forked from boschresearch/catena-x-edc
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
> Shouldn't we switch back to the upstream oauth2 module since they are feature-equivalent right now? That happened with this PR: [eclipse-edc/Connector#2000](eclipse-edc/Connector#2000) > > On the upstream the code is already well covered with tests. > > Will come up with a dedicated PR As long as we have and support our custom oauth2-extension and as someone volunteered to write test we should merge them. But yeah, going back to an equivalent oauth2 extension coming from upstream is desired.
- Loading branch information
1 parent
ee2b872
commit 4db8aea
Showing
4 changed files
with
251 additions
and
1 deletion.
There are no files selected for viewing
73 changes: 73 additions & 0 deletions
73
.../cx-oauth2/src/test/java/net/catenax/edc/oauth2/jwt/validation/AudValidationRuleTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
/* | ||
* Copyright (c) 2022 Mercedes-Benz Tech Innovation GmbH | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Apache License, Version 2.0 which is available at | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* Contributors: | ||
* Mercedes-Benz Tech Innovation GmbH - Initial API and Implementation | ||
* | ||
*/ | ||
package net.catenax.edc.oauth2.jwt.validation; | ||
|
||
import java.util.List; | ||
import java.util.Map; | ||
import org.eclipse.dataspaceconnector.spi.iam.ClaimToken; | ||
import org.eclipse.dataspaceconnector.spi.monitor.Monitor; | ||
import org.eclipse.dataspaceconnector.spi.result.Result; | ||
import org.junit.jupiter.api.Assertions; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
import org.mockito.Mockito; | ||
|
||
public class AudValidationRuleTest { | ||
|
||
private static final String AUDIENCE = "audience"; | ||
|
||
private AudValidationRule rule; | ||
|
||
@BeforeEach | ||
public void setup() { | ||
final Monitor monitor = Mockito.mock(Monitor.class); | ||
rule = new AudValidationRule(AUDIENCE, monitor); | ||
} | ||
|
||
@Test | ||
void checkRuleSuccess() { | ||
final Map<String, Object> claims = Map.of("aud", List.of(AUDIENCE)); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
Result<Void> result = rule.checkRule(token, null); | ||
|
||
Assertions.assertTrue(result.succeeded()); | ||
} | ||
|
||
@Test | ||
void checkRuleNoClaims() { | ||
final Map<String, Object> claims = Map.of(); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
Result<Void> result = rule.checkRule(token, null); | ||
|
||
Assertions.assertFalse(result.succeeded()); | ||
} | ||
|
||
@Test | ||
void checkRuleClaimMissing() { | ||
final Map<String, Object> claims = Map.of("foo", List.of(AUDIENCE)); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
Result<Void> result = rule.checkRule(token, null); | ||
|
||
Assertions.assertFalse(result.succeeded()); | ||
} | ||
|
||
@Test | ||
void checkRuleAudNotList() { | ||
final Map<String, Object> claims = Map.of("aud", AUDIENCE); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
Result<Void> result = rule.checkRule(token, null); | ||
|
||
Assertions.assertFalse(result.succeeded()); | ||
} | ||
} |
68 changes: 68 additions & 0 deletions
68
.../cx-oauth2/src/test/java/net/catenax/edc/oauth2/jwt/validation/ExpValidationRuleTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
/* | ||
* Copyright (c) 2022 Mercedes-Benz Tech Innovation GmbH | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Apache License, Version 2.0 which is available at | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* Contributors: | ||
* Mercedes-Benz Tech Innovation GmbH - Initial API and Implementation | ||
* | ||
*/ | ||
package net.catenax.edc.oauth2.jwt.validation; | ||
|
||
import java.text.SimpleDateFormat; | ||
import java.time.Clock; | ||
import java.util.Date; | ||
import java.util.Map; | ||
import lombok.SneakyThrows; | ||
import org.eclipse.dataspaceconnector.spi.iam.ClaimToken; | ||
import org.eclipse.dataspaceconnector.spi.result.Result; | ||
import org.junit.jupiter.api.Assertions; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
import org.mockito.Mockito; | ||
|
||
public class ExpValidationRuleTest { | ||
|
||
private static final String EXP = "exp"; | ||
|
||
private ExpValidationRule rule; | ||
|
||
// Mocks | ||
private Clock clock; | ||
|
||
@BeforeEach | ||
public void setUp() { | ||
clock = Mockito.mock(Clock.class); | ||
rule = new ExpValidationRule(clock); | ||
} | ||
|
||
@Test | ||
@SneakyThrows | ||
public void checkNotExpired() { | ||
Date date = new SimpleDateFormat("yyyy-MM-dd").parse("2021-01-01"); | ||
final Map<String, Object> claims = Map.of(EXP, date); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
|
||
Mockito.when(clock.instant()).thenReturn(date.toInstant().minusSeconds(30)); | ||
final Result<Void> result = rule.checkRule(token, null); | ||
|
||
Assertions.assertTrue(result.succeeded()); | ||
} | ||
|
||
@Test | ||
@SneakyThrows | ||
public void checkExpired() { | ||
Date date = new SimpleDateFormat("yyyy-MM-dd").parse("2021-01-01"); | ||
final Map<String, Object> claims = Map.of(EXP, date); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
|
||
Mockito.when(clock.instant()).thenReturn(date.toInstant().plusSeconds(30)); | ||
final Result<Void> result = rule.checkRule(token, null); | ||
|
||
Assertions.assertFalse(result.succeeded()); | ||
} | ||
} |
110 changes: 110 additions & 0 deletions
110
.../cx-oauth2/src/test/java/net/catenax/edc/oauth2/jwt/validation/IatValidationRuleTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
/* | ||
* Copyright (c) 2022 Mercedes-Benz Tech Innovation GmbH | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Apache License, Version 2.0 which is available at | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* Contributors: | ||
* Mercedes-Benz Tech Innovation GmbH - Initial API and Implementation | ||
* | ||
*/ | ||
package net.catenax.edc.oauth2.jwt.validation; | ||
|
||
import java.text.SimpleDateFormat; | ||
import java.time.Clock; | ||
import java.util.Date; | ||
import java.util.Map; | ||
import lombok.SneakyThrows; | ||
import org.eclipse.dataspaceconnector.spi.iam.ClaimToken; | ||
import org.junit.jupiter.api.Assertions; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
import org.mockito.Mockito; | ||
|
||
public class IatValidationRuleTest { | ||
|
||
private static final String ISSUED_AT = "iat"; | ||
private static final String EXPIRATION = "exp"; | ||
|
||
private IatValidationRule rule; | ||
|
||
// mocks | ||
private Clock clock; | ||
|
||
@BeforeEach | ||
public void setup() { | ||
clock = Mockito.mock(Clock.class); | ||
rule = new IatValidationRule(clock); | ||
} | ||
|
||
@Test | ||
@SneakyThrows | ||
public void testSuccess() { | ||
Date issuedDate = new SimpleDateFormat("yyyy-MM-dd").parse("2021-01-01"); | ||
Date expirationDate = new SimpleDateFormat("yyyy-MM-dd").parse("2022-01-01"); | ||
final Map<String, Object> claims = Map.of(ISSUED_AT, issuedDate, EXPIRATION, expirationDate); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
|
||
Mockito.when(clock.instant()).thenReturn(issuedDate.toInstant().plusSeconds(30)); | ||
final var result = rule.checkRule(token, null); | ||
|
||
Assertions.assertTrue(result.succeeded()); | ||
} | ||
|
||
@Test | ||
@SneakyThrows | ||
public void testIssuedAtClaimMissing() { | ||
Date expirationDate = new SimpleDateFormat("yyyy-MM-dd").parse("2022-01-01"); | ||
final Map<String, Object> claims = Map.of(EXPIRATION, expirationDate); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
|
||
Mockito.when(clock.instant()).thenReturn(expirationDate.toInstant().plusSeconds(30)); | ||
final var result = rule.checkRule(token, null); | ||
|
||
Assertions.assertFalse(result.succeeded()); | ||
} | ||
|
||
@Test | ||
@SneakyThrows | ||
public void testExpirationClaimMissing() { | ||
Date issuedDate = new SimpleDateFormat("yyyy-MM-dd").parse("2022-01-01"); | ||
final Map<String, Object> claims = Map.of(ISSUED_AT, issuedDate); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
|
||
Mockito.when(clock.instant()).thenReturn(issuedDate.toInstant().plusSeconds(30)); | ||
final var result = rule.checkRule(token, null); | ||
|
||
Assertions.assertTrue(result.succeeded()); | ||
} | ||
|
||
@Test | ||
@SneakyThrows | ||
public void testNowBeforeIssuedAt() { | ||
Date issuedDate = new SimpleDateFormat("yyyy-MM-dd").parse("2021-01-01"); | ||
Date expirationDate = new SimpleDateFormat("yyyy-MM-dd").parse("2022-01-01"); | ||
final Map<String, Object> claims = Map.of(ISSUED_AT, issuedDate, EXPIRATION, expirationDate); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
|
||
Mockito.when(clock.instant()).thenReturn(issuedDate.toInstant().minusSeconds(30)); | ||
final var result = rule.checkRule(token, null); | ||
|
||
Assertions.assertFalse(result.succeeded()); | ||
} | ||
|
||
@Test | ||
@SneakyThrows | ||
public void testExpirationBeforeIssuedAt() { | ||
Date issuedDate = new SimpleDateFormat("yyyy-MM-dd").parse("2022-01-01"); | ||
Date expirationDate = new SimpleDateFormat("yyyy-MM-dd").parse("2021-01-01"); | ||
final Map<String, Object> claims = Map.of(ISSUED_AT, issuedDate, EXPIRATION, expirationDate); | ||
final ClaimToken token = ClaimToken.Builder.newInstance().claims(claims).build(); | ||
|
||
Mockito.when(clock.instant()).thenReturn(issuedDate.toInstant().plusSeconds(30)); | ||
final var result = rule.checkRule(token, null); | ||
|
||
Assertions.assertFalse(result.succeeded()); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters