AuthorizationCodeServerResourceTest.java revision f58c87ece2202b8f85310d8885c7e39a7f435c09
/*
* DO NOT REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2012 ForgeRock Inc. All rights reserved.
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*/
/**
* @author $author$
* @version $Revision$ $Date$
*/
public class AuthorizationCodeServerResourceTest extends AbstractFlowTest {
@Test
public void testValidRequest() throws Exception {
// handle
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
// assert
}
});
}
/*
The authorization server MUST support the use of the HTTP "GET"
method [RFC2616] for the authorization endpoint, and MAY support the
use of the "POST" method as well.
*/
@Test
public void testAuthorizationAllowsGETRequest() throws Exception {
// handle
//do GET instead of post
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
// assert
}
});
}
/*
Parameters sent without a value MUST be treated as if they were
omitted from the request.
*/
@Test
public void testAuthorizationEmptyParameterValue() throws Exception {
// handle
//send empty redirect uri
// handle
// assert
}
});
}
/*
The authorization server MUST ignore
unrecognized request parameters.
*/
@Test
public void testAuthorizationIgnoreUnrecognizedRequestParameter() throws Exception {
// handle
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
// assert
}
});
}
/*
Request and response parameters
MUST NOT be included more than once
*/
@Test
public void testAuthorizationMultipleSameRequestParameters() throws Exception {
// handle
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
// assert
}
});
}
/*
If an authorization request is missing the "response_type" parameter,
or if the response type is not understood, the authorization server
MUST return an error response as described in Section 4.1.2.1.
*/
@Test
public void testAuthorizationForMisUnderstoodResponseType() throws Exception {
// handle
//miss understood response type
/* TODO: add the test for missing response type */
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
}
/*
If an authorization request fails validation due to a missing,
invalid, or mismatching redirection URI, the authorization server
SHOULD inform the resource owner of the error, and MUST NOT
automatically redirect the user-agent to the invalid redirection URI.
*/
@Test
public void testAuthorizationInvalidRedirectURIInRequestParameters() throws Exception {
// handle
// handle
// assert
assertThat(fragment.getValuesMap().get(OAuth2Constants.Params.ERROR).equalsIgnoreCase(OAuth2Constants.Error.REDIRECT_URI_MISMATCH));
}
/* TODO:
A public client that was not issued a client password MUST use the
"client_id" request parameter to identify itself when sending requests
to the token endpoint.
*/
@Test
public void testValidTokenRequest() throws Exception {
// handle
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
// assert
}
});
/*BearerToken token =
auth2Proxy.flowAuthorizationToken(fragment.getFirstValue(OAuth2.Params.CODE));
assertNotNull(token);*/
parameters = new Form();
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
parameters.add(OAuth2Constants.Params.CODE, fragment.getValuesMap().get(OAuth2Constants.Params.CODE));
// assert
}
});
}
/*
The client MUST use the HTTP "POST" method when making access token
requests.
*/
@Test
public void testTokenGETRequest() throws Exception {
// handle
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
// assert
}
});
/*BearerToken token =
auth2Proxy.flowAuthorizationToken(fragment.getFirstValue(OAuth2.Params.CODE));
assertNotNull(token);*/
parameters = new Form();
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
parameters.add(OAuth2Constants.Params.CODE, fragment.getValuesMap().get(OAuth2Constants.Params.CODE));
}
/*
If an authorization request fails validation due to a missing,
invalid, or mismatching redirection URI, the authorization server
SHOULD inform the resource owner of the error, and MUST NOT
automatically redirect the user-agent to the invalid redirection URI.
*/
@Test
public void testTokenInvalidRedirectURIRequest() throws Exception {
// handle
parameters.add(OAuth2Constants.Params.REDIRECT_URI, auth2Proxy.getRedirectionEndpoint().toString());
// handle
// assert
}
});
/*BearerToken token =
auth2Proxy.flowAuthorizationToken(fragment.getFirstValue(OAuth2.Params.CODE));
assertNotNull(token);*/
parameters = new Form();
parameters.add(OAuth2Constants.Params.CODE, fragment.getValuesMap().get(OAuth2Constants.Params.CODE));
// assert
assertThat(fragment.getValuesMap().get(OAuth2Constants.Params.ERROR).equalsIgnoreCase(OAuth2Constants.Error.REDIRECT_URI_MISMATCH));
}
}