest.api.model.ErrorMessage;
import org.apache.archiva.redback.rest.api.model.PingResult;
-import org.apache.archiva.redback.rest.api.model.RefreshTokenRequest;
+import org.apache.archiva.redback.rest.api.model.TokenRequest;
import org.apache.archiva.redback.rest.api.model.RequestTokenRequest;
import org.apache.archiva.redback.rest.api.model.TokenResponse;
import org.apache.archiva.redback.rest.api.model.User;
@@ -193,9 +193,10 @@ public class DefaultAuthenticationService
}
@Override
- public TokenResponse refreshToken( RefreshTokenRequest request ) throws
RedbackServiceException
+ public TokenResponse token( TokenRequest request ) throws
RedbackServiceException
{
- if (!"refresh_token".equals(request.getGrantType().toLowerCase())) {
+ if (!"refresh_token".equals(request.getGrantType().getLabel())) {
+ log.debug( "Bad grant type {}, expected: refresh_token",
request.getGrantType( ).name( ).toLowerCase( ) );
throw new RedbackServiceException( "redback:bad_grant",
Response.Status.FORBIDDEN.getStatusCode( ) );
}
try
diff --git
a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeAuthenticationServiceTest.java
b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeAuthenticationServiceTest.java
index 3fd9730..1022a5e 100644
---
a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeAuthenticationServiceTest.java
+++
b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeAuthenticationServiceTest.java
@@ -91,7 +91,7 @@ public class NativeAuthenticationServiceTest extends
AbstractNativeRestServices
}
@Test
- void authenticatedPing() {
+ void authenticatedPingWithoutToken() {
Response result = given( ).spec( getRequestSpec() )
.contentType( JSON )
.when( ).get( "/ping/authenticated" ).then( ).statusCode( 401 )
@@ -146,4 +146,34 @@ public class NativeAuthenticationServiceTest extends
AbstractNativeRestServices
.extract( ).response( );
}
+
+ @Test
+ void refreshToken() {
+ Map<String, Object> jsonAsMap = new HashMap<>();
+ jsonAsMap.put( "grant_type", "authorization_code" );
+ jsonAsMap.put("user_id", getAdminUser());
+ jsonAsMap.put("password", getAdminPwd() );
+ Response result = given( ).spec( getRequestSpec( ) )
+ .contentType( JSON )
+ .body( jsonAsMap )
+ .when( ).post( "/authenticate").then( ).statusCode( 200 )
+ .extract( ).response( );
+ String refreshToken = result.body( ).jsonPath( ).getString(
"refresh_token" );
+ assertNotNull( refreshToken );
+ String accessToken = result.body( ).jsonPath( ).getString(
"access_token" );
+
+
+ jsonAsMap = new HashMap<>( );
+ jsonAsMap.put( "grant_type", "refresh_token" );
+ jsonAsMap.put( "refresh_token", refreshToken );
+ result = given( ).spec( getRequestSpec( accessToken) )
+ .contentType( JSON )
+ .body(jsonAsMap)
+ .when( ).post( "/token" ).then( ).statusCode( 200 )
+ .extract( ).response( );
+ assertNotNull( result );
+ assertNotNull( result.body( ).jsonPath( ).getString( "access_token" )
);
+ assertNotNull( result.body( ).jsonPath( ).getString( "refresh_token" )
);
+ }
+
}
