finish the class for testing the flow

yetu · Jul 6, 2015 · 1127417 · 1127417
1 parent 0b7c369
commit 1127417
Show file tree

Hide file tree

Showing 3 changed files with 89 additions and 179 deletions.
diff --git a/conf/application-example.conf b/conf/application-example.conf
@@ -4,7 +4,7 @@
 security {
   jsonWebToken {
     privateKeyFilename = "local/local_private_key.der"
-    publicKeyFilename = "local_public_key.der"
+    publicKeyFilename = "public/keys/local_public_key.der"
   }
 }
 

diff --git a/test/com/yetu/oauth2provider/integration/IntegrationAuthorizationFlowSpec.scala b/test/com/yetu/oauth2provider/integration/IntegrationAuthorizationFlowSpec.scala
@@ -9,230 +9,139 @@ import com.yetu.oauth2provider.oauth2.AuthorizationCodeFlow
 import com.yetu.oauth2provider.oauth2.OAuth2Protocol.ResponseTypes
 import com.yetu.oauth2provider.utils.Config
 import com.yetu.oauth2provider.utils.Config._
+import play.api.mvc.Result
 import play.api.test.FakeHeaders
 import play.api.test.Helpers._
 import org.scalatest.Matchers._
 
+import scala.concurrent.Future
+
 class IntegrationAuthorizationFlowSpec extends IntegrationBaseSpec with AuthorizationCodeFlow with DefaultTestVariables {
 
-  "Authorization Flow" must {
+  private def prepareClientAndUserAndAuthUrl(coreYetuClient: Boolean = true,
+    grantPermissions: Boolean = true) = {
 
-    "redirect to login page for authorize request if user is not logged in" in {
+    val queryScope = List(SCOPE_BASIC)
+    val redirectUris = testClient.redirectURIs
 
-      val queryScope = List(SCOPE_BASIC)
-      val redirectUris = testClient.redirectURIs
+    val (client, userParams) = prepareClientAndUser(
+      queryScope,
+      testClientId,
+      coreYetuClient,
+      clientRedirectUrls = redirectUris,
+      deleteSaveTestUser = true,
+      grantPermissions = grantPermissions)
 
-      val (client, userPassParameters) = prepareClientAndUser(
-        queryScope,
-        testClientId,
-        coreYetuClient = true,
-        clientRedirectUrls = redirectUris)
+    val authUrl = s"$authorizationUrl?scope=$queryScope" +
+      s"&client_id=${client.clientId}" +
+      s"&redirect_uri=${redirectUris.head}" +
+      s"&response_type=${ResponseTypes.CODE}" +
+      s"&state=$testStateParameter"
 
-      val fullAuthorizationUrl = s"$authorizationUrl?scope=$queryScope" +
-        s"&client_id=${client.clientId}" +
-        s"&redirect_uri=${redirectUris.head}" +
-        s"&response_type=${ResponseTypes.CODE}" +
-        s"&state=$testStateParameter"
+    (client, userParams, authUrl)
+  }
 
-      val fakeHeaders = FakeHeaders(Seq("Accept" -> Seq("text/html")))
+  private def doAuth(authUrl: String, userParams: Map[String, Seq[String]], requestPermissions: Boolean = false) = {
 
-      val responseAuthorization = getRequest(fullAuthorizationUrl, headers = fakeHeaders)
-      status(responseAuthorization) mustEqual SEE_OTHER
-      header("Location", responseAuthorization) mustEqual Some("http:///login")
-    }
+    val originalUrl = ("original-url", authUrl)
+    val cookieResponse = postRequest(
+      loginUrlWithUserPass,
+      userParams,
+      fakeHeaders = FakeHeaders(),
+      sessions = List(originalUrl))
 
-    "redirect to authorize if post correct credentials" in {
+    val cookie: Option[String] = header("Set-Cookie", cookieResponse)
+    val fakeHeaders = FakeHeaders(Seq("Cookie" -> Seq(cookie.get)))
 
-      val queryScope = List(SCOPE_BASIC)
-      val redirectUris = testClient.redirectURIs
+    val redirectUrl = new URL(testClient.redirectURIs.head)
+    val responseAuth = getRequest(authUrl, headers = fakeHeaders)
 
-      val (client, userPassParameters) = prepareClientAndUser(
-        queryScope,
-        testClientId,
-        coreYetuClient = true,
-        clientRedirectUrls = redirectUris)
+    if (requestPermissions) {
 
-      val fullAuthorizationUrl = s"$authorizationUrl?scope=$queryScope" +
-        s"&client_id=${client.clientId}" +
-        s"&redirect_uri=${redirectUris.head}" +
-        s"&response_type=${ResponseTypes.CODE}" +
-        s"&state=$testStateParameter"
+      val permissionData = Map[String, Seq[String]](
+        "scopes" -> Seq(List(SCOPE_BASIC).mkString(" ")),
+        "client_id" -> Seq(testClient.clientId),
+        "redirect_uri" -> Seq(testClient.redirectURIs.head),
+        "state" -> Seq(testStateParameter)
+      )
 
-      val originalUrl = ("original-url", fullAuthorizationUrl)
-      val cookieResponse = postRequest(loginUrlWithUserPass, userPassParameters, sessions = List(originalUrl))
+      val permissionPost = postRequest(permissionPostUrl, permissionData, fakeHeaders = fakeHeaders)
+      (permissionPost, redirectUrl)
 
-      status(cookieResponse) mustEqual SEE_OTHER
-      header("Location", cookieResponse) mustEqual Some(fullAuthorizationUrl)
-    }
+    } else (responseAuth, redirectUrl)
+  }
 
-    "redirect to redirect uri in case of successful core client authorization" in {
+  private def matchSeeOtherAndQueryParameters(request: Future[Result], redirectUrl: URL) = {
 
-      val queryScope = List(SCOPE_BASIC)
-      val redirectUris = testClient.redirectURIs
+    status(request) mustEqual SEE_OTHER
+    header("Location", request).foreach(location => {
 
-      val (client, userPassParameters) = prepareClientAndUser(
-        queryScope,
-        testClientId,
-        coreYetuClient = true,
-        clientRedirectUrls = redirectUris)
+      val locationUrl = new URL(location)
 
-      val fullAuthorizationUrl = s"$authorizationUrl?scope=$queryScope" +
-        s"&client_id=${client.clientId}" +
-        s"&redirect_uri=${redirectUris.head}" +
-        s"&response_type=${ResponseTypes.CODE}" +
-        s"&state=$testStateParameter"
+      locationUrl.getProtocol.mustEqual(redirectUrl.getProtocol)
+      locationUrl.getHost mustEqual redirectUrl.getHost
+      locationUrl.getQuery should include ("code=")
+      locationUrl.getQuery should include ("state=" + testStateParameter)
+    })
+  }
 
-      val originalUrl = ("original-url", fullAuthorizationUrl)
-      val cookieResponse = postRequest(loginUrlWithUserPass, userPassParameters, fakeHeaders = FakeHeaders(), sessions = List(originalUrl))
+  "Authorization Flow" must {
 
-      val cookie: Option[String] = header("Set-Cookie", cookieResponse)
-      val fakeHeaders = FakeHeaders(Seq("Cookie" -> Seq(cookie.get)))
+    "redirect to login page for authorize request if user is not logged in" in {
 
-      val redirectUrl = new URL(redirectUris.head)
-      val responseAuthorization = getRequest(fullAuthorizationUrl, headers = fakeHeaders)
+      val (_, _, authUrl) = prepareClientAndUserAndAuthUrl()
+      val fakeHeaders = FakeHeaders(Seq("Accept" -> Seq("text/html")))
 
+      val responseAuthorization = getRequest(authUrl, headers = fakeHeaders)
       status(responseAuthorization) mustEqual SEE_OTHER
-      header("Location", responseAuthorization).foreach(location => {
-
-        val locationUrl = new URL(location)
-
-        locationUrl.getProtocol.mustEqual(redirectUrl.getProtocol)
-        locationUrl.getHost mustEqual redirectUrl.getHost
-        locationUrl.getQuery should include ("code=")
-        locationUrl.getQuery should include ("state=" + testStateParameter)
-      })
+      header("Location", responseAuthorization) mustEqual Some("http:///login")
     }
 
-    "redirect with code and state parameters if the permissions had been granted for non-core client" in {
-
-      val queryScope = List(SCOPE_BASIC)
-      val redirectUris = testClient.redirectURIs
+    "redirect to authorize if post correct credentials" in {
 
-      val (client, userPassParameters) = prepareClientAndUser(
-        queryScope,
-        testClientId,
-        coreYetuClient = false,
-        clientRedirectUrls = redirectUris)
+      val (_, userParams, authUrl) = prepareClientAndUserAndAuthUrl()
+      val originalUrl = ("original-url", authUrl)
+      val cookieResponse = postRequest(loginUrlWithUserPass, userParams, sessions = List(originalUrl))
 
-      val fullAuthorizationUrl = s"$authorizationUrl?scope=$queryScope" +
-        s"&client_id=${client.clientId}" +
-        s"&redirect_uri=${redirectUris.head}" +
-        s"&response_type=${ResponseTypes.CODE}" +
-        s"&state=$testStateParameter"
+      status(cookieResponse) mustEqual SEE_OTHER
+      header("Location", cookieResponse) mustEqual Some(authUrl)
+    }
 
-      val originalUrl = ("original-url", fullAuthorizationUrl)
-      val cookieResponse = postRequest(loginUrlWithUserPass, userPassParameters, fakeHeaders = FakeHeaders(), sessions = List(originalUrl))
+    "redirect to redirect uri in case of successful core client authorization" in {
 
-      val cookie: Option[String] = header("Set-Cookie", cookieResponse)
-      val fakeHeaders = FakeHeaders(Seq("Cookie" -> Seq(cookie.get)))
+      val (_, userParams, authUrl) = prepareClientAndUserAndAuthUrl()
+      val (responseAuth, redirectUrl) = doAuth(authUrl, userParams)
 
-      val redirectUrl = new URL(redirectUris.head)
-      val responseAuthorization = getRequest(fullAuthorizationUrl, headers = fakeHeaders)
+      matchSeeOtherAndQueryParameters(responseAuth, redirectUrl)
+    }
 
-      status(responseAuthorization) mustEqual SEE_OTHER
-      header("Location", responseAuthorization).foreach(location => {
+    "redirect with code and state parameters if the permissions had been granted for non-core client" in {
 
-        val locationUrl = new URL(location)
+      val (_, userParams, authUrl) = prepareClientAndUserAndAuthUrl(coreYetuClient = false)
+      val (responseAuth, redirectUrl) = doAuth(authUrl, userParams)
 
-        locationUrl.getProtocol.mustEqual(redirectUrl.getProtocol)
-        locationUrl.getHost mustEqual redirectUrl.getHost
-        locationUrl.getQuery should include ("code=")
-        locationUrl.getQuery should include ("state=" + testStateParameter)
-      })
+      matchSeeOtherAndQueryParameters(responseAuth, redirectUrl)
     }
 
     "render permission page if permissions had not been granted for non-core client" in {
 
-      val queryScope = List(SCOPE_BASIC)
-      val redirectUris = testClient.redirectURIs
-
-      val (client, userPassParameters) = prepareClientAndUser(
-        queryScope,
-        testClientId,
-        coreYetuClient = false,
-        clientRedirectUrls = redirectUris,
-        grantPermissions = false)
-
-      val fullAuthorizationUrl = s"$authorizationUrl?scope=$queryScope" +
-        s"&client_id=${client.clientId}" +
-        s"&redirect_uri=${redirectUris.head}" +
-        s"&response_type=${ResponseTypes.CODE}" +
-        s"&state=$testStateParameter"
-
-      val originalUrl = ("original-url", fullAuthorizationUrl)
-      val cookieResponse = postRequest(loginUrlWithUserPass, userPassParameters, fakeHeaders = FakeHeaders(), sessions = List(originalUrl))
-
-      val cookie: Option[String] = header("Set-Cookie", cookieResponse)
-      val fakeHeaders = FakeHeaders(Seq("Cookie" -> Seq(cookie.get), "Accept" -> Seq("text/html")))
+      val (_, userParams, authUrl) = prepareClientAndUserAndAuthUrl(coreYetuClient = false, grantPermissions = false)
+      val (responseAuth, _) = doAuth(authUrl, userParams)
 
-      val redirectUrl = new URL(redirectUris.head)
-      val responseAuthorization = getRequest(fullAuthorizationUrl, headers = fakeHeaders)
-
-      status(responseAuthorization) mustEqual OK
-      contentAsString(responseAuthorization) should include ("class=\"requestedPermissions\"")
+      status(responseAuth) mustEqual OK
+      contentAsString(responseAuth) should include ("class=\"requestedPermissions\"")
     }
 
     "redirect with code and state parameters if the permission were granted by the user" in {
 
-      val queryScope = List(SCOPE_BASIC)
-      val redirectUris = testClient.redirectURIs
-
-      val (client, userPassParameters) = prepareClientAndUser(
-        queryScope,
-        testClientId,
+      val (_, userParams, authUrl) = prepareClientAndUserAndAuthUrl(
         coreYetuClient = false,
-        clientRedirectUrls = redirectUris,
         grantPermissions = false)
 
-      val fullAuthorizationUrl = s"$authorizationUrl?scope=$queryScope" +
-        s"&client_id=${client.clientId}" +
-        s"&redirect_uri=${redirectUris.head}" +
-        s"&response_type=${ResponseTypes.CODE}" +
-        s"&state=$testStateParameter"
-
-      val originalUrl = ("original-url", fullAuthorizationUrl)
-      val cookieResponse = postRequest(loginUrlWithUserPass, userPassParameters, fakeHeaders = FakeHeaders(), sessions = List(originalUrl))
-
-      val cookie: Option[String] = header("Set-Cookie", cookieResponse)
-      val fakeHeaders = FakeHeaders(Seq("Cookie" -> Seq(cookie.get), "Accept" -> Seq("text/html")))
-
-      val redirectUrl = new URL(redirectUris.head)
-      val responseAuthorization = getRequest(fullAuthorizationUrl, headers = fakeHeaders)
-
-      status(responseAuthorization) mustEqual OK
-
-      val permissionData = Map[String, Seq[String]](
-        "scopes" -> Seq(queryScope.mkString(" ")),
-        "client_id" -> Seq(client.clientId),
-        "redirect_uri" -> Seq(redirectUris.head),
-        "state" -> Seq(testStateParameter)
-      )
-
-      val permissionPost = postRequest(permissionPostUrl, permissionData, fakeHeaders = fakeHeaders)
-
-      status(permissionPost) mustEqual SEE_OTHER
-      header("Location", permissionPost).foreach(location => {
-
-        val locationUrl = new URL(location)
-
-        locationUrl.getProtocol.mustEqual(redirectUrl.getProtocol)
-        locationUrl.getHost mustEqual redirectUrl.getHost
-        locationUrl.getQuery should include ("code=")
-        locationUrl.getQuery should include ("state=" + testStateParameter)
-      })
+      val (responsePermissions, redirectUrl) = doAuth(authUrl, userParams, requestPermissions = true)
+      matchSeeOtherAndQueryParameters(responsePermissions, redirectUrl)
     }
 
-  }
-
-  "IntegrationAuthorizationFlow" ignore {
-
-    "yield a response authorization Result" ignore {
-      registerClientAndUserAndAuthenticate(integrationTestClientId, clientRedirectUrls = List(defaultRedirectUrl), queryRedirectUrl = Some(s"$defaultRedirectUrl Invalid"), coreYetuClient = true)
-    }
-  }
-
-  "OAuth2 flows " ignore {
-
     oauth2flowImplementations.foreach { implementation =>
 
       s"support yielding an access_token for the ${implementation.implementationId} flow" in {
@@ -256,6 +165,7 @@ class IntegrationAuthorizationFlowSpec extends IntegrationBaseSpec with Authoriz
       }
 
     }
+
   }
 
 }
diff --git a/test/com/yetu/oauth2provider/oauth2/AccessTokenRetriever.scala b/test/com/yetu/oauth2provider/oauth2/AccessTokenRetriever.scala
@@ -17,11 +17,11 @@ trait AccessTokenRetriever extends DefaultTestVariables with TestRegistry with R
   def implementationId: String = this.getClass.getCanonicalName
 
   def prepareClientAndUser(scopes: List[String] = List(SCOPE_BASIC),
-                           clientId: String = integrationTestClientId,
-                           coreYetuClient: Boolean = false,
-                           deleteSaveTestUser: Boolean = true,
-                           clientRedirectUrls: List[String] = List("http://dummyRedirectUrl"),
-                           grantPermissions: Boolean = true) = {
+    clientId: String = integrationTestClientId,
+    coreYetuClient: Boolean = false,
+    deleteSaveTestUser: Boolean = true,
+    clientRedirectUrls: List[String] = List("http://dummyRedirectUrl"),
+    grantPermissions: Boolean = true) = {
 
     val client = OAuth2Client(clientId, integrationTestSecret,
       redirectURIs = clientRedirectUrls,