From 01649565fd51e249e1863f1366187f312239f822 Mon Sep 17 00:00:00 2001 From: Marc Nuri Date: Thu, 18 Apr 2024 06:25:23 +0200 Subject: [PATCH] test(openid-connection): ensure token refresh request contains required attributes Signed-off-by: Marc Nuri --- .../client/http/TestStandardHttpClient.java | 2 -- .../OpenIDConnectionUtilsBehaviorTest.java | 18 +++++++++++++++++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/http/TestStandardHttpClient.java b/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/http/TestStandardHttpClient.java index 7abc63f90b7..01be97338ef 100644 --- a/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/http/TestStandardHttpClient.java +++ b/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/http/TestStandardHttpClient.java @@ -48,8 +48,6 @@ protected TestStandardHttpClient(TestStandardHttpClientBuilder builder, AtomicBo @Override public void doClose() { - recordedConsumeBytesDirects.clear(); - recordedBuildWebSocketDirects.clear(); expectations.values().forEach(e -> { e.futures.clear(); e.wsFutures.clear(); diff --git a/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/utils/OpenIDConnectionUtilsBehaviorTest.java b/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/utils/OpenIDConnectionUtilsBehaviorTest.java index 944467f2739..60cd3205abe 100644 --- a/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/utils/OpenIDConnectionUtilsBehaviorTest.java +++ b/kubernetes-client-api/src/test/java/io/fabric8/kubernetes/client/utils/OpenIDConnectionUtilsBehaviorTest.java @@ -22,6 +22,7 @@ import io.fabric8.kubernetes.api.model.NamedContextBuilder; import io.fabric8.kubernetes.client.Config; import io.fabric8.kubernetes.client.ConfigBuilder; +import io.fabric8.kubernetes.client.http.TestStandardHttpClient; import io.fabric8.kubernetes.client.http.TestStandardHttpClientBuilder; import io.fabric8.kubernetes.client.http.TestStandardHttpClientFactory; import org.assertj.core.api.InstanceOfAssertFactories; @@ -116,6 +117,7 @@ void setUp() throws Exception { authProviderConfig.put("id-token", "original-token"); authProviderConfig.put("idp-issuer-url", "https://auth.fabric8.example.com"); authProviderConfig.put("client-id", "id-of-test-client"); + authProviderConfig.put("client-secret", "secret-of-test-client"); } @AfterEach @@ -359,7 +361,7 @@ void updatesCurrentConfigAuthProviderConfigWithNewTokenInFile() throws Exception @Test @DisplayName("Certificate is loaded into HttpClient trust manager") - void certificateIsLoadedIntoHttpClientTrustManager() throws Exception { + void certificateIsLoadedIntoHttpClientTrustManager() { assertThat(httpClientBuilder.getTrustManagers()) .singleElement() .asInstanceOf(InstanceOfAssertFactories.type(X509ExtendedTrustManager.class)) @@ -369,6 +371,20 @@ void certificateIsLoadedIntoHttpClientTrustManager() throws Exception { .extracting(Principal::getName) .contains("CN=auth.fabric8.example.com"); } + + @Test + @DisplayName("Token refresh request contains valid auth and form data") + void tokenRefreshRequestContainsValidFormData() { + assertThat(httpClientBuilder.build().getRecordedConsumeBytesDirects()) + .filteredOn(r -> r.getRequest().uri().getPath().equals("/token")) + .singleElement() + .extracting(TestStandardHttpClient.RecordedConsumeBytesDirect::getRequest) + .hasFieldOrPropertyWithValue("method", "POST") + .hasFieldOrPropertyWithValue("contentType", "application/x-www-form-urlencoded") + .hasFieldOrPropertyWithValue("bodyString", + "refresh_token=original-refresh-token&grant_type=refresh_token&client_id=id-of-test-client&client_secret=secret-of-test-client") + .returns("Basic aWQtb2YtdGVzdC1jbGllbnQ6c2VjcmV0LW9mLXRlc3QtY2xpZW50", r -> r.header("Authorization")); + } } } }