Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.shindig.social.core.oauth
Class OAuth2AuthCodeFlowTest

java.lang.Object
  extended by org.junit.Assert
      extended by org.apache.shindig.common.EasyMockTestCase
          extended by org.apache.shindig.social.dataservice.integration.AbstractLargeRestfulTests
              extended by org.apache.shindig.social.core.oauth.OAuth2AuthCodeFlowTest

public class OAuth2AuthCodeFlowTest
extends AbstractLargeRestfulTests

Field Summary
protected static java.lang.String CONF_AUTH_CODE
           
protected static java.lang.String CONF_CLIENT_ID
           
protected static java.lang.String CONF_CLIENT_SECRET
           
protected static java.lang.String PUBLIC_AUTH_CODE
           
protected static java.lang.String PUBLIC_CLIENT_ID
           
protected static java.lang.String PUBLIC_REDIRECT_URI
           
protected static java.lang.String REDIRECT_URI
           
protected  org.apache.shindig.social.core.oauth2.OAuth2Servlet servlet
           
protected static java.lang.String SIMPLE_ACCESS_TOKEN
           
 
Fields inherited from class org.apache.shindig.social.dataservice.integration.AbstractLargeRestfulTests
injector, XMLSCHEMA, xp, XSDRESOURCE
 
Constructor Summary
OAuth2AuthCodeFlowTest()
           
 
Method Summary
 void abstractLargeRestfulBefore()
           
 void testConfidentialAuthCodeFlow()
          Test retrieving an auth code and using it to generate an access token
 void testGetAccessToken()
          Test retrieving an access token using a public client
 void testGetAccessTokenBadAuthCode()
          Test attempting to get an access token with an invalid authorization code
 void testGetAccessTokenBadClient()
          Test attempting to get an access token with an unregistered client ID
 void testGetAccessTokenBadConfidentialClientParams()
          Test attempting to get an access token using a bad client secret with a confidential client.
 void testGetAccessTokenBadGrantType()
          Test attempting to get an access token with a bad grant type
 void testGetAccessTokenConfClientBasicAuthBadID()
          Incorrect client ID used in Basic Authorization header
 void testGetAccessTokenConfidentialClientBasicAuth()
          Test using basic authentication scheme for client authentication
 void testGetAccessTokenConfidentialClientParams()
          Test using URL parameter to pass client secret to authenticate client
 void testGetAuthorizationCode()
          Test retrieving an authorization code using a public client
 void testGetAuthorizationCodeBadRedirect()
          Test retrieving an authorization code using a confidential client with a bad redirect URI The redirect URI is registered with this client, so passing a redirect that doesn't match the registered value should generate an error per the OAuth 2.0 spec.
 void testGetAuthorizationCodeConfidential()
          Test retrieving an authorization code using a confidential client Client authentication is not required for confidential clients accessing the authorization endpoint
 void testGetAuthorizationCodeNoRedirect()
          Test retrieving an authorization code using a confidential client without setting redirect URI The redirect URI is registered with this client, so omitting it should still generate a response using the registered redirect URI.
 void testGetAuthorizationCodePreserveState()
          Test retrieving an authorization code using a public client that preserves state
 void testReuseAuthorizationCode()
          Test attempting to re-use an authorization code to get a new access token.
 
Methods inherited from class org.apache.shindig.social.dataservice.integration.AbstractLargeRestfulTests
childNodesToMap, childNodesToMapofMap, childNodesToNodeMap, getJson, getResponse, getResponse, getResponse, getResponse, getResponse, getServlet, parseXmlContent, setResponse, setServlet
 
Methods inherited from class org.apache.shindig.common.EasyMockTestCase
mock, mock, mock, mock, replay, replay, reset, reset, verify
 
Methods inherited from class org.junit.Assert
assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertThat, assertThat, assertTrue, assertTrue, fail, fail
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SIMPLE_ACCESS_TOKEN

protected static final java.lang.String SIMPLE_ACCESS_TOKEN
See Also:
Constant Field Values

PUBLIC_CLIENT_ID

protected static final java.lang.String PUBLIC_CLIENT_ID
See Also:
Constant Field Values

PUBLIC_AUTH_CODE

protected static final java.lang.String PUBLIC_AUTH_CODE
See Also:
Constant Field Values

CONF_CLIENT_ID

protected static final java.lang.String CONF_CLIENT_ID
See Also:
Constant Field Values

CONF_CLIENT_SECRET

protected static final java.lang.String CONF_CLIENT_SECRET
See Also:
Constant Field Values

CONF_AUTH_CODE

protected static final java.lang.String CONF_AUTH_CODE
See Also:
Constant Field Values

PUBLIC_REDIRECT_URI

protected static final java.lang.String PUBLIC_REDIRECT_URI
See Also:
Constant Field Values

REDIRECT_URI

protected static final java.lang.String REDIRECT_URI
See Also:
Constant Field Values

servlet

protected org.apache.shindig.social.core.oauth2.OAuth2Servlet servlet
Constructor Detail

OAuth2AuthCodeFlowTest

public OAuth2AuthCodeFlowTest()
Method Detail

abstractLargeRestfulBefore

public void abstractLargeRestfulBefore()
                                throws java.lang.Exception
Overrides:
abstractLargeRestfulBefore in class AbstractLargeRestfulTests
Throws:
java.lang.Exception

testGetAccessToken

public void testGetAccessToken()
                        throws java.lang.Exception
Test retrieving an access token using a public client

Throws:
java.lang.Exception

testGetAuthorizationCode

public void testGetAuthorizationCode()
                              throws java.lang.Exception
Test retrieving an authorization code using a public client

Throws:
java.lang.Exception

testGetAuthorizationCodePreserveState

public void testGetAuthorizationCodePreserveState()
                                           throws java.lang.Exception
Test retrieving an authorization code using a public client that preserves state

Throws:
java.lang.Exception

testGetAuthorizationCodeConfidential

public void testGetAuthorizationCodeConfidential()
                                          throws java.lang.Exception
Test retrieving an authorization code using a confidential client Client authentication is not required for confidential clients accessing the authorization endpoint

Throws:
java.lang.Exception

testGetAuthorizationCodeNoRedirect

public void testGetAuthorizationCodeNoRedirect()
                                        throws java.lang.Exception
Test retrieving an authorization code using a confidential client without setting redirect URI The redirect URI is registered with this client, so omitting it should still generate a response using the registered redirect URI.

Throws:
java.lang.Exception

testGetAuthorizationCodeBadRedirect

public void testGetAuthorizationCodeBadRedirect()
                                         throws java.lang.Exception
Test retrieving an authorization code using a confidential client with a bad redirect URI The redirect URI is registered with this client, so passing a redirect that doesn't match the registered value should generate an error per the OAuth 2.0 spec. See Section 3.1.2.3 under http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-3.1.2

Throws:
java.lang.Exception

testConfidentialAuthCodeFlow

public void testConfidentialAuthCodeFlow()
                                  throws java.lang.Exception
Test retrieving an auth code and using it to generate an access token

Throws:
java.lang.Exception

testGetAccessTokenConfidentialClientParams

public void testGetAccessTokenConfidentialClientParams()
                                                throws java.lang.Exception
Test using URL parameter to pass client secret to authenticate client

Throws:
java.lang.Exception

testGetAccessTokenConfidentialClientBasicAuth

public void testGetAccessTokenConfidentialClientBasicAuth()
                                                   throws java.lang.Exception
Test using basic authentication scheme for client authentication

Throws:
java.lang.Exception

testGetAccessTokenConfClientBasicAuthBadID

public void testGetAccessTokenConfClientBasicAuthBadID()
                                                throws java.lang.Exception
Incorrect client ID used in Basic Authorization header

Throws:
java.lang.Exception

testGetAccessTokenBadConfidentialClientParams

public void testGetAccessTokenBadConfidentialClientParams()
                                                   throws java.lang.Exception
Test attempting to get an access token using a bad client secret with a confidential client.

Throws:
java.lang.Exception

testGetAccessTokenBadClient

public void testGetAccessTokenBadClient()
                                 throws java.lang.Exception
Test attempting to get an access token with an unregistered client ID

Throws:
java.lang.Exception

testGetAccessTokenBadGrantType

public void testGetAccessTokenBadGrantType()
                                    throws java.lang.Exception
Test attempting to get an access token with a bad grant type

Throws:
java.lang.Exception

testGetAccessTokenBadAuthCode

public void testGetAccessTokenBadAuthCode()
                                   throws java.lang.Exception
Test attempting to get an access token with an invalid authorization code

Throws:
java.lang.Exception

testReuseAuthorizationCode

public void testReuseAuthorizationCode()
                                throws java.lang.Exception
Test attempting to re-use an authorization code to get a new access token.

Throws:
java.lang.Exception
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2007-2012 The Apache Software Foundation. All Rights Reserved.