|
1 | 1 | package com.sap.cloud.lm.sl.cf.client.util; |
2 | 2 |
|
3 | 3 | import static org.junit.Assert.assertEquals; |
4 | | -import static org.junit.Assert.assertTrue; |
5 | 4 |
|
6 | 5 | import java.util.Arrays; |
7 | | -import java.util.Base64; |
8 | 6 | import java.util.UUID; |
9 | 7 |
|
10 | 8 | import org.junit.Test; |
| 9 | +import org.junit.experimental.runners.Enclosed; |
11 | 10 | import org.junit.runner.RunWith; |
12 | 11 | import org.junit.runners.Parameterized; |
13 | 12 | import org.junit.runners.Parameterized.Parameters; |
14 | 13 | import org.springframework.security.oauth2.common.OAuth2AccessToken; |
15 | 14 |
|
16 | | -@RunWith(Parameterized.class) |
| 15 | +@RunWith(Enclosed.class) |
17 | 16 | public class TokenFactoryTest { |
18 | 17 |
|
19 | | - private static final String USER_NAME = "test-user"; |
20 | | - private static final String CLIENT_ID = "test-cliend-id"; |
21 | | - private static final String SAMPLE_TOKEN = "bearer eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI2MTkyM2FkYi1iYjViLTQ4NTktODIzNy0yM2YxNzg5ZTJmOTAiLCJzdWIiOiIxNTUxODQiLCJzY29wZSI6WyJjbG91ZF9jb250cm9sbGVyLnJlYWQiLCJjbG91ZF9jb250cm9sbGVyLndyaXRlIiwiY2xvdWRfY29udHJvbGxlci5hZG1pbiIsInVhYS51c2VyIl0sImNsaWVudF9pZCI6ImNmIiwiY2lkIjoiY2YiLCJhenAiOiJjZiIsImdyYW50X3R5cGUiOiJwYXNzd29yZCIsInVzZXJfaWQiOiIxNTUxODQiLCJ1c2VyX25hbWUiOiJYU01BU1RFUiIsImVtYWlsIjoiWFNNQVNURVJAdW5rbm93biIsImZhbWlseV9uYW1lIjoiWFNNQVNURVIiLCJpYXQiOjE0NDc3NDUzMjgsImV4cCI6MTQ0Nzc4ODUyOCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL3VhYS9vYXV0aC90b2tlbiIsInppZCI6InVhYSIsImF1ZCI6WyJjbG91ZF9jb250cm9sbGVyIiwiY2YiLCJ1YWEiXX0.P9XJTA4AV5aHS_ozw5WZXgIPc3M9Q_-1oKc1tLDEC5lkx1vNZjd5ozGaZs8UvgECJ_sTY_ZL2izDAKc3ew8hv9y6i6O3V-BxAs9pxkAIo2GPVmHzZQg8t6iG6c-iz1JnMan9nnbjFmMve5qjl9dgoCat-VaWfIW7TRagQ05dNO8DXJkQiiRioQ5kzoxQV4jUgxk5tczix-s8VQfqobW472A4t087DnaCYOOdz9MF8WLoffWRX8BkYJnBgVJ0kcWPZwMuB9BBPC4Les2NiZaKpLDahPrmp340izGg9pUhUsjPbllAph5odhMDb1Lc8_Q-yKiEt-DwZ72-VkCZE-MPjQ"; |
22 | | - |
23 | | - @Parameters |
24 | | - public static Iterable<Object[]> data() { |
25 | | - return Arrays.asList(new Object[][] { |
26 | | - // @formatter:off |
27 | | - { "", "", }, |
28 | | - { USER_NAME, "", }, |
29 | | - { "", CLIENT_ID, }, |
30 | | - { USER_NAME, CLIENT_ID, } |
31 | | - // @formatter:on |
32 | | - }); |
33 | | - } |
| 18 | + @RunWith(Parameterized.class) |
| 19 | + public static class DummyTokenFactoryTest { |
| 20 | + |
| 21 | + @Parameters |
| 22 | + public static Iterable<Object[]> getParameters() { |
| 23 | + return Arrays.asList(new Object[][] { |
| 24 | +// @formatter:off |
| 25 | + { "barney", "swarlz", }, |
| 26 | + { "", "swarlz", }, |
| 27 | + { "barney", "", }, |
| 28 | + { "", "", }, |
| 29 | +// @formatter:on |
| 30 | + }); |
| 31 | + } |
| 32 | + |
| 33 | + private String userName; |
| 34 | + private String clientId; |
34 | 35 |
|
35 | | - private String userName; |
36 | | - private String clientId; |
| 36 | + private TokenFactory tokenFactory = new TokenFactory(); |
| 37 | + |
| 38 | + public DummyTokenFactoryTest(String userName, String clientId) { |
| 39 | + this.userName = userName; |
| 40 | + this.clientId = clientId; |
| 41 | + } |
| 42 | + |
| 43 | + @Test |
| 44 | + public void testCreateDummyToken() { |
| 45 | + OAuth2AccessToken token = tokenFactory.createDummyToken(userName, clientId); |
| 46 | + validateToken(token, new TokenProperties(clientId, new UUID(0, 0).toString(), userName)); |
| 47 | + } |
37 | 48 |
|
38 | | - public TokenFactoryTest(String userName, String clientId) { |
39 | | - this.userName = userName; |
40 | | - this.clientId = clientId; |
41 | 49 | } |
42 | 50 |
|
43 | | - @Test |
44 | | - public void testCreateToken() { |
45 | | - TokenFactory tokenFactory = new TokenFactory(); |
46 | | - OAuth2AccessToken token = null; |
47 | | - if (userName.equals("") && clientId.equals("")) { |
48 | | - token = tokenFactory.createToken(SAMPLE_TOKEN); |
49 | | - assertToken(token, "XSMASTER", "cf", "155184"); |
50 | | - } else { |
51 | | - token = tokenFactory.createDummyToken(userName, clientId); |
52 | | - assertToken(token, userName, clientId, new UUID(0, 0).toString()); |
| 51 | + @RunWith(Parameterized.class) |
| 52 | + public static class OauthTokenFactoryTest { |
| 53 | + |
| 54 | + @Parameters |
| 55 | + public static Iterable<Object[]> getParameters() { |
| 56 | + return Arrays.asList(new Object[][] { |
| 57 | +// @formatter:off |
| 58 | + // (0) Valid token: |
| 59 | + { |
| 60 | + "eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI2MTkyM2FkYi1iYjViLTQ4NTktODIzNy0yM2YxNzg5ZTJmOTAiLCJzdWIiOiIxNTUxODQiLCJzY29wZSI6WyJjbG91ZF9jb250cm9sbGVyLnJlYWQiLCJjbG91ZF9jb250cm9sbGVyLndyaXRlIiwiY2xvdWRfY29udHJvbGxlci5hZG1pbiIsInVhYS51c2VyIl0sImNsaWVudF9pZCI6ImNmIiwiY2lkIjoiY2YiLCJhenAiOiJjZiIsImdyYW50X3R5cGUiOiJwYXNzd29yZCIsInVzZXJfaWQiOiIxNTUxODQiLCJ1c2VyX25hbWUiOiJYU01BU1RFUiIsImVtYWlsIjoiWFNNQVNURVJAdW5rbm93biIsImZhbWlseV9uYW1lIjoiWFNNQVNURVIiLCJpYXQiOjE0NDc3NDUzMjgsImV4cCI6MTQ0Nzc4ODUyOCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL3VhYS9vYXV0aC90b2tlbiIsInppZCI6InVhYSIsImF1ZCI6WyJjbG91ZF9jb250cm9sbGVyIiwiY2YiLCJ1YWEiXX0.P9XJTA4AV5aHS_ozw5WZXgIPc3M9Q_-1oKc1tLDEC5lkx1vNZjd5ozGaZs8UvgECJ_sTY_ZL2izDAKc3ew8hv9y6i6O3V-BxAs9pxkAIo2GPVmHzZQg8t6iG6c-iz1JnMan9nnbjFmMve5qjl9dgoCat-VaWfIW7TRagQ05dNO8DXJkQiiRioQ5kzoxQV4jUgxk5tczix-s8VQfqobW472A4t087DnaCYOOdz9MF8WLoffWRX8BkYJnBgVJ0kcWPZwMuB9BBPC4Les2NiZaKpLDahPrmp340izGg9pUhUsjPbllAph5odhMDb1Lc8_Q-yKiEt-DwZ72-VkCZE-MPjQ", |
| 61 | + new TokenProperties("cf", "155184", "XSMASTER"), |
| 62 | + }, |
| 63 | + // (1) Valid token, the body of which cannot be parsed with the standard base 64 decoder (a base 64 URL decoder must be used for this one): |
| 64 | + { |
| 65 | + "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIzZmEyMGRjMzAwY2Y0ZDg2ODU4NWVjYzFhZGQyOWJlNyIsImV4dF9hdHRyIjp7ImVuaGFuY2VyIjoiWFNVQUEifSwic3ViIjoiMTQxMzIxMzI3Iiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5yZWFkIiwiY2xvdWRfY29udHJvbGxlci53cml0ZSIsIm9wZW5pZCIsInhzX3VzZXIucmVhZCIsImNsb3VkX2NvbnRyb2xsZXIuYWRtaW4iLCJ1YWEudXNlciJdLCJjbGllbnRfaWQiOiJjZiIsImNpZCI6ImNmIiwiYXpwIjoiY2YiLCJyZXZvY2FibGUiOnRydWUsImdyYW50X3R5cGUiOiJwYXNzd29yZCIsInVzZXJfaWQiOiIxNDEzMjEzMjciLCJvcmlnaW4iOiJ1YWEiLCJ1c2VyX25hbWUiOiJYU0FfQURNSU4iLCJlbWFpbCI6IlhTQV9BRE1JTkB1bmtub3duIiwicmV2X3NpZyI6ImU2MDQyZGFhIiwiaWF0IjoxNTIxMzgwNjI1LCJleHAiOjE1MjE0MjM4MjUsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC91YWEvb2F1dGgvdG9rZW4iLCJ6aWQiOiJ1YWEiLCJoZGIubmFtZWR1c2VyLnNhbWwiOiI8P3htbCB2ZXJzaW9uPVwiMS4wXCIgZW5jb2Rpbmc9XCJVVEYtOFwiPz48c2FtbDI6QXNzZXJ0aW9uIHhtbG5zOnNhbWwyPVwidXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvblwiIElEPVwiX2Q5YjgxNWQ1LTNlMTYtNDU1Mi1iMjQwLTAyNmE2OGUwZTMzMlwiIElzc3VlSW5zdGFudD1cIjIwMTgtMDMtMTVUMTY6MTE6MjkuNzQxWlwiIFZlcnNpb249XCIyLjBcIj48c2FtbDI6SXNzdWVyPkNBRC1zYW1sPC9zYW1sMjpJc3N1ZXI-PGRzOlNpZ25hdHVyZSB4bWxuczpkcz1cImh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNcIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09XCJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biNcIi8-PGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09XCJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTFcIi8-PGRzOlJlZmVyZW5jZSBVUkk9XCIjX2Q5YjgxNWQ1LTNlMTYtNDU1Mi1iMjQwLTAyNmE2OGUwZTMzMlwiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPVwiaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmVcIi8-PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09XCJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biNcIi8-PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPVwiaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTFcIi8-PGRzOkRpZ2VzdFZhbHVlPlFKVG1obnJXMDY3Z3VDbWJmMTdXc1lYaCtKUT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU-TzhxaDZZaWluUkhldUZkZk1qVkg0VVBlTzc5MWs2bmRrSU9wN2JQRkhnQVB0MWVpeGFGN2dTYnFMV2FmV2d5OHIrSUhlZTZmZXZjQkdMSzRMUGxPSjRmcTR3NFNsWVlzVDZBWGRKMyswZUxEQnR2QjRYN3B0MDRYMVR2UThUelVWSlovQmdLQ2huSEl4RlRocGJ6VXRINmpzQ2d1anoyaW1yenB0S083Z0JnRWplNUF6Lzg4OUJCZ29mZTRiTytJRk9hU3h2VnlKZWZJTDZSS1AzNVd6MFpOdzBqdEVNemtScEh3eFpKcVJtRjJ3Ym11YUk2ZDBNMXVVR09MVjhzUVkvdjZLbUw4U0JjZmZNZ2hDaUNFZDd6VHZqa2ZnVzBDU2xZVzFSV0ZvOURLaUFqeEt6NUtnMDliaCtZOENOaGViNFp4d09hNCtjd2d0eWVQUy9aWUZBPT08L2RzOlNpZ25hdHVyZVZhbHVlPjwvZHM6U2lnbmF0dXJlPjxzYW1sMjpTdWJqZWN0PjxzYW1sMjpOYW1lSUQgRm9ybWF0PVwidXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWRcIj5YU0FfQURNSU48L3NhbWwyOk5hbWVJRD48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9XCJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyXCI-PHNhbWwyOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj1cIjIwMTgtMDMtMTVUMjA6MTY6MjkuNzQxWlwiLz48L3NhbWwyOlN1YmplY3RDb25maXJtYXRpb24-PC9zYW1sMjpTdWJqZWN0PjxzYW1sMjpDb25kaXRpb25zIE5vdEJlZm9yZT1cIjIwMTgtMDMtMTVUMTY6MTE6MjkuNzQxWlwiIE5vdE9uT3JBZnRlcj1cIjIwMTgtMDMtMTVUMjA6MTY6MjkuNzQxWlwiLz48c2FtbDI6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PVwiMjAxOC0wMy0xNVQxNjoxNjoyOS43NDFaXCIgU2Vzc2lvbk5vdE9uT3JBZnRlcj1cIjIwMTgtMDMtMTVUMTY6MjE6MjkuNzQxWlwiPjxzYW1sMjpBdXRobkNvbnRleHQ-PHNhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sMjpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWwyOkF1dGhuQ29udGV4dD48L3NhbWwyOkF1dGhuU3RhdGVtZW50Pjwvc2FtbDI6QXNzZXJ0aW9uPiIsImF1ZCI6WyJjbG91ZF9jb250cm9sbGVyIiwiY2YiLCJ1YWEiLCJ4c191c2VyIiwib3BlbmlkIl19.oCKdh2rOQ0CjlBV7D-aSsB2JQ20JMRyT4zmHc2iJDwAviCHvFx1_zdWHtH-XO67D78ElLriks3fKBnbcsLU_OlesF_1HbdE8IcQp0Wsmtc-ZvYQaGaEDkCC8iMx0ibGGEdWa264eejo2xbsNh0enDtL9SQZAfZkfDnhywpsrtJEQTgziQKFxR-AAzRQAX9H5esxI4KqWIMTveTp9rne-XH3bA70CCRH_3xiOvVaQ06tGjap6zkZTHrqFUXZvnTqK1fiJOzjeYLcyBYvd4C6gyiRyYOjyaMZlbj8SK3wZItQpCwPO40Yn7E5aOZdZpapEZ6qZ4rlptnT1WSx5-ZekYA", |
| 66 | + new TokenProperties("cf", "141321327", "XSA_ADMIN"), |
| 67 | + }, |
| 68 | + // (2) Token that contains only the user's name: |
| 69 | + { |
| 70 | + "eyJhbGciOiJSUzI1NiJ9.eyJ1c2VyX25hbWUiOiJ0ZXN0LXVzZXIifQ==.P9XJTA4AV5aHS_ozw5WZXgIPc3M9Q_-1oKc1tLDEC5lkx1vNZjd5ozGaZs8UvgECJ_sTY_ZL2izDAKc3ew8hv9y6i6O3V-BxAs9pxkAIo2GPVmHzZQg8t6iG6c-iz1JnMan9nnbjFmMve5qjl9dgoCat-VaWfIW7TRagQ05dNO8DXJkQiiRioQ5kzoxQV4jUgxk5tczix-s8VQfqobW472A4t087DnaCYOOdz9MF8WLoffWRX8BkYJnBgVJ0kcWPZwMuB9BBPC4Les2NiZaKpLDahPrmp340izGg9pUhUsjPbllAph5odhMDb1Lc8_Q-yKiEt-DwZ72-VkCZE-MPjQ", |
| 71 | + null, |
| 72 | + }, |
| 73 | + // (3) Token without a signature: |
| 74 | + { |
| 75 | + "eyJhbGciOiJSUzI1NiJ9.eyJ1c2VyX25hbWUiOiJ0ZXN0LXVzZXIifQ==", |
| 76 | + null, |
| 77 | + }, |
| 78 | +// @formatter:on |
| 79 | + }); |
| 80 | + } |
| 81 | + |
| 82 | + private final String tokenString; |
| 83 | + private final TokenProperties expectedTokenProperties; |
| 84 | + |
| 85 | + private TokenFactory tokenFactory = new TokenFactory(); |
| 86 | + |
| 87 | + public OauthTokenFactoryTest(String tokenString, TokenProperties expectedTokenProperties) { |
| 88 | + this.tokenString = tokenString; |
| 89 | + this.expectedTokenProperties = expectedTokenProperties; |
| 90 | + } |
| 91 | + |
| 92 | + @Test |
| 93 | + public void testCreateToken() { |
| 94 | + OAuth2AccessToken token = tokenFactory.createToken(tokenString); |
| 95 | + if (expectedTokenProperties != null) { |
| 96 | + validateToken(token, expectedTokenProperties); |
| 97 | + } |
53 | 98 | } |
54 | 99 |
|
55 | | - token = tokenFactory.createToken(getTestToken()); |
56 | | - assertTrue(token == null); |
57 | 100 | } |
58 | 101 |
|
59 | | - private void assertToken(OAuth2AccessToken token, String userName, String clientId, String uuid) { |
| 102 | + private static void validateToken(OAuth2AccessToken token, TokenProperties expectedTokenProperties) { |
60 | 103 | TokenProperties tokenProperties = TokenProperties.fromToken(token); |
61 | | - assertEquals(clientId, tokenProperties.getClientId()); |
62 | | - assertEquals(userName, tokenProperties.getUserName()); |
63 | | - assertEquals(uuid, tokenProperties.getUserId()); |
| 104 | + assertEquals(expectedTokenProperties.getClientId(), tokenProperties.getClientId()); |
| 105 | + assertEquals(expectedTokenProperties.getUserName(), tokenProperties.getUserName()); |
| 106 | + assertEquals(expectedTokenProperties.getUserId(), tokenProperties.getUserId()); |
64 | 107 | } |
65 | 108 |
|
66 | | - private String getTestToken() { |
67 | | - String testTokenJson = "{\"user_name\":\"test-user\"}"; |
68 | | - byte[] encodedData = Base64.getEncoder() |
69 | | - .encode(testTokenJson.getBytes()); |
70 | | - return "bearer test." + new String(encodedData) + ".test"; |
71 | | - } |
72 | 109 | } |
0 commit comments