List of usage examples for org.springframework.http HttpHeaders add
@Override public void add(String headerName, @Nullable String headerValue)
From source file:org.cloudfoundry.identity.uaa.integration.LoginServerSecurityIntegrationTests.java
@Test @OAuth2ContextConfiguration(LoginClient.class) public void testLoginServerCfInvalidClientPasswordToken() throws Exception { ImplicitResourceDetails resource = testAccounts.getDefaultImplicitResource(); HttpHeaders headers = new HttpHeaders(); headers.add("Accept", MediaType.APPLICATION_JSON_VALUE); params.set("client_id", resource.getClientId()); params.set("client_secret", "bogus"); params.set("source", "login"); params.set(UaaAuthenticationDetails.ADD_NEW, "false"); params.set("grant_type", "password"); String redirect = resource.getPreEstablishedRedirectUri(); if (redirect != null) { params.set("redirect_uri", redirect); }//from w ww . j ava 2 s. c o m @SuppressWarnings("rawtypes") ResponseEntity<Map> response = serverRunning.postForMap(serverRunning.getAccessTokenUri(), params, headers); HttpStatus statusCode = response.getStatusCode(); assertTrue("Status code should be 401 or 403.", statusCode == HttpStatus.FORBIDDEN || statusCode == HttpStatus.UNAUTHORIZED); }
From source file:org.cloudfoundry.identity.uaa.integration.LoginServerSecurityIntegrationTests.java
@Test @OAuth2ContextConfiguration(AppClient.class) public void testLoginServerCfInvalidClientToken() throws Exception { ImplicitResourceDetails resource = testAccounts.getDefaultImplicitResource(); HttpHeaders headers = new HttpHeaders(); headers.add("Accept", MediaType.APPLICATION_JSON_VALUE); params.set("client_id", resource.getClientId()); params.set("client_secret", "bogus"); params.set("source", "login"); params.set(UaaAuthenticationDetails.ADD_NEW, "false"); params.set("grant_type", "password"); String redirect = resource.getPreEstablishedRedirectUri(); if (redirect != null) { params.set("redirect_uri", redirect); }/*from w ww . jav a2s . c om*/ @SuppressWarnings("rawtypes") ResponseEntity<Map> response = serverRunning.postForMap(serverRunning.getAccessTokenUri(), params, headers); HttpStatus statusCode = response.getStatusCode(); assertTrue("Status code should be 401 or 403.", statusCode == HttpStatus.FORBIDDEN || statusCode == HttpStatus.UNAUTHORIZED); }
From source file:org.cloudfoundry.identity.uaa.integration.RemoteAuthenticationEndpointTests.java
public void validateOrigin(String username, String password, String origin, Map<String, Object> info) throws Exception { ResponseEntity<Map> authResp = authenticate(username, password, info); assertEquals(HttpStatus.OK, authResp.getStatusCode()); HttpHeaders headers = new HttpHeaders(); headers.add("Authorization", "Bearer " + getScimReadBearerToken()); ResponseEntity<Map> response = serverRunning.getForObject( "/Users" + "?filter=userName eq \"" + username + "\"&attributes=id,userName,origin", Map.class, headers);/*w ww. ja v a 2 s .com*/ Map<String, Object> results = response.getBody(); assertEquals(HttpStatus.OK, response.getStatusCode()); assertThat(((Integer) results.get("totalResults")), greaterThan(0)); List<Map<String, Object>> list = (List<Map<String, Object>>) results.get("resources"); boolean found = false; for (Map<String, Object> user : list) { assertThat(user, hasKey("id")); assertThat(user, hasKey("userName")); assertThat(user, hasKey(OriginKeys.ORIGIN)); assertThat(user, not(hasKey("name"))); assertThat(user, not(hasKey("emails"))); if (user.get("userName").equals(username)) { found = true; assertEquals(origin, user.get(OriginKeys.ORIGIN)); } } assertTrue(found); }
From source file:org.cloudfoundry.identity.uaa.integration.RemoteAuthenticationEndpointTests.java
private String getScimReadBearerToken() { HttpHeaders accessTokenHeaders = new HttpHeaders(); String basicDigestHeaderValue = "Basic " + new String(Base64.encodeBase64( (testAccounts.getAdminClientId() + ":" + testAccounts.getAdminClientSecret()).getBytes())); accessTokenHeaders.add("Authorization", basicDigestHeaderValue); LinkedMultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("grant_type", "client_credentials"); params.add("client_id", testAccounts.getAdminClientId()); params.add("scope", "scim.read"); ResponseEntity<Map> tokenResponse = serverRunning.postForMap(serverRunning.getAccessTokenUri(), params, accessTokenHeaders);/*ww w.jav a 2 s . c om*/ return (String) tokenResponse.getBody().get("access_token"); }
From source file:org.cloudfoundry.identity.uaa.integration.RemoteAuthenticationEndpointTests.java
private String getLoginReadBearerToken() { HttpHeaders accessTokenHeaders = new HttpHeaders(); String basicDigestHeaderValue = "Basic " + new String(Base64.encodeBase64(("login:loginsecret").getBytes())); accessTokenHeaders.add("Authorization", basicDigestHeaderValue); LinkedMultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("grant_type", "client_credentials"); params.add("client_id", "login"); params.add("scope", "oauth.login"); ResponseEntity<Map> tokenResponse = serverRunning.postForMap(serverRunning.getAccessTokenUri(), params, accessTokenHeaders);// w w w. j ava2s . c o m return (String) tokenResponse.getBody().get("access_token"); }
From source file:org.cloudfoundry.identity.uaa.integration.RemoteAuthenticationEndpointTests.java
@SuppressWarnings("rawtypes") ResponseEntity<Map> authenticate(String username, String password, Map<String, Object> additionalParams) { RestTemplate restTemplate = new RestTemplate(); // The default java.net client doesn't allow you to handle 4xx responses restTemplate.setRequestFactory(new HttpComponentsClientHttpRequestFactory()); if (restTemplate instanceof OAuth2RestTemplate) { OAuth2RestTemplate oAuth2RestTemplate = (OAuth2RestTemplate) restTemplate; oAuth2RestTemplate.setErrorHandler( new UaaOauth2ErrorHandler(oAuth2RestTemplate.getResource(), HttpStatus.Series.SERVER_ERROR)); } else {// www . java 2s .c o m restTemplate.setErrorHandler(new DefaultResponseErrorHandler() { @Override protected boolean hasError(HttpStatus statusCode) { return statusCode.series() == HttpStatus.Series.SERVER_ERROR; } }); } HttpHeaders headers = new HttpHeaders(); if (additionalParams != null) { headers.add("Authorization", "Bearer " + getLoginReadBearerToken()); } headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON)); MultiValueMap<String, Object> parameters = new LinkedMultiValueMap<String, Object>(); parameters.set("username", username); if (password != null) { parameters.set("password", password); } if (additionalParams != null) { parameters.setAll(additionalParams); } ResponseEntity<Map> result = restTemplate.exchange(serverRunning.getUrl("/authenticate"), HttpMethod.POST, new HttpEntity<MultiValueMap<String, Object>>(parameters, headers), Map.class); return result; }
From source file:org.cloudfoundry.identity.uaa.integration.ScimGroupEndpointsIntegrationTests.java
@SuppressWarnings("rawtypes") private ResponseEntity<Map> deleteResource(String url, String id) { HttpHeaders headers = new HttpHeaders(); headers.add("If-Match", "*"); return client.exchange(serverRunning.getUrl(url + "/{id}"), HttpMethod.DELETE, new HttpEntity<Void>(headers), Map.class, id); }
From source file:org.cloudfoundry.identity.uaa.integration.ScimGroupEndpointsIntegrationTests.java
private ScimGroup updateGroup(String id, String name, ScimGroupMember... members) { HttpHeaders headers = new HttpHeaders(); headers.add("If-Match", "*"); ScimGroup g = new ScimGroup(null, name, IdentityZoneHolder.get().getId()); List<ScimGroupMember> m = members != null ? Arrays.asList(members) : Collections.<ScimGroupMember>emptyList(); g.setMembers(m);/* www.j av a 2 s.c o m*/ @SuppressWarnings("rawtypes") ResponseEntity<Map> r = client.exchange(serverRunning.getUrl(groupEndpoint + "/{id}"), HttpMethod.PUT, new HttpEntity<>(g, headers), Map.class, id); logger.warn(r.getBody()); ScimGroup g1 = client.exchange(serverRunning.getUrl(groupEndpoint + "/{id}"), HttpMethod.PUT, new HttpEntity<>(g, headers), ScimGroup.class, id).getBody(); assertEquals(name, g1.getDisplayName()); assertEquals(m.size(), g1.getMembers().size()); return g1; }
From source file:org.cloudfoundry.identity.uaa.integration.ScimGroupEndpointsIntegrationTests.java
private OAuth2AccessToken getAccessToken(String clientId, String clientSecret, String username, String password) throws URISyntaxException { HttpHeaders headers = new HttpHeaders(); headers.setAccept(Arrays.asList(MediaType.TEXT_HTML, MediaType.ALL)); URI uri = serverRunning.buildUri("/oauth/authorize").queryParam("response_type", "code") .queryParam("state", "mystateid").queryParam("client_id", clientId) .queryParam("redirect_uri", "http://anywhere.com").build(); ResponseEntity<Void> result = serverRunning.createRestTemplate().exchange(uri.toString(), HttpMethod.GET, new HttpEntity<>(null, headers), Void.class); assertEquals(HttpStatus.FOUND, result.getStatusCode()); String location = result.getHeaders().getLocation().toString(); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { headers.add("Cookie", cookie); }/*from w ww .j a va 2 s . co m*/ } ResponseEntity<String> response = serverRunning.getForString(location, headers); // should be directed to the login screen... assertTrue(response.getBody().contains("/login.do")); assertTrue(response.getBody().contains("username")); assertTrue(response.getBody().contains("password")); if (response.getHeaders().containsKey("Set-Cookie")) { String cookie = response.getHeaders().getFirst("Set-Cookie"); headers.add("Cookie", cookie); } MultiValueMap<String, String> formData = new LinkedMultiValueMap<>(); formData.add("username", username); formData.add("password", password); formData.add(CookieBasedCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(response.getBody())); // Should be redirected to the original URL, but now authenticated result = serverRunning.postForResponse("/login.do", headers, formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); headers.remove("Cookie"); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { headers.add("Cookie", cookie); } } response = serverRunning.createRestTemplate().exchange( new URI(result.getHeaders().getLocation().toString()), HttpMethod.GET, new HttpEntity<>(null, headers), String.class); if (response.getStatusCode() == HttpStatus.OK) { // The grant access page should be returned assertTrue(response.getBody().contains("<h1>Application Authorization</h1>")); formData.clear(); formData.add(DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(response.getBody())); formData.add(USER_OAUTH_APPROVAL, "true"); formData.add("scope.0", "scope." + CFID); result = serverRunning.postForResponse("/oauth/authorize", headers, formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); location = result.getHeaders().getLocation().toString(); } else { // Token cached so no need for second approval assertEquals(HttpStatus.FOUND, response.getStatusCode()); location = response.getHeaders().getLocation().toString(); } assertTrue("Wrong location: " + location, location.matches("http://anywhere.com" + ".*code=.+")); formData.clear(); formData.add("client_id", clientId); formData.add("redirect_uri", "http://anywhere.com"); formData.add("grant_type", "authorization_code"); formData.add("code", location.split("code=")[1].split("&")[0]); HttpHeaders tokenHeaders = new HttpHeaders(); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(clientId, clientSecret)); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/oauth/token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(tokenResponse.getBody()); return accessToken; }
From source file:org.cloudfoundry.identity.uaa.integration.util.IntegrationTestUtils.java
public static Map<String, String> getAuthorizationCodeTokenMap(ServerRunning serverRunning, UaaTestAccounts testAccounts, String clientId, String clientSecret, String username, String password, String tokenResponseType, String jSessionId, String redirectUri, boolean callCheckToken) throws Exception { // TODO Fix to use json API rather than HTML HttpHeaders headers = new HttpHeaders(); if (StringUtils.hasText(jSessionId)) { headers.add("Cookie", "JSESSIONID=" + jSessionId); }/* w w w. java 2 s .com*/ // TODO: should be able to handle just TEXT_HTML headers.setAccept(Arrays.asList(MediaType.TEXT_HTML, MediaType.ALL)); String mystateid = "mystateid"; ServerRunning.UriBuilder builder = serverRunning.buildUri("/oauth/authorize") .queryParam("response_type", "code").queryParam("state", mystateid) .queryParam("client_id", clientId); if (StringUtils.hasText(redirectUri)) { builder = builder.queryParam("redirect_uri", redirectUri); } URI uri = builder.build(); ResponseEntity<Void> result = serverRunning.createRestTemplate().exchange(uri.toString(), HttpMethod.GET, new HttpEntity<>(null, headers), Void.class); assertEquals(HttpStatus.FOUND, result.getStatusCode()); String location = result.getHeaders().getLocation().toString(); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { assertNotNull("Expected cookie in " + result.getHeaders(), cookie); headers.add("Cookie", cookie); } } ResponseEntity<String> response = serverRunning.getForString(location, headers); if (response.getHeaders().containsKey("Set-Cookie")) { for (String cookie : response.getHeaders().get("Set-Cookie")) { headers.add("Cookie", cookie); } } MultiValueMap<String, String> formData = new LinkedMultiValueMap<>(); if (!StringUtils.hasText(jSessionId)) { // should be directed to the login screen... assertTrue(response.getBody().contains("/login.do")); assertTrue(response.getBody().contains("username")); assertTrue(response.getBody().contains("password")); String csrf = IntegrationTestUtils.extractCookieCsrf(response.getBody()); formData.add("username", username); formData.add("password", password); formData.add(CookieBasedCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME, csrf); // Should be redirected to the original URL, but now authenticated result = serverRunning.postForResponse("/login.do", headers, formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); headers.remove("Cookie"); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { headers.add("Cookie", cookie); } } } response = serverRunning.createRestTemplate().exchange(result.getHeaders().getLocation().toString(), HttpMethod.GET, new HttpEntity<>(null, headers), String.class); if (response.getStatusCode() == HttpStatus.OK) { // The grant access page should be returned assertTrue(response.getBody().contains("<h1>Application Authorization</h1>")); formData.clear(); formData.add(USER_OAUTH_APPROVAL, "true"); formData.add(DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(response.getBody())); result = serverRunning.postForResponse("/oauth/authorize", headers, formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); location = result.getHeaders().getLocation().toString(); } else { // Token cached so no need for second approval assertEquals(HttpStatus.FOUND, response.getStatusCode()); location = response.getHeaders().getLocation().toString(); } if (StringUtils.hasText(redirectUri)) { assertTrue("Wrong location: " + location, location.matches(redirectUri + ".*code=.+")); } formData.clear(); formData.add("client_id", clientId); formData.add("grant_type", "authorization_code"); if (StringUtils.hasText(redirectUri)) { formData.add("redirect_uri", redirectUri); } if (StringUtils.hasText(tokenResponseType)) { formData.add("response_type", tokenResponseType); } formData.add("code", location.split("code=")[1].split("&")[0]); HttpHeaders tokenHeaders = new HttpHeaders(); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(clientId, clientSecret)); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/oauth/token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(tokenResponse.getBody()); Map<String, String> body = tokenResponse.getBody(); formData = new LinkedMultiValueMap<>(); headers.set("Authorization", testAccounts.getAuthorizationHeader(clientId, clientSecret)); formData.add("token", accessToken.getValue()); if (callCheckToken) { tokenResponse = serverRunning.postForMap("/check_token", formData, headers); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); //System.err.println(tokenResponse.getBody()); assertNotNull(tokenResponse.getBody().get("iss")); } return body; }