Skip to content

Commit 1af7783

Browse files
alvarosaugarlrbrianchandotcom
alvarosaugarlr
authored and
brianchandotcom
committed
LPD-51524 adding tests to enhance the test coverage of OAuth 2 API access based validation on Scopes
1 parent edea95b commit 1af7783

File tree

1 file changed

+68
-1
lines changed
  • modules/apps/oauth2-provider/oauth2-provider-test/src/testIntegration/java/com/liferay/oauth2/provider/client/test

1 file changed

+68
-1
lines changed

modules/apps/oauth2-provider/oauth2-provider-test/src/testIntegration/java/com/liferay/oauth2/provider/client/test/ScopeFinderTest.java

Lines changed: 68 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,16 +8,23 @@
88
import com.liferay.arquillian.extension.junit.bridge.junit.Arquillian;
99
import com.liferay.oauth2.provider.constants.GrantType;
1010
import com.liferay.oauth2.provider.internal.test.TestRunnablePostHandlingApplication;
11+
import com.liferay.oauth2.provider.model.OAuth2Application;
1112
import com.liferay.oauth2.provider.scope.spi.scope.finder.ScopeFinder;
13+
import com.liferay.oauth2.provider.service.OAuth2ApplicationLocalService;
14+
import com.liferay.oauth2.provider.service.OAuth2ScopeGrantLocalService;
15+
import com.liferay.portal.kernel.exception.PortalException;
1216
import com.liferay.portal.kernel.model.User;
1317
import com.liferay.portal.kernel.test.rule.AggregateTestRule;
1418
import com.liferay.portal.kernel.test.util.UserTestUtil;
1519
import com.liferay.portal.kernel.util.HashMapDictionaryBuilder;
1620
import com.liferay.portal.kernel.util.PortalUtil;
21+
import com.liferay.portal.test.rule.Inject;
1722
import com.liferay.portal.test.rule.LiferayIntegrationTestRule;
1823

24+
import java.util.ArrayList;
1925
import java.util.Collections;
2026
import java.util.Dictionary;
27+
import java.util.List;
2128

2229
import javax.ws.rs.client.Invocation;
2330
import javax.ws.rs.client.WebTarget;
@@ -42,7 +49,7 @@ public class ScopeFinderTest extends BaseClientTestCase {
4249
new LiferayIntegrationTestRule();
4350

4451
@Test
45-
public void testUnavailableAssignedScopeAliases() {
52+
public void testUnavailableAssignedScopeAliases() throws PortalException {
4653
String token = getToken(
4754
"oauthTestClientCredentials", null,
4855
this::getClientCredentialsResponse, this::parseTokenString);
@@ -80,6 +87,44 @@ public void testUnavailableAssignedScopeAliases() {
8087
403,
8188
invocationBuilder.get(
8289
).getStatus());
90+
91+
webTarget = getWebTarget();
92+
93+
webTarget = webTarget.path("o/captcha/v1.0/captcha/challenge");
94+
95+
invocationBuilder = authorize(
96+
webTarget.request(),
97+
getToken(
98+
"oauthTestApplication", null,
99+
this::getClientCredentialsResponse, this::parseTokenString));
100+
101+
Assert.assertEquals(
102+
200,
103+
invocationBuilder.get(
104+
).getStatus());
105+
106+
List<String> scopeAliasess = new ArrayList<>();
107+
108+
scopeAliasess.add("Liferay.Captcha.REST.everything.write");
109+
110+
OAuth2Application oAuth2Application =
111+
_oAuth2ApplicationLocalService.getOAuth2Application(
112+
_oAuth2ApplicationId);
113+
114+
_oAuth2ApplicationLocalService.updateScopeAliases(
115+
oAuth2Application.getUserId(), oAuth2Application.getUserName(),
116+
_oAuth2ApplicationId, scopeAliasess);
117+
118+
invocationBuilder = authorize(
119+
webTarget.request(),
120+
getToken(
121+
"oauthTestApplication", null,
122+
this::getClientCredentialsResponse, this::parseTokenString));
123+
124+
Assert.assertEquals(
125+
403,
126+
invocationBuilder.get(
127+
).getStatus());
83128
}
84129

85130
public static class ScopeFinderTestPreparatorBundleActivator
@@ -116,6 +161,20 @@ protected void prepareTest() throws Exception {
116161
defaultCompanyId, user, "oauthTestClientCredentials",
117162
Collections.singletonList(GrantType.CLIENT_CREDENTIALS),
118163
Collections.singletonList("everything.read"));
164+
165+
OAuth2Application oAuth2Application = createOAuth2Application(
166+
defaultCompanyId, user, "oauthTestApplication",
167+
Collections.singletonList(
168+
"Liferay.Captcha.REST.everything.read"));
169+
170+
_oAuth2ScopeGrantLocalService.createOAuth2ScopeGrant(
171+
oAuth2Application.getCompanyId(),
172+
oAuth2Application.getOAuth2ApplicationScopeAliasesId(),
173+
"Liferay.Captcha.REST", "com.liferay.captcha.rest.impl", "GET",
174+
Collections.singletonList(
175+
"Liferay.Captcha.REST.everything.read"));
176+
177+
_oAuth2ApplicationId = oAuth2Application.getOAuth2ApplicationId();
119178
}
120179

121180
}
@@ -125,4 +184,12 @@ protected BundleActivator getBundleActivator() {
125184
return new ScopeFinderTestPreparatorBundleActivator();
126185
}
127186

187+
private static long _oAuth2ApplicationId;
188+
189+
@Inject
190+
private static OAuth2ApplicationLocalService _oAuth2ApplicationLocalService;
191+
192+
@Inject
193+
private static OAuth2ScopeGrantLocalService _oAuth2ScopeGrantLocalService;
194+
128195
}

0 commit comments

Comments
 (0)