Skip to content
This repository has been archived by the owner on Jul 7, 2021. It is now read-only.

Commit

Permalink
#243: post user credentials in body (#356)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ccostin93
ccostin93 authored Nov 21, 2020
1 parent 6e9c3cb commit 7de1779
Show file tree
Hide file tree
Showing 2 changed files with 108 additions and 89 deletions.
27 changes: 12 additions & 15 deletions src/main/java/org/proshin/finapi/accesstoken/FpAccessTokens.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,15 +48,14 @@ public AccessToken clientToken(final String clientId, final String clientSecret)
return new ClientAccessToken(
new JSONObject(
this.endpoint.post(
this.tokenUrl + '?' +
this.tokenUrl,
new StringEntity(
new QueryString(
new UrlEncodedPair("grant_type", "client_credentials"),
new UrlEncodedPair("client_id", clientId),
new UrlEncodedPair("client_secret", clientSecret)
).get(),
new StringEntity(
"",
ContentType.APPLICATION_JSON
ContentType.APPLICATION_FORM_URLENCODED
),
HttpStatus.SC_OK
)
Expand All @@ -74,17 +73,16 @@ public AccessToken userToken(
return new UserAccessToken(
new JSONObject(
this.endpoint.post(
this.tokenUrl + '?' +
this.tokenUrl,
new StringEntity(
new QueryString(
new UrlEncodedPair("grant_type", "password"),
new UrlEncodedPair("client_id", clientId),
new UrlEncodedPair("client_secret", clientSecret),
new UrlEncodedPair("username", username),
new UrlEncodedPair("password", password)
).get(),
new StringEntity(
"",
ContentType.APPLICATION_JSON
ContentType.APPLICATION_FORM_URLENCODED
),
HttpStatus.SC_OK
)
Expand All @@ -97,16 +95,15 @@ public AccessToken userToken(final String clientId, final String clientSecret, f
return new UserAccessToken(
new JSONObject(
this.endpoint.post(
this.tokenUrl + '?' +
this.tokenUrl,
new StringEntity(
new QueryString(
new UrlEncodedPair("grant_type", "refresh_token"),
new UrlEncodedPair("client_id", clientId),
new UrlEncodedPair("client_secret", clientSecret),
new UrlEncodedPair("refresh_token", refreshToken)
).get(),
new StringEntity(
"",
ContentType.APPLICATION_JSON
ContentType.APPLICATION_FORM_URLENCODED
),
HttpStatus.SC_OK
)
Expand Down Expand Up @@ -140,11 +137,11 @@ public void revoke(final AccessToken clientToken, final AccessToken userToken, f
}
}
this.endpoint.post(
this.revokeUrl + '?' + new QueryString(parameters).get(),
this.revokeUrl,
clientToken,
new StringEntity(
"",
ContentType.APPLICATION_JSON
new QueryString(parameters).get(),
ContentType.APPLICATION_FORM_URLENCODED
),
HttpStatus.SC_OK
);
Expand Down
170 changes: 96 additions & 74 deletions src/test/java/org/proshin/finapi/accesstoken/FpAccessTokensTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@
import org.junit.jupiter.api.Test;
import org.mockserver.model.HttpRequest;
import org.mockserver.model.HttpResponse;
import org.mockserver.model.Parameter;
import org.mockserver.model.ParameterBody;
import org.proshin.finapi.TestWithMockedEndpoint;
import org.proshin.finapi.fake.FakeAccessToken;

Expand All @@ -30,24 +32,28 @@ public final class FpAccessTokensTest extends TestWithMockedEndpoint {
public void testThatClientTokenReturnsValidToken() {
final String clientId = "client ID #1";
final String clientSecret = "client secret #1";
this.server().when(
HttpRequest.request("/oauth/token")
.withMethod("POST")
.withQueryStringParameter("grant_type", "client_credentials")
.withQueryStringParameter("client_id", clientId)
.withQueryStringParameter("client_secret", clientSecret)
).respond(
HttpResponse.response(
String.join("",
"{",
"\"access_token\": \"access token\",",
"\"token_type\": \"bearer\",",
"\"expires_in\": 156,",
"\"scope\": \"all\"",
"}"
this.server()
.when(
HttpRequest.request("/oauth/token")
.withMethod("POST")
.withBody(
new ParameterBody(
new Parameter("grant_type", "client_credentials"),
new Parameter("client_id", clientId),
new Parameter("client_secret", clientSecret)
)))
.respond(
HttpResponse.response(
String.join("",
"{",
"\"access_token\": \"access token\",",
"\"token_type\": \"bearer\",",
"\"expires_in\": 156,",
"\"scope\": \"all\"",
"}"
)
)
)
);
);
final AccessToken token = new FpAccessTokens(this.endpoint()).clientToken(clientId, clientSecret);
assertThat(token.accessToken()).isEqualTo("access token");
assertThat(token.tokenType()).isEqualTo("bearer");
Expand All @@ -62,27 +68,31 @@ public void testThatUserTokenReturnsValidToken() {
final String clientSecret = "client secret #2";
final String username = "username #2";
final String password = "password #2";
this.server().when(
HttpRequest.request("/oauth/token")
.withMethod("POST")
.withQueryStringParameter("grant_type", "password")
.withQueryStringParameter("client_id", clientId)
.withQueryStringParameter("client_secret", clientSecret)
.withQueryStringParameter("username", username)
.withQueryStringParameter("password", password)
).respond(
HttpResponse.response(
String.join("",
"{",
"\"access_token\": \"access token\",",
"\"token_type\": \"bearer\",",
"\"refresh_token\": \"refresh token\",",
"\"expires_in\": 156,",
"\"scope\": \"all\"",
"}"
this.server()
.when(
HttpRequest.request("/oauth/token")
.withMethod("POST")
.withBody(
new ParameterBody(
new Parameter("grant_type", "password"),
new Parameter("client_id", clientId),
new Parameter("client_secret", clientSecret),
new Parameter("username", username),
new Parameter("password", password)
)))
.respond(
HttpResponse.response(
String.join("",
"{",
"\"access_token\": \"access token\",",
"\"token_type\": \"bearer\",",
"\"refresh_token\": \"refresh token\",",
"\"expires_in\": 156,",
"\"scope\": \"all\"",
"}"
)
)
)
);
);
final AccessToken token = new FpAccessTokens(this.endpoint())
.userToken(clientId, clientSecret, username, password);
assertThat(token.accessToken()).isEqualTo("access token");
Expand All @@ -97,26 +107,30 @@ public void testGettingUserTokenUsingRefreshToken() {
final String clientId = "client ID #2";
final String clientSecret = "client secret #2";
final String refreshToken = "refresh token";
this.server().when(
HttpRequest.request("/oauth/token")
.withMethod("POST")
.withQueryStringParameter("grant_type", "refresh_token")
.withQueryStringParameter("client_id", clientId)
.withQueryStringParameter("client_secret", clientSecret)
.withQueryStringParameter("refresh_token", refreshToken)
).respond(
HttpResponse.response(
String.join("",
"{",
"\"access_token\": \"access token\",",
"\"token_type\": \"bearer\",",
"\"refresh_token\": \"refresh token\",",
"\"expires_in\": 156,",
"\"scope\": \"all\"",
"}"
this.server()
.when(
HttpRequest.request("/oauth/token")
.withMethod("POST")
.withBody(
new ParameterBody(
new Parameter("grant_type", "refresh_token"),
new Parameter("client_id", clientId),
new Parameter("client_secret", clientSecret),
new Parameter("refresh_token", refreshToken)
)))
.respond(
HttpResponse.response(
String.join("",
"{",
"\"access_token\": \"access token\",",
"\"token_type\": \"bearer\",",
"\"refresh_token\": \"refresh token\",",
"\"expires_in\": 156,",
"\"scope\": \"all\"",
"}"
)
)
)
);
);
final AccessToken token = new FpAccessTokens(this.endpoint())
.userToken(clientId, clientSecret, refreshToken);
assertThat(token.accessToken()).isEqualTo("access token");
Expand All @@ -131,15 +145,19 @@ public void testRevokeTokenAccessTokenOnly() {
final String clientId = "client ID #2";
final String clientSecret = "client secret #2";
final String refreshToken = "refresh token";
this.server().when(
HttpRequest.request("/oauth/revoke")
.withMethod("POST")
.withHeader("Authorization", "Bearer client-token")
.withQueryStringParameter("token", "user-token")
.withQueryStringParameter("token_type_hint", "access_token")
).respond(
HttpResponse.response().withStatusCode(HttpStatus.SC_OK)
);
this.server()
.when(
HttpRequest.request("/oauth/revoke")
.withMethod("POST")
.withHeader("Authorization", "Bearer client-token")
.withBody(
new ParameterBody(
new Parameter("token", "user-token"),
new Parameter("token_type_hint", "access_token")
)))
.respond(
HttpResponse.response().withStatusCode(HttpStatus.SC_OK)
);
new FpAccessTokens(this.endpoint())
.revoke(
new FakeAccessToken("client-token"),
Expand All @@ -153,15 +171,19 @@ public void testRevokeTokenRefreshTokenOnly() {
final String clientId = "client ID #2";
final String clientSecret = "client secret #2";
final String refreshToken = "refresh token";
this.server().when(
HttpRequest.request("/oauth/revoke")
.withMethod("POST")
.withHeader("Authorization", "Bearer client-token")
.withQueryStringParameter("token", "user-token")
.withQueryStringParameter("token_type_hint", "refresh_token")
).respond(
HttpResponse.response().withStatusCode(HttpStatus.SC_OK)
);
this.server()
.when(
HttpRequest.request("/oauth/revoke")
.withMethod("POST")
.withHeader("Authorization", "Bearer client-token")
.withBody(
new ParameterBody(
new Parameter("token", "user-token"),
new Parameter("token_type_hint", "refresh_token")
)))
.respond(
HttpResponse.response().withStatusCode(HttpStatus.SC_OK)
);
new FpAccessTokens(this.endpoint())
.revoke(
new FakeAccessToken("client-token"),
Expand Down

0 comments on commit 7de1779

Please sign in to comment.