af38905e8a5231702db169603d942d5d2e0c4332David Luna* The contents of this file are subject to the terms of the Common Development and
af38905e8a5231702db169603d942d5d2e0c4332David Luna* Distribution License (the License). You may not use this file except in compliance with the
af38905e8a5231702db169603d942d5d2e0c4332David Luna* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
af38905e8a5231702db169603d942d5d2e0c4332David Luna* specific language governing permission and limitations under the License.
af38905e8a5231702db169603d942d5d2e0c4332David Luna* When distributing Covered Software, include this CDDL Header Notice in each file and include
af38905e8a5231702db169603d942d5d2e0c4332David Luna* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
af38905e8a5231702db169603d942d5d2e0c4332David Luna* Header, with the fields enclosed by brackets [] replaced by your own identifying
af38905e8a5231702db169603d942d5d2e0c4332David Luna* information: "Portions copyright [year] [name of copyright owner]".
af38905e8a5231702db169603d942d5d2e0c4332David Luna* Copyright 2015 ForgeRock AS.
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.OAuth2ProviderSettings;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.BadRequestException;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.InvalidClientException;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.InvalidRequestException;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.InvalidScopeException;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.NotFoundException;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.ServerException;
af38905e8a5231702db169603d942d5d2e0c4332David Lunaimport org.forgerock.oauth2.core.exceptions.UnsupportedResponseTypeException;
af38905e8a5231702db169603d942d5d2e0c4332David Luna OAuth2ProviderSettingsFactory mockProviderSettingsFactory;
af38905e8a5231702db169603d942d5d2e0c4332David Luna ClaimsParameterValidator claimsParameterValidator;
af38905e8a5231702db169603d942d5d2e0c4332David Luna //when accessing userinfo endpoint should return name
af38905e8a5231702db169603d942d5d2e0c4332David Luna //when accessing id_token endpoint should reutrn name either "Sponge" | "Bob"
af38905e8a5231702db169603d942d5d2e0c4332David Luna String validClaimsString = "{\"userinfo\" : { \"name\" : null }, " +
af38905e8a5231702db169603d942d5d2e0c4332David Luna "\"id_token\" : { \"name\" : { \"values\" : [ \"Sponge\", \"Bob\" ] } } }";
af38905e8a5231702db169603d942d5d2e0c4332David Luna String invalidClaimsString = "This is not valid JSON.";
af38905e8a5231702db169603d942d5d2e0c4332David Luna this.mockProviderSettingsFactory = mock(OAuth2ProviderSettingsFactory.class);
af38905e8a5231702db169603d942d5d2e0c4332David Luna this.claimsParameterValidator = new ClaimsParameterValidator(mockProviderSettingsFactory);
af38905e8a5231702db169603d942d5d2e0c4332David Luna public void shouldValidateClaimsParameter() throws NotFoundException, BadRequestException,
af38905e8a5231702db169603d942d5d2e0c4332David Luna RedirectUriMismatchException, InvalidScopeException, InvalidRequestException, InvalidClientException,
af38905e8a5231702db169603d942d5d2e0c4332David Luna ServerException, UnsupportedResponseTypeException {
af38905e8a5231702db169603d942d5d2e0c4332David Luna OAuth2Request mockRequest = mock(OAuth2Request.class);
af38905e8a5231702db169603d942d5d2e0c4332David Luna OAuth2ProviderSettings mockProviderSettings = mock(OAuth2ProviderSettings.class);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockProviderSettingsFactory.get(mockRequest)).willReturn(mockProviderSettings);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockProviderSettings.getClaimsParameterSupported()).willReturn(true);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockRequest.getParameter(OAuth2Constants.Custom.CLAIMS)).willReturn(validClaimsString);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockRequest.getParameter(OAuth2Constants.Params.RESPONSE_TYPE)).willReturn(responseTypes);
af38905e8a5231702db169603d942d5d2e0c4332David Luna claimsParameterValidator.validateRequest(mockRequest);
af38905e8a5231702db169603d942d5d2e0c4332David Luna @Test(expectedExceptions = BadRequestException.class)
af38905e8a5231702db169603d942d5d2e0c4332David Luna public void shouldErrorValidatingJson() throws NotFoundException, BadRequestException,
af38905e8a5231702db169603d942d5d2e0c4332David Luna RedirectUriMismatchException, InvalidScopeException, InvalidRequestException, InvalidClientException,
af38905e8a5231702db169603d942d5d2e0c4332David Luna ServerException, UnsupportedResponseTypeException {
af38905e8a5231702db169603d942d5d2e0c4332David Luna OAuth2Request mockRequest = mock(OAuth2Request.class);
af38905e8a5231702db169603d942d5d2e0c4332David Luna OAuth2ProviderSettings mockProviderSettings = mock(OAuth2ProviderSettings.class);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockProviderSettingsFactory.get(mockRequest)).willReturn(mockProviderSettings);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockProviderSettings.getClaimsParameterSupported()).willReturn(true);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockRequest.getParameter(OAuth2Constants.Custom.CLAIMS)).willReturn(invalidClaimsString);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockRequest.getParameter(OAuth2Constants.Params.RESPONSE_TYPE)).willReturn(responseTypes);
af38905e8a5231702db169603d942d5d2e0c4332David Luna claimsParameterValidator.validateRequest(mockRequest);
af38905e8a5231702db169603d942d5d2e0c4332David Luna @Test(expectedExceptions = BadRequestException.class)
af38905e8a5231702db169603d942d5d2e0c4332David Luna public void shouldErrorValidatingResponseType() throws NotFoundException, BadRequestException,
af38905e8a5231702db169603d942d5d2e0c4332David Luna RedirectUriMismatchException, InvalidScopeException, InvalidRequestException, InvalidClientException,
af38905e8a5231702db169603d942d5d2e0c4332David Luna ServerException, UnsupportedResponseTypeException {
af38905e8a5231702db169603d942d5d2e0c4332David Luna OAuth2Request mockRequest = mock(OAuth2Request.class);
af38905e8a5231702db169603d942d5d2e0c4332David Luna OAuth2ProviderSettings mockProviderSettings = mock(OAuth2ProviderSettings.class);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockProviderSettingsFactory.get(mockRequest)).willReturn(mockProviderSettings);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockProviderSettings.getClaimsParameterSupported()).willReturn(true);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockRequest.getParameter(OAuth2Constants.Custom.CLAIMS)).willReturn(validClaimsString);
af38905e8a5231702db169603d942d5d2e0c4332David Luna given(mockRequest.getParameter(OAuth2Constants.Params.RESPONSE_TYPE)).willReturn(responseTypes);