altered AuthorizationService to use User and Client references instead of full objects. Added tests.

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
2024-09-15 10:38:55 +02:00
parent 010cca8151
commit 0b96aeb63d
6 changed files with 121 additions and 24 deletions
--- a/de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/AuthorizationService.java
+++ b/de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/AuthorizationService.java
@@ -3,14 +3,12 @@ package de.srsoftware.oidc.api;

 import de.srsoftware.oidc.api.data.AuthResult;
 import de.srsoftware.oidc.api.data.Authorization;
-import de.srsoftware.oidc.api.data.Client;
-import de.srsoftware.oidc.api.data.User;
 import java.time.Instant;
 import java.util.Collection;
 import java.util.Optional;

 public interface AuthorizationService {
-	AuthorizationService    authorize(User user, Client client, Collection<String> scopes, Instant expiration);
+	AuthorizationService    authorize(String userId, String clientId, Collection<String> scopes, Instant expiration);
 	Optional<Authorization> consumeAuthorization(String authCode);
-	AuthResult	        getAuthorization(User user, Client client, Collection<String> scopes);
+	AuthResult	        getAuthorization(String userId, String clientId, Collection<String> scopes);
 }
--- a/de.srsoftware.oidc.api/src/test/java/de/srsoftware/oidc/api/AuthServiceTest.java
+++ b/de.srsoftware.oidc.api/src/test/java/de/srsoftware/oidc/api/AuthServiceTest.java
@@ -0,0 +1,73 @@
+/* © SRSoftware 2024 */
+package de.srsoftware.oidc.api;
+
+import static de.srsoftware.oidc.api.Constants.OPENID;
+import static de.srsoftware.utils.Strings.uuid;
+import static java.time.temporal.ChronoUnit.SECONDS;
+import static org.junit.jupiter.api.Assertions.*;
+
+import java.time.Instant;
+import java.util.Set;
+import org.junit.jupiter.api.Test;
+
+public abstract class AuthServiceTest {
+	private static final String CLIENT1       = "client1";
+	private static final Set<String> SCOPES1  = Set.of(OPENID, Constants.EMAIL, "ranzpappe");
+	private static final String	 INVALID  = "invalid";
+	private static final String	 PASS1    = "grunzwanzling";
+	private static final String	 USERNAME = "arthurdent";
+	private static final String	 REALNAME = "Arthur Dent";
+	private static final String	 EMAIL    = "arthur@herzaus.gold";
+
+	protected abstract AuthorizationService authorizationService();
+
+	@Test
+	public void testAuthorize() {
+		var authorizationService = authorizationService();
+		var userId1	         = uuid();
+		var expiration	         = Instant.now().plusSeconds(3600).truncatedTo(SECONDS);
+		authorizationService.authorize(userId1, CLIENT1, SCOPES1, expiration);
+		var authorization = authorizationService.getAuthorization(userId1, CLIENT1, Set.of(OPENID));
+		assertEquals(1, authorization.authorizedScopes().scopes().size());
+		assertTrue(authorization.authorizedScopes().scopes().contains(OPENID));
+		assertEquals(expiration, authorization.authorizedScopes().expiration());
+
+		authorization = authorizationService.getAuthorization(userId1, CLIENT1, Set.of(INVALID));
+		assertNull(authorization.authorizedScopes());
+		assertNull(authorization.authCode());
+		assertTrue(authorization.unauthorizedScopes().contains(INVALID));
+
+		authorization = authorizationService.getAuthorization(userId1, CLIENT1, Set.of(INVALID, OPENID));
+		assertEquals(1, authorization.authorizedScopes().scopes().size());
+		assertTrue(authorization.authorizedScopes().scopes().contains(OPENID));
+		assertEquals(expiration, authorization.authorizedScopes().expiration());
+
+		assertEquals(1, authorization.unauthorizedScopes().size());
+		assertTrue(authorization.unauthorizedScopes().contains(INVALID));
+	}
+
+	@Test
+	public void testConsume() {
+		var authorizationService = authorizationService();
+
+		var userId1    = uuid();
+		var expiration = Instant.now().plusSeconds(3600).truncatedTo(SECONDS);
+		authorizationService.authorize(userId1, CLIENT1, SCOPES1, expiration);
+		var authResult = authorizationService.getAuthorization(userId1, CLIENT1, Set.of(OPENID));
+		var authCode   = authResult.authCode();
+		assertNotNull(authCode);
+
+		var optAuth = authorizationService.consumeAuthorization(authCode);
+		assertTrue(optAuth.isPresent());
+		var authorization = optAuth.get();
+		assertEquals(CLIENT1, authorization.clientId());
+		assertEquals(userId1, authorization.userId());
+		var scopes = authorization.scopes();
+		assertEquals(expiration, scopes.expiration());
+		assertEquals(1, scopes.scopes().size());
+		assertTrue(scopes.scopes().contains(OPENID));
+
+		optAuth = authorizationService.consumeAuthorization(authCode);
+		assertTrue(optAuth.isEmpty());
+	}
+}