Skip to content

Commit

Permalink
Fix #22 exception on invalid oauth client
Browse files Browse the repository at this point in the history
  • Loading branch information
@micheljung
micheljung committed Mar 8, 2017
1 parent 21e53b1 commit 1bf883d
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 3 deletions.
15 changes: 12 additions & 3 deletions src/main/java/com/faforever/api/security/OAuthClientDetailsService.java
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,16 @@
package com.faforever.api.security;

import com.faforever.api.client.OAuthClient;
import com.faforever.api.client.OAuthClientRepository;
import com.faforever.api.config.FafApiProperties;
import com.faforever.api.config.FafApiProperties.Jwt;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationException;

import javax.inject.Inject;
import java.util.Optional;

public class OAuthClientDetailsService implements ClientDetailsService {

Expand All @@ -24,9 +27,15 @@ public OAuthClientDetailsService(OAuthClientRepository oAuthClientRepository, Fa
@Override
@Cacheable(CLIENTS_CACHE_NAME)
public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {
OAuthClientDetails clientDetails = new OAuthClientDetails(oAuthClientRepository.findOne(clientId));
clientDetails.setAccessTokenValiditySeconds(fafApiProperties.getJwt().getAccessTokenValiditySeconds());
clientDetails.setRefreshTokenValiditySeconds(fafApiProperties.getJwt().getRefreshTokenValiditySeconds());
OAuthClient oAuthClient = Optional.ofNullable(oAuthClientRepository.findOne(clientId))
.orElseThrow(() -> new ClientRegistrationException("Unknown client: " + clientId));

OAuthClientDetails clientDetails = new OAuthClientDetails(oAuthClient);

Jwt jwt = fafApiProperties.getJwt();
clientDetails.setAccessTokenValiditySeconds(jwt.getAccessTokenValiditySeconds());
clientDetails.setRefreshTokenValiditySeconds(jwt.getRefreshTokenValiditySeconds());

return clientDetails;
}
}
44 changes: 44 additions & 0 deletions src/test/java/com/faforever/api/security/OAuthClientDetailsServiceTest.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
package com.faforever.api.security;

import com.faforever.api.client.OAuthClient;
import com.faforever.api.client.OAuthClientRepository;
import com.faforever.api.config.FafApiProperties;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientRegistrationException;

import static org.hamcrest.CoreMatchers.notNullValue;
import static org.junit.Assert.assertThat;
import static org.mockito.Mockito.when;

@RunWith(MockitoJUnitRunner.class)
public class OAuthClientDetailsServiceTest {

private OAuthClientDetailsService instance;

@Mock
private OAuthClientRepository oAuthClientRepository;

@Before
public void setUp() throws Exception {
instance = new OAuthClientDetailsService(oAuthClientRepository, new FafApiProperties());
}

@Test
public void loadClientByClientId() throws Exception {
when(oAuthClientRepository.findOne("123")).thenReturn(new OAuthClient().setDefaultScope(""));

ClientDetails result = instance.loadClientByClientId("123");

assertThat(result, notNullValue());
}

@Test(expected = ClientRegistrationException.class)
public void loadClientByClientIdThrowsClientRegistrationExceptionIfNotExists() throws Exception {
instance.loadClientByClientId("123");
}
}

0 comments on commit 1bf883d

Please sign in to comment.