This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch 3.2.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf.git
commit fa7f87f85b11c917607fa41ffa56c9a172ffff32 Author: Colm O hEigeartaigh <cohei...@apache.org> AuthorDate: Thu Jul 19 10:47:44 2018 +0100 Abstract OauthDataProvider unit tests to share the test code (cherry picked from commit 31a4a552b7e4430c3ff544d0cb5a834756642653) --- ...est.java => AbstractOAuthDataProviderTest.java} | 39 +-- .../provider/JCacheOAuthDataProviderTest.java | 192 +-------------- .../oauth2/provider/JPAOAuthDataProviderTest.java | 272 +-------------------- 3 files changed, 17 insertions(+), 486 deletions(-) diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProviderTest.java similarity index 91% copy from rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java copy to rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProviderTest.java index b7a958e..ee002c1 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java +++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProviderTest.java @@ -22,9 +22,6 @@ import java.util.Arrays; import java.util.Collections; import java.util.List; -import javax.persistence.EntityManagerFactory; -import javax.persistence.Persistence; - import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration; import org.apache.cxf.rs.security.oauth2.common.Client; import org.apache.cxf.rs.security.oauth2.common.OAuthPermission; @@ -35,39 +32,24 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.junit.After; import org.junit.Assert; -import org.junit.Before; import org.junit.Test; -public class JPAOAuthDataProviderTest extends Assert { - protected EntityManagerFactory emFactory; - private JPAOAuthDataProvider provider; - - @Before - public void setUp() throws Exception { - try { - emFactory = Persistence.createEntityManagerFactory(getPersistenceUnitName()); - provider = new JPAOAuthDataProvider(); - provider.setEntityManagerFactory(emFactory); - initializeProvider(provider); - } catch (Exception ex) { - ex.printStackTrace(); - fail("Exception during JPA EntityManager creation."); - } - } +abstract class AbstractOAuthDataProviderTest extends Assert { + private AbstractOAuthDataProvider provider; - protected String getPersistenceUnitName() { - return "testUnitHibernate"; - } - - protected void initializeProvider(JPAOAuthDataProvider dataProvider) { + protected void initializeProvider(AbstractOAuthDataProvider dataProvider) { dataProvider.setSupportedScopes(Collections.singletonMap("a", "A Scope")); dataProvider.setSupportedScopes(Collections.singletonMap("refreshToken", "RefreshToken")); } - protected JPAOAuthDataProvider getProvider() { + protected AbstractOAuthDataProvider getProvider() { return provider; } + protected void setProvider(AbstractOAuthDataProvider provider) { + this.provider = provider; + } + @Test public void testAddGetDeleteClient() { Client c = addClient("12345", "alice"); @@ -310,12 +292,9 @@ public class JPAOAuthDataProviderTest extends Assert { public void tearDown() throws Exception { try { tearDownClients(); - if (provider != null) { + if (getProvider() != null) { getProvider().close(); } - if (emFactory != null) { - emFactory.close(); - } } catch (Throwable ex) { ex.printStackTrace(); } finally { diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProviderTest.java index cdae693..a63d12f 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProviderTest.java +++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProviderTest.java @@ -18,199 +18,15 @@ */ package org.apache.cxf.rs.security.oauth2.provider; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; - -import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration; -import org.apache.cxf.rs.security.oauth2.common.Client; -import org.apache.cxf.rs.security.oauth2.common.OAuthPermission; -import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken; -import org.apache.cxf.rs.security.oauth2.common.UserSubject; -import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken; -import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; - -import org.junit.After; -import org.junit.Assert; import org.junit.Before; -import org.junit.Test; -public class JCacheOAuthDataProviderTest extends Assert { - private JCacheOAuthDataProvider provider; +public class JCacheOAuthDataProviderTest extends AbstractOAuthDataProviderTest { @Before public void setUp() throws Exception { - provider = new JCacheOAuthDataProvider(); - provider.setSupportedScopes(Collections.singletonMap("a", "A Scope")); - provider.setSupportedScopes(Collections.singletonMap("refreshToken", "RefreshToken")); - } - - @Test - public void testAddGetDeleteClient() { - Client c = addClient("12345", "alice"); - Client c2 = provider.getClient(c.getClientId()); - compareClients(c, c2); - - c2.setClientSecret("567"); - provider.setClient(c2); - Client c22 = provider.getClient(c.getClientId()); - compareClients(c2, c22); - - provider.removeClient(c.getClientId()); - Client c3 = provider.getClient(c.getClientId()); - assertNull(c3); - } - - @Test - public void testAddGetDeleteClients() { - Client c = addClient("12345", "alice"); - Client c2 = addClient("56789", "alice"); - Client c3 = addClient("09876", "bob"); - - List<Client> aliceClients = provider.getClients(new UserSubject("alice")); - assertNotNull(aliceClients); - assertEquals(2, aliceClients.size()); - compareClients(c, aliceClients.get(0).getClientId().equals("12345") - ? aliceClients.get(0) : aliceClients.get(1)); - compareClients(c2, aliceClients.get(0).getClientId().equals("56789") - ? aliceClients.get(0) : aliceClients.get(1)); - - List<Client> bobClients = provider.getClients(new UserSubject("bob")); - assertNotNull(bobClients); - assertEquals(1, bobClients.size()); - Client bobClient = bobClients.get(0); - compareClients(c3, bobClient); - - List<Client> allClients = provider.getClients(null); - assertNotNull(allClients); - assertEquals(3, allClients.size()); - provider.removeClient(c.getClientId()); - provider.removeClient(c2.getClientId()); - provider.removeClient(c3.getClientId()); - allClients = provider.getClients(null); - assertNotNull(allClients); - assertEquals(0, allClients.size()); - } - - @Test - public void testAddGetDeleteAccessToken() { - Client c = addClient("101", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Collections.singletonList("a")); - atr.setSubject(c.getResourceOwnerSubject()); - - ServerAccessToken at = provider.createAccessToken(atr); - ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey()); - assertEquals(at.getTokenKey(), at2.getTokenKey()); - List<OAuthPermission> scopes = at2.getScopes(); - assertNotNull(scopes); - assertEquals(1, scopes.size()); - OAuthPermission perm = scopes.get(0); - assertEquals("a", perm.getPermission()); - - List<ServerAccessToken> tokens = provider.getAccessTokens(c, c.getResourceOwnerSubject()); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - tokens = provider.getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - tokens = provider.getAccessTokens(null, c.getResourceOwnerSubject()); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - tokens = provider.getAccessTokens(null, null); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - provider.revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN); - assertNull(provider.getAccessToken(at.getTokenKey())); - } - - @Test - public void testAddGetDeleteAccessToken2() { - Client c = addClient("102", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Collections.singletonList("a")); - atr.setSubject(c.getResourceOwnerSubject()); - - provider.createAccessToken(atr); - List<ServerAccessToken> tokens = provider.getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - - provider.removeClient(c.getClientId()); - - tokens = provider.getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(0, tokens.size()); + JCacheOAuthDataProvider provider = new JCacheOAuthDataProvider(); + initializeProvider(provider); + setProvider(provider); } - @Test - public void testAddGetDeleteRefreshToken() { - Client c = addClient("101", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Arrays.asList("a", "refreshToken")); - atr.setSubject(c.getResourceOwnerSubject()); - - ServerAccessToken at = provider.createAccessToken(atr); - ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey()); - assertEquals(at.getTokenKey(), at2.getTokenKey()); - List<OAuthPermission> scopes = at2.getScopes(); - assertNotNull(scopes); - assertEquals(2, scopes.size()); - OAuthPermission perm = scopes.get(0); - assertEquals("a", perm.getPermission()); - OAuthPermission perm2 = scopes.get(1); - assertEquals("refreshToken", perm2.getPermission()); - - RefreshToken rt = provider.getRefreshToken(at2.getRefreshToken()); - assertNotNull(rt); - assertEquals(at2.getTokenKey(), rt.getAccessTokens().get(0)); - - List<RefreshToken> tokens = provider.getRefreshTokens(c, c.getResourceOwnerSubject()); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(rt.getTokenKey(), tokens.get(0).getTokenKey()); - - provider.revokeToken(c, rt.getTokenKey(), OAuthConstants.REFRESH_TOKEN); - - assertNull(provider.getRefreshToken(rt.getTokenKey())); - } - - private Client addClient(String clientId, String userLogin) { - Client c = new Client(); - c.setRedirectUris(Collections.singletonList("http://client/redirect")); - c.setClientId(clientId); - c.setClientSecret("123"); - c.setResourceOwnerSubject(new UserSubject(userLogin)); - provider.setClient(c); - return c; - } - private void compareClients(Client c, Client c2) { - assertNotNull(c2); - assertEquals(c.getClientId(), c2.getClientId()); - assertEquals(1, c.getRedirectUris().size()); - assertEquals(1, c2.getRedirectUris().size()); - assertEquals("http://client/redirect", c.getRedirectUris().get(0)); - assertEquals(c.getResourceOwnerSubject().getLogin(), c2.getResourceOwnerSubject().getLogin()); - } - - @After - public void tearDown() throws Exception { - if (provider != null) { - provider.close(); - } - } } diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java index b7a958e..2087987 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java +++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java @@ -18,37 +18,23 @@ */ package org.apache.cxf.rs.security.oauth2.provider; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; - import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration; -import org.apache.cxf.rs.security.oauth2.common.Client; -import org.apache.cxf.rs.security.oauth2.common.OAuthPermission; -import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken; -import org.apache.cxf.rs.security.oauth2.common.UserSubject; -import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken; -import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; - import org.junit.After; -import org.junit.Assert; import org.junit.Before; -import org.junit.Test; -public class JPAOAuthDataProviderTest extends Assert { +public class JPAOAuthDataProviderTest extends AbstractOAuthDataProviderTest { protected EntityManagerFactory emFactory; - private JPAOAuthDataProvider provider; @Before public void setUp() throws Exception { try { emFactory = Persistence.createEntityManagerFactory(getPersistenceUnitName()); - provider = new JPAOAuthDataProvider(); + JPAOAuthDataProvider provider = new JPAOAuthDataProvider(); provider.setEntityManagerFactory(emFactory); initializeProvider(provider); + setProvider(provider); } catch (Exception ex) { ex.printStackTrace(); fail("Exception during JPA EntityManager creation."); @@ -59,260 +45,10 @@ public class JPAOAuthDataProviderTest extends Assert { return "testUnitHibernate"; } - protected void initializeProvider(JPAOAuthDataProvider dataProvider) { - dataProvider.setSupportedScopes(Collections.singletonMap("a", "A Scope")); - dataProvider.setSupportedScopes(Collections.singletonMap("refreshToken", "RefreshToken")); - } - - protected JPAOAuthDataProvider getProvider() { - return provider; - } - - @Test - public void testAddGetDeleteClient() { - Client c = addClient("12345", "alice"); - Client c2 = getProvider().getClient(c.getClientId()); - compareClients(c, c2); - - c2.setClientSecret("567"); - getProvider().setClient(c2); - Client c22 = getProvider().getClient(c.getClientId()); - compareClients(c2, c22); - - getProvider().removeClient(c.getClientId()); - Client c3 = getProvider().getClient(c.getClientId()); - assertNull(c3); - } - - @Test - public void testAddGetDeleteClients() { - Client c = addClient("12345", "alice"); - Client c2 = addClient("56789", "alice"); - Client c3 = addClient("09876", "bob"); - - List<Client> aliceClients = getProvider().getClients(new UserSubject("alice")); - assertNotNull(aliceClients); - assertEquals(2, aliceClients.size()); - compareClients(c, aliceClients.get(0).getClientId().equals("12345") - ? aliceClients.get(0) : aliceClients.get(1)); - compareClients(c2, aliceClients.get(0).getClientId().equals("56789") - ? aliceClients.get(0) : aliceClients.get(1)); - - List<Client> bobClients = getProvider().getClients(new UserSubject("bob")); - assertNotNull(bobClients); - assertEquals(1, bobClients.size()); - Client bobClient = bobClients.get(0); - compareClients(c3, bobClient); - - List<Client> allClients = getProvider().getClients(null); - assertNotNull(allClients); - assertEquals(3, allClients.size()); - getProvider().removeClient(c.getClientId()); - getProvider().removeClient(c2.getClientId()); - getProvider().removeClient(c3.getClientId()); - allClients = getProvider().getClients(null); - assertNotNull(allClients); - assertEquals(0, allClients.size()); - } - - @Test - public void testAddGetDeleteAccessToken() { - Client c = addClient("101", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Collections.singletonList("a")); - atr.setSubject(c.getResourceOwnerSubject()); - - ServerAccessToken at = getProvider().createAccessToken(atr); - ServerAccessToken at2 = getProvider().getAccessToken(at.getTokenKey()); - assertEquals(at.getTokenKey(), at2.getTokenKey()); - List<OAuthPermission> scopes = at2.getScopes(); - assertNotNull(scopes); - assertEquals(1, scopes.size()); - OAuthPermission perm = scopes.get(0); - assertEquals("a", perm.getPermission()); - - List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, c.getResourceOwnerSubject()); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - tokens = getProvider().getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - tokens = getProvider().getAccessTokens(null, c.getResourceOwnerSubject()); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - tokens = getProvider().getAccessTokens(null, null); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(at.getTokenKey(), tokens.get(0).getTokenKey()); - - getProvider().revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN); - assertNull(getProvider().getAccessToken(at.getTokenKey())); - } - - @Test - public void testAddGetDeleteAccessToken2() { - Client c = addClient("102", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Collections.singletonList("a")); - atr.setSubject(c.getResourceOwnerSubject()); - - getProvider().createAccessToken(atr); - List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - - getProvider().removeClient(c.getClientId()); - - tokens = getProvider().getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(0, tokens.size()); - } - - @Test - public void testAddGetDeleteAccessTokenWithNullSubject() { - Client c = addClient("102", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Collections.singletonList("a")); - atr.setSubject(null); - - getProvider().createAccessToken(atr); - List<ServerAccessToken> tokens = getProvider().getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - - getProvider().removeClient(c.getClientId()); - - tokens = getProvider().getAccessTokens(c, null); - assertNotNull(tokens); - assertEquals(0, tokens.size()); - } - - /** - * Checks that having multiple token each with its own - * userSubject (but having same login) works. - */ - @Test - public void testAddGetDeleteMultipleAccessToken() { - Client c = addClient("101", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Collections.singletonList("a")); - atr.setSubject(c.getResourceOwnerSubject()); - ServerAccessToken at = getProvider().createAccessToken(atr); - at = getProvider().getAccessToken(at.getTokenKey()); - - AccessTokenRegistration atr2 = new AccessTokenRegistration(); - atr2.setClient(c); - atr2.setApprovedScope(Collections.singletonList("a")); - atr2.setSubject(new TestingUserSubject(c.getResourceOwnerSubject().getLogin())); - ServerAccessToken at2 = getProvider().createAccessToken(atr2); - at2 = getProvider().getAccessToken(at2.getTokenKey()); - - assertNotNull(at.getSubject().getId()); - assertTrue(at.getSubject() instanceof UserSubject); - assertNotNull(at2.getSubject().getId()); - assertTrue(at2.getSubject() instanceof TestingUserSubject); - assertEquals(at.getSubject().getLogin(), at2.getSubject().getLogin()); - assertNotEquals(at.getSubject().getId(), at2.getSubject().getId()); - } - - @Test - public void testAddGetDeleteRefreshToken() { - Client c = addClient("101", "bob"); - - AccessTokenRegistration atr = new AccessTokenRegistration(); - atr.setClient(c); - atr.setApprovedScope(Arrays.asList("a", "refreshToken")); - atr.setSubject(c.getResourceOwnerSubject()); - - ServerAccessToken at = getProvider().createAccessToken(atr); - ServerAccessToken at2 = getProvider().getAccessToken(at.getTokenKey()); - assertEquals(at.getTokenKey(), at2.getTokenKey()); - List<OAuthPermission> scopes = at2.getScopes(); - assertNotNull(scopes); - assertEquals(2, scopes.size()); - OAuthPermission perm = scopes.get(0); - assertEquals("a", perm.getPermission()); - OAuthPermission perm2 = scopes.get(1); - assertEquals("refreshToken", perm2.getPermission()); - - RefreshToken rt = getProvider().getRefreshToken(at2.getRefreshToken()); - assertNotNull(rt); - assertEquals(at2.getTokenKey(), rt.getAccessTokens().get(0)); - - List<RefreshToken> tokens = getProvider().getRefreshTokens(c, c.getResourceOwnerSubject()); - assertNotNull(tokens); - assertEquals(1, tokens.size()); - assertEquals(rt.getTokenKey(), tokens.get(0).getTokenKey()); - - getProvider().revokeToken(c, rt.getTokenKey(), OAuthConstants.REFRESH_TOKEN); - - assertNull(getProvider().getRefreshToken(rt.getTokenKey())); - } - - protected Client addClient(String clientId, String userLogin) { - Client c = new Client(); - c.setRedirectUris(Collections.singletonList("http://client/redirect")); - c.setClientId(clientId); - c.setClientSecret("123"); - c.setResourceOwnerSubject(new UserSubject(userLogin)); - getProvider().setClient(c); - return c; - } - private void compareClients(Client c, Client c2) { - assertNotNull(c2); - assertEquals(c.getClientId(), c2.getClientId()); - assertEquals(1, c.getRedirectUris().size()); - assertEquals(1, c2.getRedirectUris().size()); - assertEquals("http://client/redirect", c.getRedirectUris().get(0)); - assertEquals(c.getResourceOwnerSubject().getLogin(), c2.getResourceOwnerSubject().getLogin()); - } - - protected void tearDownClient(String clientId) { - if (getProvider() == null) { - return; - } - Client client = getProvider().getClient(clientId); - if (client != null) { - List<RefreshToken> refreshTokens = getProvider().getRefreshTokens(client, null); - for (RefreshToken refreshToken : refreshTokens) { - getProvider().revokeToken(client, refreshToken.getTokenKey(), refreshToken.getTokenType()); - } - List<ServerAccessToken> accessTokens = getProvider().getAccessTokens(client, null); - for (ServerAccessToken accessToken : accessTokens) { - getProvider().revokeToken(client, accessToken.getTokenKey(), accessToken.getTokenType()); - } - getProvider().removeClient(clientId); - } - } - - protected void tearDownClients() { - tearDownClient("101"); - tearDownClient("12345"); - tearDownClient("56789"); - tearDownClient("09876"); - } - @After public void tearDown() throws Exception { try { - tearDownClients(); - if (provider != null) { - getProvider().close(); - } + super.tearDown(); if (emFactory != null) { emFactory.close(); }