From 85797f05805eee1e4457c5e47a7caca27a958ecd Mon Sep 17 00:00:00 2001 From: Mehrshad Rafiei Date: Mon, 6 Feb 2017 20:08:52 -0800 Subject: [PATCH] penid-connect-new-OAuthPolicy-fields Review Comments --- .../stormpath/sdk/oauth/OAuthPolicies.java | 28 +++++++++++ .../com/stormpath/sdk/oauth/OAuthPolicy.java | 12 ++++- .../sdk/oauth/OAuthPolicyOptions.java | 30 ++++++++++++ .../sdk/oauth/openidconnect/Scope.java | 2 +- .../sdk/impl/application/OAuthPolicyIT.groovy | 46 ++++++++++++++----- .../impl/oauth/DefaultOAuthPolicyOptions.java | 39 ++++++++++++++++ 6 files changed, 144 insertions(+), 13 deletions(-) create mode 100644 api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicies.java create mode 100644 api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicyOptions.java create mode 100644 impl/src/main/java/com/stormpath/sdk/impl/oauth/DefaultOAuthPolicyOptions.java diff --git a/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicies.java b/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicies.java new file mode 100644 index 0000000000..44ec638f5d --- /dev/null +++ b/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicies.java @@ -0,0 +1,28 @@ +/* + * Copyright 2013 Stormpath, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.stormpath.sdk.oauth; + +import com.stormpath.sdk.lang.Classes; + +/** + * @since 1.6.0 + */ +public final class OAuthPolicies { + + public static OAuthPolicyOptions options() { + return (OAuthPolicyOptions) Classes.newInstance("com.stormpath.sdk.impl.oauth.DefaultOAuthPolicyOptions"); + } +} diff --git a/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicy.java b/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicy.java index 0f97695fdc..438cdcd532 100644 --- a/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicy.java +++ b/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicy.java @@ -51,6 +51,7 @@ public interface OAuthPolicy extends Resource, Saveable { * Returns the Time To Live for the id tokens created for the parent {@link Application Application} expressed in a period of time format, for example: PT1H. * * @return the String representation of the Time To Live for the id tokens created for the parent {@link Application Application} + * @since 1.6.0 */ String getIdTokenTtl(); @@ -87,6 +88,7 @@ public interface OAuthPolicy extends Resource, Saveable { * Sets the Time To Live for the id tokens created for the parent {@link Application Application} expressed in a period of time format, for example: PT1H. * * @return this instance for method chaining. + * @since 1.6.0 */ OAuthPolicy setIdTokenTtl(String idTokenTtl); @@ -94,7 +96,7 @@ public interface OAuthPolicy extends Resource, Saveable { * Creates a new {@link Scope} assigned to this oauthPolicy in the Stormpath server and returns the created resource. * The scope is used for openid connect flows. * - * @param scope {@link Scope} pojo to hold necessary data to send to the back- end to create a {@link Scope}. + * @param scope {@link Scope} pojo to hold necessary data to send to the back-end to create a {@link Scope}. * @return the newly created {@link Scope}. * * @since 1.6.0 @@ -112,6 +114,8 @@ public interface OAuthPolicy extends Resource, Saveable { /** * Returns access token attribute mappings. + * Open Id provider (OP) would enter any custom mappings used for their internal purposes in this map. + * Authorization server would then add all these mappings as part of the access token upon its generation. * * @return access token attribute mappings. * @@ -123,6 +127,8 @@ public interface OAuthPolicy extends Resource, Saveable { * Sets access token attribute mappings to be inserted into access tokens. * * @param accessTokenAttributeMap access token attribute mappings to be inserted into access tokens + * Open Id provider (OP) would enter any custom mappings used for their internal purposes in this map. + * Authorization server would then add all these mappings as part of the access token upon its generation. * @return this instance for method chaining. * * @since 1.6.0 @@ -131,6 +137,8 @@ public interface OAuthPolicy extends Resource, Saveable { /** * Returns id token attribute mappings. + * Open Id provider (OP) would enter any custom mappings used for their internal purposes in this map. + * Authorization server would then add all these mappings as part of the id token upon its generation. * * @return id token attribute mappings. * @@ -142,6 +150,8 @@ public interface OAuthPolicy extends Resource, Saveable { * Sets id token attribute mappings to be inserted into id tokens. * * @param idTokenAttributeMap id token attribute mappings to be inserted into id tokens + * Open Id provider (OP) would enter any custom mappings used for their internal purposes in this map. + * Authorization server would then add all these mappings as part of the id token upon its generation. * @return this instance for method chaining. * * @since 1.6.0 diff --git a/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicyOptions.java b/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicyOptions.java new file mode 100644 index 0000000000..a57d4ddcfa --- /dev/null +++ b/api/src/main/java/com/stormpath/sdk/oauth/OAuthPolicyOptions.java @@ -0,0 +1,30 @@ +/* + * Copyright 2017 Stormpath, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.stormpath.sdk.oauth; + +import com.stormpath.sdk.query.Options; + +/** + * @since 1.6.0 + */ +public interface OAuthPolicyOptions extends Options { + + T withScopes(); + + T withScopes(int limit); + + T withScopes(int limit, int offset); +} diff --git a/api/src/main/java/com/stormpath/sdk/oauth/openidconnect/Scope.java b/api/src/main/java/com/stormpath/sdk/oauth/openidconnect/Scope.java index eecf3044ad..745bea5151 100644 --- a/api/src/main/java/com/stormpath/sdk/oauth/openidconnect/Scope.java +++ b/api/src/main/java/com/stormpath/sdk/oauth/openidconnect/Scope.java @@ -27,7 +27,7 @@ * A Scope resource is used to configure different openid connect scopes * with an {@link OAuthPolicy OAuthPolicy} * - * @since 1.0.RC7 + * @since 1.6.0 */ public interface Scope extends Resource, Saveable, Deletable, Auditable { /** diff --git a/extensions/httpclient/src/test/groovy/com/stormpath/sdk/impl/application/OAuthPolicyIT.groovy b/extensions/httpclient/src/test/groovy/com/stormpath/sdk/impl/application/OAuthPolicyIT.groovy index 734456cbdc..a91e71085f 100644 --- a/extensions/httpclient/src/test/groovy/com/stormpath/sdk/impl/application/OAuthPolicyIT.groovy +++ b/extensions/httpclient/src/test/groovy/com/stormpath/sdk/impl/application/OAuthPolicyIT.groovy @@ -16,14 +16,21 @@ package com.stormpath.sdk.impl.application import com.stormpath.sdk.client.ClientIT +import com.stormpath.sdk.impl.resource.AbstractResource +import com.stormpath.sdk.oauth.OAuthPolicies import com.stormpath.sdk.oauth.OAuthPolicy +import com.stormpath.sdk.oauth.OAuthPolicyOptions import com.stormpath.sdk.oauth.openidconnect.Scope import com.stormpath.sdk.oauth.openidconnect.ScopeList import org.testng.annotations.Test +import java.lang.reflect.Field + import static org.testng.Assert.assertEquals import static org.testng.Assert.assertNotNull import static org.testng.Assert.assertFalse +import static org.testng.Assert.assertTrue + /** * @since 1.6.0 */ @@ -68,19 +75,30 @@ class OAuthPolicyIT extends ClientIT { @Test void testPolicyExpandOnScopes(){ def app = createTempApp() - def policyHref = app.getOAuthPolicy().href+"?expand=scopes" + def policyHref = app.getOAuthPolicy().href - def oauthPolicy = client.getResource(policyHref, OAuthPolicy.class) - assertNotNull oauthPolicy - assertNotNull oauthPolicy.href + OAuthPolicyOptions options = OAuthPolicies.options().withScopes() + + assertNotNull options + assertEquals options.expansions.size(), 1 + + options = OAuthPolicies.options().withScopes(10) - assertEquals(oauthPolicy.scopes.size, 3) - assertNotNull(oauthPolicy.scopes.asList().get(0).href) - assertNotNull(oauthPolicy.scopes.asList().get(0).name) - assertNotNull(oauthPolicy.scopes.asList().get(1).href) - assertNotNull(oauthPolicy.scopes.asList().get(1).name) - assertNotNull(oauthPolicy.scopes.asList().get(2).href) - assertNotNull(oauthPolicy.scopes.asList().get(2).name) + assertNotNull options + assertEquals options.expansions.size(), 1 + + options = OAuthPolicies.options().withScopes(10,0) + + assertNotNull options + assertEquals options.expansions.size(), 1 + + def retrieved = client.getResource(policyHref, OAuthPolicy.class, options) + Map policyProperties = getValue(AbstractResource, retrieved, "properties") + def scopes = policyProperties.get("scopes").size() + assertTrue scopes == 5 + assertTrue policyProperties.get("scopes").items.get(0).name != null + assertTrue policyProperties.get("scopes").items.get(1).name != null + assertTrue policyProperties.get("scopes").items.get(2).name != null } @Test @@ -178,4 +196,10 @@ class OAuthPolicyIT extends ClientIT { assertEquals(items[1].name, "updatedName2") assertEquals(items[2].name, "updatedName3") } + + private Object getValue(Class clazz, Object object, String fieldName) { + Field field = clazz.getDeclaredField(fieldName) + field.setAccessible(true) + return field.get(object) + } } diff --git a/impl/src/main/java/com/stormpath/sdk/impl/oauth/DefaultOAuthPolicyOptions.java b/impl/src/main/java/com/stormpath/sdk/impl/oauth/DefaultOAuthPolicyOptions.java new file mode 100644 index 0000000000..a54acfd031 --- /dev/null +++ b/impl/src/main/java/com/stormpath/sdk/impl/oauth/DefaultOAuthPolicyOptions.java @@ -0,0 +1,39 @@ +/* + * Copyright 2017 Stormpath, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.stormpath.sdk.impl.oauth; + +import com.stormpath.sdk.impl.query.DefaultOptions; +import com.stormpath.sdk.oauth.OAuthPolicyOptions; + +/** + * @since 1.6.0 + */ +public class DefaultOAuthPolicyOptions extends DefaultOptions implements OAuthPolicyOptions{ + @Override + public OAuthPolicyOptions withScopes() { + return expand(DefaultOAuthPolicy.SCOPES); + } + + @Override + public OAuthPolicyOptions withScopes(int limit) { + return expand(DefaultOAuthPolicy.SCOPES, limit); + } + + @Override + public OAuthPolicyOptions withScopes(int limit, int offset) { + return expand(DefaultOAuthPolicy.SCOPES, limit, offset); + } +}