Repository: cxf Updated Branches: refs/heads/master 55976e149 -> c01c68ddd
Prototyping a test for persisting OidcUserSubject Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c01c68dd Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c01c68dd Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c01c68dd Branch: refs/heads/master Commit: c01c68ddda10ec6db492b86d818498bec0bf4228 Parents: 55976e1 Author: Sergey Beryozkin <[email protected]> Authored: Fri Apr 8 13:01:15 2016 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Fri Apr 8 13:01:15 2016 +0100 ---------------------------------------------------------------------- rt/rs/security/sso/oidc/pom.xml | 38 ++++++ .../oidc/idp/JPAOidcUserSubjectTest.java | 132 +++++++++++++++++++ .../src/test/resources/META-INF/persistence.xml | 40 ++++++ 3 files changed, 210 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/c01c68dd/rt/rs/security/sso/oidc/pom.xml ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/pom.xml b/rt/rs/security/sso/oidc/pom.xml index b71867d..860f8ab 100644 --- a/rt/rs/security/sso/oidc/pom.xml +++ b/rt/rs/security/sso/oidc/pom.xml @@ -30,6 +30,10 @@ <version>3.2.0-SNAPSHOT</version> <relativePath>../../../../../parent/pom.xml</relativePath> </parent> + <properties> + <hibernate.em.version>4.1.0.Final</hibernate.em.version> + <hsqldb.version>1.8.0.10</hsqldb.version> + </properties> <dependencies> <dependency> <groupId>org.apache.cxf</groupId> @@ -41,6 +45,40 @@ <artifactId>cxf-rt-rs-security-jose-jaxrs</artifactId> <version>${project.version}</version> </dependency> + <dependency> + <groupId>org.apache.geronimo.specs</groupId> + <artifactId>geronimo-jpa_2.0_spec</artifactId> + <version>${cxf.geronimo.jpa.version}</version> + <scope>provided</scope> + <optional>true</optional> + </dependency> + <dependency> + <groupId>org.hibernate</groupId> + <artifactId>hibernate-entitymanager</artifactId> + <version>${hibernate.em.version}</version> + <scope>test</scope> + <!-- Conflicts with Apache Tika dependencies --> + <exclusions> + <exclusion> + <groupId>xml-apis</groupId> + <artifactId>xml-apis</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>hsqldb</groupId> + <artifactId>hsqldb</artifactId> + <version>${hsqldb.version}</version> + <scope>test</scope> + </dependency> + <!-- + <dependency> + <groupId>org.apache.openjpa</groupId> + <artifactId>openjpa</artifactId> + <version>2.2.0</version> + <scope>test</scope> + </dependency> + --> <!--test dependencies--> <dependency> <groupId>junit</groupId> http://git-wip-us.apache.org/repos/asf/cxf/blob/c01c68dd/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java new file mode 100644 index 0000000..b2509dc --- /dev/null +++ b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java @@ -0,0 +1,132 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.oidc.idp; + +import java.sql.Connection; +import java.sql.DriverManager; +import java.util.Collections; + +import javax.persistence.EntityManager; +import javax.persistence.EntityManagerFactory; +import javax.persistence.Persistence; + +import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration; +import org.apache.cxf.rs.security.oauth2.common.Client; +import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken; +import org.apache.cxf.rs.security.oauth2.common.UserSubject; +import org.apache.cxf.rs.security.oauth2.provider.JPAOAuthDataProvider; +import org.apache.cxf.rs.security.oidc.common.IdToken; + +import org.junit.After; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +public class JPAOidcUserSubjectTest extends Assert { + private EntityManagerFactory emFactory; + private Connection connection; + private JPAOAuthDataProvider provider; + @Before + public void setUp() throws Exception { + try { + Class.forName("org.hsqldb.jdbcDriver"); + connection = DriverManager.getConnection("jdbc:hsqldb:mem:oauth-jpa", "sa", ""); + } catch (Exception ex) { + ex.printStackTrace(); + fail("Exception during HSQL database init."); + } + try { + emFactory = Persistence.createEntityManagerFactory("testUnitHibernate"); + EntityManager em = emFactory.createEntityManager(); + provider = new JPAOAuthDataProvider(); + provider.setEntityManager(em); + provider.setSupportedScopes(Collections.singletonMap("a", "A Scope")); + provider.setSupportedScopes(Collections.singletonMap("refreshToken", "RefreshToken")); + } catch (Exception ex) { + ex.printStackTrace(); + fail("Exception during JPA EntityManager creation."); + } + } + + + @Test + public void testAddGetDeleteAccessTokenWithOidcUserSubject() { + Client c = addClient("101", "bob"); + + AccessTokenRegistration atr = new AccessTokenRegistration(); + atr.setClient(c); + atr.setApprovedScope(Collections.singletonList("a")); + + OidcUserSubject oidcSubject = new OidcUserSubject(); + oidcSubject.setLogin("bob"); + IdToken idToken = new IdToken(); + idToken.setAudience(c.getClientId()); + oidcSubject.setIdToken(idToken); + atr.setSubject(oidcSubject); + + ServerAccessToken at = provider.createAccessToken(atr); + ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey()); + assertEquals(at.getTokenKey(), at2.getTokenKey()); + + OidcUserSubject oidcSubject2 = (OidcUserSubject)at2.getSubject(); + assertEquals(c.getClientId(), oidcSubject2.getIdToken().getAudience()); + + OidcUserSubject oidcSubject3 = new OidcUserSubject(); + oidcSubject3.setLogin("bob"); + IdToken idToken2 = new IdToken(); + idToken2.setAudience(c.getClientId()); + oidcSubject3.setIdToken(idToken2); + atr.setSubject(oidcSubject3); + + ServerAccessToken at3 = provider.createAccessToken(atr); + ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey()); + OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject(); + assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience()); + } + + private Client addClient(String clientId, String userLogin) { + Client c = new Client(); + c.setRedirectUris(Collections.singletonList("http://client/redirect";)); + c.setClientId(clientId); + c.setResourceOwnerSubject(new UserSubject(userLogin)); + provider.setClient(c); + return c; + } + + @After + public void tearDown() throws Exception { + try { + if (provider != null) { + provider.close(); + } + if (emFactory != null) { + emFactory.close(); + } + } catch (Throwable ex) { + ex.printStackTrace(); + } finally { + try { + connection.createStatement().execute("SHUTDOWN"); + } catch (Throwable ex) { + ex.printStackTrace(); + } + } + } + +} http://git-wip-us.apache.org/repos/asf/cxf/blob/c01c68dd/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml new file mode 100644 index 0000000..7d6193b --- /dev/null +++ b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml @@ -0,0 +1,40 @@ +<persistence xmlns="http://java.sun.com/xml/ns/persistence"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"; + version="2.0"> + <persistence-unit name="testUnitHibernate" transaction-type="RESOURCE_LOCAL"> + <provider>org.hibernate.ejb.HibernatePersistence</provider> + <class>org.apache.cxf.rs.security.oauth2.common.Client</class> + <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class> + <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class> + <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class> + <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class> + <exclude-unlisted-classes>true</exclude-unlisted-classes> + <properties> + <property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/> + <property name="hibernate.connection.driver_class" value="org.hsqldb.jdbcDriver"/> + <property name="hibernate.dialect" value="org.hibernate.dialect.HSQLDialect"/> + <property name="hibernate.hbm2ddl.auto" value="create-drop"/> + <property name="hibernate.connection.username" value="sa"/> + <property name="hibernate.connection.password" value=""/> + <property name="javax.persistence.validation.mode" value="none"/> + </properties> + </persistence-unit> + <persistence-unit name="testUnitOpenJPA" transaction-type="RESOURCE_LOCAL"> + <provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider> + <class>org.apache.cxf.rs.security.oauth2.common.Client</class> + <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class> + <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class> + <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class> + <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class> + <exclude-unlisted-classes>true</exclude-unlisted-classes> + <properties> + <property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/> + <property name="openjpa.ConnectionDriverName" value="org.hsqldb.jdbcDriver"/> + <property name="openjpa.jdbc.DBDictionary" value="hsql" /> + <property name="openjpa.ConnectionUserName" value="sa"/> + <property name="openjpa.ConnectionPassword" value=""/> + <property name="openjpa.jdbc.SynchronizeMappings" value="buildSchema"/> + </properties> + </persistence-unit> +</persistence> \ No newline at end of file
