diff --git a/src/main/java/org/proshin/finapi/accesstoken/FpAccessTokens.java b/src/main/java/org/proshin/finapi/accesstoken/FpAccessTokens.java index ebc73b9..fb28d07 100644 --- a/src/main/java/org/proshin/finapi/accesstoken/FpAccessTokens.java +++ b/src/main/java/org/proshin/finapi/accesstoken/FpAccessTokens.java @@ -48,15 +48,14 @@ public AccessToken clientToken(final String clientId, final String clientSecret) return new ClientAccessToken( new JSONObject( this.endpoint.post( - this.tokenUrl + '?' + + this.tokenUrl, + new StringEntity( new QueryString( new UrlEncodedPair("grant_type", "client_credentials"), new UrlEncodedPair("client_id", clientId), new UrlEncodedPair("client_secret", clientSecret) ).get(), - new StringEntity( - "", - ContentType.APPLICATION_JSON + ContentType.APPLICATION_FORM_URLENCODED ), HttpStatus.SC_OK ) @@ -74,7 +73,8 @@ public AccessToken userToken( return new UserAccessToken( new JSONObject( this.endpoint.post( - this.tokenUrl + '?' + + this.tokenUrl, + new StringEntity( new QueryString( new UrlEncodedPair("grant_type", "password"), new UrlEncodedPair("client_id", clientId), @@ -82,9 +82,7 @@ public AccessToken userToken( new UrlEncodedPair("username", username), new UrlEncodedPair("password", password) ).get(), - new StringEntity( - "", - ContentType.APPLICATION_JSON + ContentType.APPLICATION_FORM_URLENCODED ), HttpStatus.SC_OK ) @@ -97,16 +95,15 @@ public AccessToken userToken(final String clientId, final String clientSecret, f return new UserAccessToken( new JSONObject( this.endpoint.post( - this.tokenUrl + '?' + + this.tokenUrl, + new StringEntity( new QueryString( new UrlEncodedPair("grant_type", "refresh_token"), new UrlEncodedPair("client_id", clientId), new UrlEncodedPair("client_secret", clientSecret), new UrlEncodedPair("refresh_token", refreshToken) ).get(), - new StringEntity( - "", - ContentType.APPLICATION_JSON + ContentType.APPLICATION_FORM_URLENCODED ), HttpStatus.SC_OK ) @@ -140,11 +137,11 @@ public void revoke(final AccessToken clientToken, final AccessToken userToken, f } } this.endpoint.post( - this.revokeUrl + '?' + new QueryString(parameters).get(), + this.revokeUrl, clientToken, new StringEntity( - "", - ContentType.APPLICATION_JSON + new QueryString(parameters).get(), + ContentType.APPLICATION_FORM_URLENCODED ), HttpStatus.SC_OK ); diff --git a/src/test/java/org/proshin/finapi/accesstoken/FpAccessTokensTest.java b/src/test/java/org/proshin/finapi/accesstoken/FpAccessTokensTest.java index ba61b0f..23cc8a2 100644 --- a/src/test/java/org/proshin/finapi/accesstoken/FpAccessTokensTest.java +++ b/src/test/java/org/proshin/finapi/accesstoken/FpAccessTokensTest.java @@ -21,6 +21,8 @@ import org.junit.jupiter.api.Test; import org.mockserver.model.HttpRequest; import org.mockserver.model.HttpResponse; +import org.mockserver.model.Parameter; +import org.mockserver.model.ParameterBody; import org.proshin.finapi.TestWithMockedEndpoint; import org.proshin.finapi.fake.FakeAccessToken; @@ -30,24 +32,28 @@ public final class FpAccessTokensTest extends TestWithMockedEndpoint { public void testThatClientTokenReturnsValidToken() { final String clientId = "client ID #1"; final String clientSecret = "client secret #1"; - this.server().when( - HttpRequest.request("/oauth/token") - .withMethod("POST") - .withQueryStringParameter("grant_type", "client_credentials") - .withQueryStringParameter("client_id", clientId) - .withQueryStringParameter("client_secret", clientSecret) - ).respond( - HttpResponse.response( - String.join("", - "{", - "\"access_token\": \"access token\",", - "\"token_type\": \"bearer\",", - "\"expires_in\": 156,", - "\"scope\": \"all\"", - "}" + this.server() + .when( + HttpRequest.request("/oauth/token") + .withMethod("POST") + .withBody( + new ParameterBody( + new Parameter("grant_type", "client_credentials"), + new Parameter("client_id", clientId), + new Parameter("client_secret", clientSecret) + ))) + .respond( + HttpResponse.response( + String.join("", + "{", + "\"access_token\": \"access token\",", + "\"token_type\": \"bearer\",", + "\"expires_in\": 156,", + "\"scope\": \"all\"", + "}" + ) ) - ) - ); + ); final AccessToken token = new FpAccessTokens(this.endpoint()).clientToken(clientId, clientSecret); assertThat(token.accessToken()).isEqualTo("access token"); assertThat(token.tokenType()).isEqualTo("bearer"); @@ -62,27 +68,31 @@ public void testThatUserTokenReturnsValidToken() { final String clientSecret = "client secret #2"; final String username = "username #2"; final String password = "password #2"; - this.server().when( - HttpRequest.request("/oauth/token") - .withMethod("POST") - .withQueryStringParameter("grant_type", "password") - .withQueryStringParameter("client_id", clientId) - .withQueryStringParameter("client_secret", clientSecret) - .withQueryStringParameter("username", username) - .withQueryStringParameter("password", password) - ).respond( - HttpResponse.response( - String.join("", - "{", - "\"access_token\": \"access token\",", - "\"token_type\": \"bearer\",", - "\"refresh_token\": \"refresh token\",", - "\"expires_in\": 156,", - "\"scope\": \"all\"", - "}" + this.server() + .when( + HttpRequest.request("/oauth/token") + .withMethod("POST") + .withBody( + new ParameterBody( + new Parameter("grant_type", "password"), + new Parameter("client_id", clientId), + new Parameter("client_secret", clientSecret), + new Parameter("username", username), + new Parameter("password", password) + ))) + .respond( + HttpResponse.response( + String.join("", + "{", + "\"access_token\": \"access token\",", + "\"token_type\": \"bearer\",", + "\"refresh_token\": \"refresh token\",", + "\"expires_in\": 156,", + "\"scope\": \"all\"", + "}" + ) ) - ) - ); + ); final AccessToken token = new FpAccessTokens(this.endpoint()) .userToken(clientId, clientSecret, username, password); assertThat(token.accessToken()).isEqualTo("access token"); @@ -97,26 +107,30 @@ public void testGettingUserTokenUsingRefreshToken() { final String clientId = "client ID #2"; final String clientSecret = "client secret #2"; final String refreshToken = "refresh token"; - this.server().when( - HttpRequest.request("/oauth/token") - .withMethod("POST") - .withQueryStringParameter("grant_type", "refresh_token") - .withQueryStringParameter("client_id", clientId) - .withQueryStringParameter("client_secret", clientSecret) - .withQueryStringParameter("refresh_token", refreshToken) - ).respond( - HttpResponse.response( - String.join("", - "{", - "\"access_token\": \"access token\",", - "\"token_type\": \"bearer\",", - "\"refresh_token\": \"refresh token\",", - "\"expires_in\": 156,", - "\"scope\": \"all\"", - "}" + this.server() + .when( + HttpRequest.request("/oauth/token") + .withMethod("POST") + .withBody( + new ParameterBody( + new Parameter("grant_type", "refresh_token"), + new Parameter("client_id", clientId), + new Parameter("client_secret", clientSecret), + new Parameter("refresh_token", refreshToken) + ))) + .respond( + HttpResponse.response( + String.join("", + "{", + "\"access_token\": \"access token\",", + "\"token_type\": \"bearer\",", + "\"refresh_token\": \"refresh token\",", + "\"expires_in\": 156,", + "\"scope\": \"all\"", + "}" + ) ) - ) - ); + ); final AccessToken token = new FpAccessTokens(this.endpoint()) .userToken(clientId, clientSecret, refreshToken); assertThat(token.accessToken()).isEqualTo("access token"); @@ -131,15 +145,19 @@ public void testRevokeTokenAccessTokenOnly() { final String clientId = "client ID #2"; final String clientSecret = "client secret #2"; final String refreshToken = "refresh token"; - this.server().when( - HttpRequest.request("/oauth/revoke") - .withMethod("POST") - .withHeader("Authorization", "Bearer client-token") - .withQueryStringParameter("token", "user-token") - .withQueryStringParameter("token_type_hint", "access_token") - ).respond( - HttpResponse.response().withStatusCode(HttpStatus.SC_OK) - ); + this.server() + .when( + HttpRequest.request("/oauth/revoke") + .withMethod("POST") + .withHeader("Authorization", "Bearer client-token") + .withBody( + new ParameterBody( + new Parameter("token", "user-token"), + new Parameter("token_type_hint", "access_token") + ))) + .respond( + HttpResponse.response().withStatusCode(HttpStatus.SC_OK) + ); new FpAccessTokens(this.endpoint()) .revoke( new FakeAccessToken("client-token"), @@ -153,15 +171,19 @@ public void testRevokeTokenRefreshTokenOnly() { final String clientId = "client ID #2"; final String clientSecret = "client secret #2"; final String refreshToken = "refresh token"; - this.server().when( - HttpRequest.request("/oauth/revoke") - .withMethod("POST") - .withHeader("Authorization", "Bearer client-token") - .withQueryStringParameter("token", "user-token") - .withQueryStringParameter("token_type_hint", "refresh_token") - ).respond( - HttpResponse.response().withStatusCode(HttpStatus.SC_OK) - ); + this.server() + .when( + HttpRequest.request("/oauth/revoke") + .withMethod("POST") + .withHeader("Authorization", "Bearer client-token") + .withBody( + new ParameterBody( + new Parameter("token", "user-token"), + new Parameter("token_type_hint", "refresh_token") + ))) + .respond( + HttpResponse.response().withStatusCode(HttpStatus.SC_OK) + ); new FpAccessTokens(this.endpoint()) .revoke( new FakeAccessToken("client-token"),