gerrit.opnfv Code Review - moon.git/blob

   1 /*
   2  * Copyright (c) 2014, 2015 Hewlett-Packard Development Company, L.P. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.aaa.sts;
  10
  11 import static org.junit.Assert.assertEquals;
  12 import static org.junit.Assert.assertTrue;
  13 import static org.mockito.Matchers.any;
  14 import static org.mockito.Matchers.anyString;
  15 import static org.mockito.Mockito.mock;
  16 import static org.mockito.Mockito.when;
  17
  18 import java.util.Arrays;
  19 import org.eclipse.jetty.testing.HttpTester;
  20 import org.eclipse.jetty.testing.ServletTester;
  21 import org.junit.After;
  22 import org.junit.AfterClass;
  23 import org.junit.Before;
  24 import org.junit.BeforeClass;
  25 import org.junit.Test;
  26 import org.opendaylight.aaa.AuthenticationBuilder;
  27 import org.opendaylight.aaa.ClaimBuilder;
  28 import org.opendaylight.aaa.api.AuthenticationService;
  29 import org.opendaylight.aaa.api.Claim;
  30 import org.opendaylight.aaa.api.ClientService;
  31 import org.opendaylight.aaa.api.CredentialAuth;
  32 import org.opendaylight.aaa.api.IdMService;
  33 import org.opendaylight.aaa.api.PasswordCredentials;
  34 import org.opendaylight.aaa.api.TokenAuth;
  35 import org.opendaylight.aaa.api.TokenStore;
  36
  37 /**
  38  * A unit test for token endpoint.
  39  *
  40  * @author liemmn
  41  *
  42  */
  43 public class TokenEndpointTest {
  44     private static final long TOKEN_TIMEOUT_SECS = 10;
  45     private static final String CONTEXT = "/oauth2";
  46     private static final String DIRECT_AUTH = "grant_type=password&username=admin&password=admin&scope=pepsi&client_id=dlux&client_secret=secrete";
  47     private static final String REFRESH_TOKEN = "grant_type=refresh_token&refresh_token=whateverisgood&scope=pepsi";
  48
  49     private static final Claim claim = new ClaimBuilder().setUser("bob").setUserId("1234")
  50                                                          .addRole("admin").build();
  51     private final static ServletTester server = new ServletTester();
  52
  53     @BeforeClass
  54     public static void init() throws Exception {
  55         // Set up server
  56         server.setContextPath(CONTEXT);
  57
  58         // Add our servlet under test
  59         server.addServlet(TokenEndpoint.class, "/revoke");
  60         server.addServlet(TokenEndpoint.class, "/token");
  61
  62         // Let's do dis
  63         server.start();
  64     }
  65
  66     @AfterClass
  67     public static void shutdown() throws Exception {
  68         server.stop();
  69     }
  70
  71     @Before
  72     public void setup() {
  73         mockServiceLocator();
  74         when(ServiceLocator.getInstance().getTokenStore().tokenExpiration()).thenReturn(
  75                 TOKEN_TIMEOUT_SECS);
  76     }
  77
  78     @After
  79     public void teardown() {
  80         ServiceLocator.getInstance().getTokenAuthCollection().clear();
  81     }
  82
  83     @Test
  84     public void testCreateToken401() throws Exception {
  85         HttpTester req = new HttpTester();
  86         req.setMethod("POST");
  87         req.setHeader("Content-Type", "application/x-www-form-urlencoded");
  88         req.setContent(DIRECT_AUTH);
  89         req.setURI(CONTEXT + TokenEndpoint.TOKEN_GRANT_ENDPOINT);
  90         req.setVersion("HTTP/1.0");
  91
  92         HttpTester resp = new HttpTester();
  93         resp.parse(server.getResponses(req.generate()));
  94         assertEquals(401, resp.getStatus());
  95     }
  96
  97     @Test
  98     public void testCreateTokenWithPassword() throws Exception {
  99         when(
 100                 ServiceLocator.getInstance().getCredentialAuth()
 101                               .authenticate(any(PasswordCredentials.class))).thenReturn(claim);
 102
 103         HttpTester req = new HttpTester();
 104         req.setMethod("POST");
 105         req.setHeader("Content-Type", "application/x-www-form-urlencoded");
 106         req.setContent(DIRECT_AUTH);
 107         req.setURI(CONTEXT + TokenEndpoint.TOKEN_GRANT_ENDPOINT);
 108         req.setVersion("HTTP/1.0");
 109
 110         HttpTester resp = new HttpTester();
 111         resp.parse(server.getResponses(req.generate()));
 112         assertEquals(201, resp.getStatus());
 113         assertTrue(resp.getContent().contains("expires_in\":10"));
 114         assertTrue(resp.getContent().contains("Bearer"));
 115     }
 116
 117     @Test
 118     public void testCreateTokenWithRefreshToken() throws Exception {
 119         when(ServiceLocator.getInstance().getTokenStore().get(anyString())).thenReturn(
 120                 new AuthenticationBuilder(claim).build());
 121         when(ServiceLocator.getInstance().getIdmService().listRoles(anyString(), anyString())).thenReturn(
 122                 Arrays.asList("admin", "user"));
 123
 124         HttpTester req = new HttpTester();
 125         req.setMethod("POST");
 126         req.setHeader("Content-Type", "application/x-www-form-urlencoded");
 127         req.setContent(REFRESH_TOKEN);
 128         req.setURI(CONTEXT + TokenEndpoint.TOKEN_GRANT_ENDPOINT);
 129         req.setVersion("HTTP/1.0");
 130
 131         HttpTester resp = new HttpTester();
 132         resp.parse(server.getResponses(req.generate()));
 133         assertEquals(201, resp.getStatus());
 134         assertTrue(resp.getContent().contains("expires_in\":10"));
 135         assertTrue(resp.getContent().contains("Bearer"));
 136     }
 137
 138     @Test
 139     public void testDeleteToken() throws Exception {
 140         when(ServiceLocator.getInstance().getTokenStore().delete("token_to_be_deleted")).thenReturn(
 141                 true);
 142
 143         HttpTester req = new HttpTester();
 144         req.setMethod("POST");
 145         req.setHeader("Content-Type", "application/x-www-form-urlencoded");
 146         req.setContent("token_to_be_deleted");
 147         req.setURI(CONTEXT + TokenEndpoint.TOKEN_REVOKE_ENDPOINT);
 148         req.setVersion("HTTP/1.0");
 149
 150         HttpTester resp = new HttpTester();
 151         resp.parse(server.getResponses(req.generate()));
 152         assertEquals(204, resp.getStatus());
 153     }
 154
 155     @SuppressWarnings("unchecked")
 156     private static void mockServiceLocator() {
 157         ServiceLocator.getInstance().setClientService(mock(ClientService.class));
 158         ServiceLocator.getInstance().setIdmService(mock(IdMService.class));
 159         ServiceLocator.getInstance().setAuthenticationService(mock(AuthenticationService.class));
 160         ServiceLocator.getInstance().setTokenStore(mock(TokenStore.class));
 161         ServiceLocator.getInstance().setCredentialAuth(mock(CredentialAuth.class));
 162         ServiceLocator.getInstance().getTokenAuthCollection().add(mock(TokenAuth.class));
 163     }
 164 }