StephanRichter/LightOidc
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

tied nonce to AuthorizationService by dedicated methods

Browse Source 
Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
Stephan Richter
2024-09-16 23:56:29 +02:00
parent f737c1dc50
commit 8bfaf22084
7 changed files with 71 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/AuthorizationService.java
View File

@@ -8,7 +8,11 @@ import java.util.Collection;
import java.util.Optional;
public interface AuthorizationService {
AuthorizationService authorize(String userId, String clientId, Collection<String> scopes, String nonce, Instant expiration);
AuthorizationService authorize(String userId, String clientId, Collection<String> scopes, Instant expiration);
Optional<Authorization> consumeAuthorization(String authCode);
AuthResult getAuthorization(String userId, String clientId, Collection<String> scopes);
Optional<String> consumeNonce(String uuid, String id);
void nonce(String uuid, String id, String string);
}

2
de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/data/Authorization.java
View File

@@ -1,5 +1,5 @@
/* © SRSoftware 2024 */
package de.srsoftware.oidc.api.data;
public record Authorization(String clientId, String userId, AuthorizedScopes scopes, String nonce) {
public record Authorization(String clientId, String userId, AuthorizedScopes scopes) {
}

12
de.srsoftware.oidc.api/src/test/java/de/srsoftware/oidc/api/AuthServiceTest.java
View File

@@ -26,10 +26,9 @@ public abstract class AuthServiceTest {
var authorizationService = authorizationService();
var userId1 = uuid();
var expiration = Instant.now();
var nonce = uuid();
authorizationService.authorize(userId1, CLIENT1, SCOPES1, nonce, expiration);
expiration = Instant.now().plusSeconds(3600).truncatedTo(SECONDS); // test overwrite
authorizationService.authorize(userId1, CLIENT1, SCOPES1, nonce, expiration); // test overwrite
authorizationService.authorize(userId1, CLIENT1, SCOPES1, expiration);
expiration = Instant.now().plusSeconds(3600).truncatedTo(SECONDS); // test overwrite
authorizationService.authorize(userId1, CLIENT1, SCOPES1, expiration); // test overwrite
var authorization = authorizationService.getAuthorization(userId1, CLIENT1, Set.of(OPENID));
assertEquals(1, authorization.authorizedScopes().scopes().size());
assertTrue(authorization.authorizedScopes().scopes().contains(OPENID));
@@ -53,10 +52,9 @@ public abstract class AuthServiceTest {
public void testConsume() {
var authorizationService = authorizationService();
var nonce = uuid();
var userId1 = uuid();
var expiration = Instant.now().plusSeconds(3600).truncatedTo(SECONDS);
authorizationService.authorize(userId1, CLIENT1, SCOPES1, nonce, expiration);
authorizationService.authorize(userId1, CLIENT1, SCOPES1, expiration);
var authResult = authorizationService.getAuthorization(userId1, CLIENT1, Set.of(OPENID));
var authCode = authResult.authCode();
assertNotNull(authCode);
@@ -75,5 +73,5 @@ public abstract class AuthServiceTest {
assertTrue(optAuth.isEmpty());
}
// TODO: test nonce passing
// TODO: test nonce methods
}