3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * The contents of this file are subject to the terms of the Common Development and
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * Distribution License (the License). You may not use this file except in compliance with the
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * specific language governing permission and limitations under the License.
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * When distributing Covered Software, include this CDDL Header Notice in each file and include
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * Header, with the fields enclosed by brackets [] replaced by your own identifying
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * information: "Portions copyright [year] [name of copyright owner]".
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell * Copyright 2014 ForgeRock AS.
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnellimport com.sun.identity.shared.datastruct.CollectionHelper;
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnellimport static com.sun.identity.workflow.ParameterKeys.*;
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnellimport static org.forgerock.openam.utils.CollectionUtils.*;
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnellimport static com.sun.identity.workflow.ConfigureSocialAuthN.*;
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnellimport static com.sun.identity.shared.datastruct.CollectionHelper.*;
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell private static final String WELL_KNOWN_CONTENT = "{" +
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell "\"" + WELL_KNOWN_AUTH_URL + "\":\"http://local.example.com/auth\"," +
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell "\"" + WELL_KNOWN_PROFILE_URL + "\":\"http://local.example.com/profile\"," +
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell "\"" + WELL_KNOWN_TOKEN_URL + "\":\"http://local.example.com/token\"," +
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell "\"" + WELL_KNOWN_ISSUER + "\":\"local.example.com\"" +
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell private ConfigureSocialAuthN task = new ConfigureSocialAuthN();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedClientSecret() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET_CONFIRM, asSet("fred"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(task.getValidatedClientSecret(params), "fred");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedClientSecretMissingSecret() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET_CONFIRM, asSet("freddy"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "missing-clientSecret");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedClientSecretMissingSecretConfirm() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET, asSet("freddy"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "missing-clientSecretConfirm");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedClientSecretMismatch() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET_CONFIRM, asSet("freddy"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "secrets-doesnt-match");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedRedirectUrl() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_REDIRECT_URL, asSet("http://example.com"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(task.getValidatedRedirectUrl(params), "http://example.com");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedRedirectUrlMissing() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "missing-redirectUrl");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedRedirectUrlInvalid() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "invalid-redirectUrl");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedFieldPresentOther() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(task.getValidatedField("other", params, null, "field", null), "fred");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedFieldMissingOther() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell task.getValidatedField("other", params, null, "field", "missing-image-url");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "missing-image-url");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedFieldPresent() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> attrs = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(task.getValidatedField("google", null, attrs, "field", null), "fred");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testGetValidatedFieldMissing() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> attrs = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell task.getValidatedField("google", null, attrs, "field", "missing-image-url");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "missing-image-url");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testCollectAuthModuleAttributes() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET, asSet("freddy"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET_CONFIRM, asSet("freddy"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_REDIRECT_URL, asSet("http://example.com"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> attrs = task.collectAuthModuleAttributes(Locale.ENGLISH, "microsoft", params);
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, "providerName"), "Microsoft");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_ID), "fred");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_SECRET), "freddy");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_TYPE), "client_secret");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE), "freddy");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_PROXY_URL), "http://example.com");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testCollectAuthModuleAttributesUsingWellKnownConfig() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET, asSet("freddy"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_CLIENT_SECRET_CONFIRM, asSet("freddy"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_REDIRECT_URL, asSet("http://example.com"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell String wellKnownUrl = "http://local.example.com/.well-known/config";
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell params.put(P_OPENID_DISCOVERY_URL, asSet(wellKnownUrl));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell ConfigureSocialAuthN task = spy(new ConfigureSocialAuthN());
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell doReturn(WELL_KNOWN_CONTENT).when(task).getWebContent(Locale.ENGLISH, wellKnownUrl);
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> attrs = task.collectAuthModuleAttributes(Locale.ENGLISH, "microsoft", params);
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, "providerName"), "Microsoft");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_ID), "fred");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CLIENT_SECRET), "freddy");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_TYPE), "client_secret");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE), "freddy");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_PROXY_URL), "http://example.com");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_AUTH_URL), "http://local.example.com/auth");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_TOKEN_URL), "http://local.example.com/token");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_USER_PROFILE_URL), "http://local.example.com/profile");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(attrs, AUTH_MODULE_ISSUER), "local.example.com");
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts public void testCollectAuthModuleAttributesUsingWellKnownConfigWithEmptyJwkUrl() throws Exception {
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts Map<String, Set<String>> params = new HashMap<String, Set<String>>();
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_CLIENT_SECRET, asSet("freddy"));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_CLIENT_SECRET_CONFIRM, asSet("freddy"));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_REDIRECT_URL, asSet("http://example.com"));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts String wellKnownUrl = "http://local.example.com/.well-known/config";
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_OPENID_DISCOVERY_URL, asSet(wellKnownUrl));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts ConfigureSocialAuthN task = spy(new ConfigureSocialAuthN());
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts String content = WELL_KNOWN_CONTENT.replaceAll("}", ",\""+ WELL_KNOWN_JWK +"\": \"\"}");
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts doReturn(content).when(task).getWebContent(Locale.ENGLISH, wellKnownUrl);
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts Map<String, Set<String>> attrs = task.collectAuthModuleAttributes(Locale.ENGLISH, "microsoft", params);
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_TYPE), "client_secret");
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE), "freddy");
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts public void testCollectAuthModuleAttributesUsingWellKnownConfigWithJwkUrl() throws Exception {
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts Map<String, Set<String>> params = new HashMap<String, Set<String>>();
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_CLIENT_SECRET, asSet("freddy"));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_CLIENT_SECRET_CONFIRM, asSet("freddy"));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_REDIRECT_URL, asSet("http://example.com"));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts String wellKnownUrl = "http://local.example.com/.well-known/config";
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts params.put(P_OPENID_DISCOVERY_URL, asSet(wellKnownUrl));
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts ConfigureSocialAuthN task = spy(new ConfigureSocialAuthN());
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts String content = WELL_KNOWN_CONTENT.replaceAll("}", ",\""+ WELL_KNOWN_JWK +"\": \"a\"}");
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts doReturn(content).when(task).getWebContent(Locale.ENGLISH, wellKnownUrl);
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts Map<String, Set<String>> attrs = task.collectAuthModuleAttributes(Locale.ENGLISH, "microsoft", params);
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_TYPE), "jwk_url");
8a6adda95a18267235cc79cc224cf42d3ab7ed95James Phillpotts assertEquals(getMapAttr(attrs, AUTH_MODULE_CRYPTO_VALUE), "a");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testCollectAuthModuleAttributesMissingClientId() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> params = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell task.collectAuthModuleAttributes(Locale.ENGLISH, "other", params);
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(e.getErrorCode(), "missing-clientId");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testReadPropertiesFile() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> properties = task.readPropertiesFile("test");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertEquals(getMapAttr(properties, "providerName"), "Test");
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertTrue(properties.get("multivalue").contains("value1"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell assertTrue(properties.get("multivalue").contains("value2"));
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public void testMergeProperties() throws Exception {
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> props1 = new HashMap<String, Set<String>>();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Map<String, Set<String>> props2 = new HashMap<String, Set<String>>();