diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java index 820cf24a35..c4f87c6bde 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/actions/PreIssueAccessTokenPasswordGrantTestCase.java @@ -21,23 +21,7 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import org.apache.commons.lang.ArrayUtils; -import org.apache.http.Header; -import org.apache.http.HttpResponse; -import org.apache.http.NameValuePair; -import org.apache.http.client.config.CookieSpecs; -import org.apache.http.client.config.RequestConfig; -import org.apache.http.config.Lookup; -import org.apache.http.config.RegistryBuilder; -import org.apache.http.cookie.CookieSpecProvider; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.DefaultRedirectStrategy; -import org.apache.http.impl.client.HttpClientBuilder; -import org.apache.http.impl.cookie.RFC6265CookieSpecProvider; -import org.apache.http.message.BasicHeader; -import org.apache.http.message.BasicNameValuePair; -import org.apache.http.util.EntityUtils; import org.json.JSONException; -import org.json.JSONObject; import org.testng.Assert; import org.testng.annotations.AfterClass; import org.testng.annotations.BeforeClass; @@ -71,12 +55,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.stream.Collectors; - -import static org.testng.Assert.assertNotNull; -import static org.testng.Assert.assertTrue; -import static org.wso2.identity.integration.test.utils.OAuth2Constant.ACCESS_TOKEN_ENDPOINT; -import static org.wso2.identity.integration.test.utils.OAuth2Constant.AUTHORIZATION_HEADER; /** * Integration test class for testing the pre issue access token flow with password grant. @@ -126,14 +104,10 @@ public class PreIssueAccessTokenPasswordGrantTestCase extends ActionsBaseTestCas private static final String APPLICATION_MANAGEMENT_API = "/api/server/v1/applications"; private static final String API_RESOURCE_MANAGEMENT_API = "/api/server/v1/api-resources"; private static final String MOCK_SERVER_ENDPOINT = "/test/action"; + protected SCIM2RestClient scim2RestClient; - private Lookup cookieSpecRegistry; - private RequestConfig requestConfig; - private CloseableHttpClient client; - private List customScopes; private String accessToken; private String clientId; - private String clientSecret; private String actionId; private String applicationId; private String domainAPIId; @@ -151,32 +125,12 @@ public void testInit() throws Exception { super.init(TestUserMode.TENANT_USER); - cookieSpecRegistry = RegistryBuilder.create() - .register(CookieSpecs.DEFAULT, new RFC6265CookieSpecProvider()) - .build(); - requestConfig = RequestConfig.custom() - .setCookieSpec(CookieSpecs.DEFAULT) - .build(); - client = HttpClientBuilder.create() - .setDefaultRequestConfig(requestConfig) - .setDefaultCookieSpecRegistry(cookieSpecRegistry) - .setRedirectStrategy(new DefaultRedirectStrategy() { - @Override - protected boolean isRedirectable(String method) { - - return false; - } - }).build(); - scim2RestClient = new SCIM2RestClient(serverURL, tenantInfo); - customScopes = Arrays.asList(CUSTOM_SCOPE_1, CUSTOM_SCOPE_2, CUSTOM_SCOPE_3); + List customScopes = Arrays.asList(CUSTOM_SCOPE_1, CUSTOM_SCOPE_2, CUSTOM_SCOPE_3); ApplicationResponseModel application = addApplicationWithGrantType(PASSWORD_GRANT_TYPE); applicationId = application.getId(); - OpenIDConnectConfiguration oidcConfig = getOIDCInboundDetailsOfApplication(applicationId); - clientId = oidcConfig.getClientId(); - clientSecret = oidcConfig.getClientSecret(); if (!CarbonUtils.isLegacyAuthzRuntimeEnabled()) { authorizeSystemAPIs(applicationId, new ArrayList<>(Arrays.asList(SCIM2_USERS_API, ACTIONS_API, APPLICATION_MANAGEMENT_API, API_RESOURCE_MANAGEMENT_API))); @@ -188,6 +142,9 @@ protected boolean isRedirectable(String method) { MockServer.createMockServer(MOCK_SERVER_ENDPOINT); actionId = createPreIssueAccessTokenAction(); + + accessToken = retrieveAccessToken(application.getId(), customScopes); + jwtClaims = extractJwtClaims(accessToken); } @AfterClass(alwaysRun = true) @@ -202,54 +159,10 @@ public void atEnd() throws Exception { restClient.closeHttpClient(); scim2RestClient.closeHttpClient(); actionsRestClient.closeHttpClient(); - client.close(); accessToken = null; jwtClaims = null; } - @Test(groups = "wso2.is", description = "Get access token with client credentials grant") - public void testGetAccessTokenWithClientCredentialsGrant() throws Exception { - - List parameters = new ArrayList<>(); - parameters.add(new BasicNameValuePair("grant_type", OAuth2Constant.OAUTH2_GRANT_TYPE_RESOURCE_OWNER)); - parameters.add(new BasicNameValuePair("username", TEST_USER)); - parameters.add(new BasicNameValuePair("password", ADMIN_WSO2)); - - List permissions = new ArrayList<>(); - Collections.addAll(permissions, - INTERNAL_ORG_USER_MANAGEMENT_LIST, - INTERNAL_ORG_USER_MANAGEMENT_VIEW, - INTERNAL_ORG_USER_MANAGEMENT_CREATE, - INTERNAL_ORG_USER_MANAGEMENT_UPDATE, - INTERNAL_ORG_USER_MANAGEMENT_DELETE - ); - permissions.addAll(customScopes); - - String scopes = permissions.stream() - .map(String::toLowerCase) - .collect(Collectors.joining(" ")); - parameters.add(new BasicNameValuePair("scope", scopes)); - - List
headers = new ArrayList<>(); - headers.add(new BasicHeader(AUTHORIZATION_HEADER, OAuth2Constant.BASIC_HEADER + " " + - getBase64EncodedString(clientId, clientSecret))); - headers.add(new BasicHeader("Content-Type", "application/x-www-form-urlencoded")); - headers.add(new BasicHeader("User-Agent", OAuth2Constant.USER_AGENT)); - - HttpResponse response = sendPostRequest(client, headers, parameters, - getTenantQualifiedURL(ACCESS_TOKEN_ENDPOINT, tenantInfo.getDomain())); - - String responseString = EntityUtils.toString(response.getEntity(), "UTF-8"); - JSONObject jsonResponse = new JSONObject(responseString); - - assertTrue(jsonResponse.has("access_token"), "Access token not found in the token response."); - accessToken = jsonResponse.getString("access_token"); - assertNotNull(accessToken, "Access token is null."); - - jwtClaims = extractJwtClaims(accessToken); - assertNotNull(jwtClaims); - } - @Test(groups = "wso2.is", description = "Verify the presence of the updated scopes in the access token") public void testTokenScopeOperations() throws Exception { @@ -350,6 +263,34 @@ private String createPreIssueAccessTokenAction() { } } + /** + * Retrieves an access token for the application. + * + * @param applicationId ID of the application + * @param customScopes Custom scopes related to the integrated domain APIs + * @return Access token + * @throws Exception If error occurred wile requesting access token + */ + private String retrieveAccessToken(String applicationId, List customScopes) throws Exception { + + OpenIDConnectConfiguration oidcConfig = getOIDCInboundDetailsOfApplication(applicationId); + clientId = oidcConfig.getClientId(); + String tenantedTokenURI = getTenantQualifiedURL(OAuth2Constant.ACCESS_TOKEN_ENDPOINT, tenantInfo.getDomain()); + + List permissions = new ArrayList<>(); + Collections.addAll(permissions, + new Permission(INTERNAL_ORG_USER_MANAGEMENT_LIST), + new Permission(INTERNAL_ORG_USER_MANAGEMENT_VIEW), + new Permission(INTERNAL_ORG_USER_MANAGEMENT_CREATE), + new Permission(INTERNAL_ORG_USER_MANAGEMENT_UPDATE), + new Permission(INTERNAL_ORG_USER_MANAGEMENT_DELETE) + ); + customScopes.forEach(scope -> permissions.add(new Permission(scope))); + + return requestAccessToken(clientId, oidcConfig.getClientSecret(), tenantedTokenURI, + TEST_USER, ADMIN_WSO2, permissions); + } + /** * Extracts the JWT claims set from a given JWT token. *