List of usage examples for org.springframework.util MultiValueMap add
void add(K key, @Nullable V value);
From source file:org.cloudfoundry.identity.client.UaaContextFactory.java
protected UaaContext fetchTokenFromCode(final TokenRequest request) { String clientBasicAuth = getClientBasicAuthHeader(request); RestTemplate template = new RestTemplate(); if (request.isSkipSslValidation()) { template.setRequestFactory(getNoValidatingClientHttpRequestFactory()); }//from www .j a v a 2 s. c om HttpHeaders headers = new HttpHeaders(); headers.add(HttpHeaders.AUTHORIZATION, clientBasicAuth); headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON)); headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); MultiValueMap<String, String> form = new LinkedMultiValueMap<>(); form.add(OAuth2Utils.GRANT_TYPE, "authorization_code"); form.add(OAuth2Utils.REDIRECT_URI, request.getRedirectUri().toString()); String responseType = "token"; if (request.wantsIdToken()) { responseType += " id_token"; } form.add(OAuth2Utils.RESPONSE_TYPE, responseType); form.add("code", request.getAuthorizationCode()); ResponseEntity<CompositeAccessToken> token = template.exchange(request.getTokenEndpoint(), HttpMethod.POST, new HttpEntity<>(form, headers), CompositeAccessToken.class); return new UaaContextImpl(request, null, token.getBody()); }
From source file:org.cloudfoundry.identity.client.UaaContextFactory.java
protected UaaContext authenticateSaml2BearerAssertion(final TokenRequest request) { RestTemplate template = new RestTemplate(); if (request.isSkipSslValidation()) { template.setRequestFactory(getNoValidatingClientHttpRequestFactory()); }/*w w w. j a v a2 s.co m*/ HttpHeaders headers = new HttpHeaders(); headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON)); headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); MultiValueMap<String, String> form = new LinkedMultiValueMap<>(); form.add(OAuth2Utils.CLIENT_ID, request.getClientId()); form.add("client_secret", request.getClientSecret()); form.add(OAuth2Utils.GRANT_TYPE, "urn:ietf:params:oauth:grant-type:saml2-bearer"); form.add("assertion", request.getAuthCodeAPIToken()); ResponseEntity<CompositeAccessToken> token = template.exchange(request.getTokenEndpoint(), HttpMethod.POST, new HttpEntity<>(form, headers), CompositeAccessToken.class); return new UaaContextImpl(request, null, token.getBody()); }
From source file:org.cloudfoundry.identity.uaa.integration.CheckTokenEndpointIntegrationTests.java
@Test public void testDecodeToken() { AuthorizationCodeResourceDetails resource = testAccounts.getDefaultAuthorizationCodeResource(); BasicCookieStore cookies = new BasicCookieStore(); URI uri = serverRunning.buildUri("/oauth/authorize").queryParam("response_type", "code") .queryParam("state", "mystateid").queryParam("client_id", resource.getClientId()) .queryParam("redirect_uri", resource.getPreEstablishedRedirectUri()).build(); ResponseEntity<Void> result = serverRunning.getForResponse(uri.toString(), getHeaders(cookies)); assertEquals(HttpStatus.FOUND, result.getStatusCode()); String location = result.getHeaders().getLocation().toString(); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { int nameLength = cookie.indexOf('='); cookies.addCookie(//from w w w. j a v a 2s. c o m new BasicClientCookie(cookie.substring(0, nameLength), cookie.substring(nameLength + 1))); } } ResponseEntity<String> response = serverRunning.getForString(location, getHeaders(cookies)); if (response.getHeaders().containsKey("Set-Cookie")) { for (String cookie : response.getHeaders().get("Set-Cookie")) { int nameLength = cookie.indexOf('='); cookies.addCookie( new BasicClientCookie(cookie.substring(0, nameLength), cookie.substring(nameLength + 1))); } } // should be directed to the login screen... assertTrue(response.getBody().contains("/login.do")); assertTrue(response.getBody().contains("username")); assertTrue(response.getBody().contains("password")); String csrf = IntegrationTestUtils.extractCookieCsrf(response.getBody()); MultiValueMap<String, String> formData = new LinkedMultiValueMap<>(); formData.add("username", testAccounts.getUserName()); formData.add("password", testAccounts.getPassword()); formData.add(DEFAULT_CSRF_COOKIE_NAME, csrf); // Should be redirected to the original URL, but now authenticated result = serverRunning.postForResponse("/login.do", getHeaders(cookies), formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); if (result.getHeaders().containsKey("Set-Cookie")) { for (String cookie : result.getHeaders().get("Set-Cookie")) { int nameLength = cookie.indexOf('='); cookies.addCookie( new BasicClientCookie(cookie.substring(0, nameLength), cookie.substring(nameLength + 1))); } } response = serverRunning.getForString(result.getHeaders().getLocation().toString(), getHeaders(cookies)); if (response.getHeaders().containsKey("Set-Cookie")) { for (String cookie : response.getHeaders().get("Set-Cookie")) { int nameLength = cookie.indexOf('='); cookies.addCookie( new BasicClientCookie(cookie.substring(0, nameLength), cookie.substring(nameLength + 1))); } } if (response.getStatusCode() == HttpStatus.OK) { // The grant access page should be returned assertTrue(response.getBody().contains("<h1>Application Authorization</h1>")); formData.clear(); formData.add(DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(response.getBody())); formData.add(USER_OAUTH_APPROVAL, "true"); result = serverRunning.postForResponse("/oauth/authorize", getHeaders(cookies), formData); assertEquals(HttpStatus.FOUND, result.getStatusCode()); location = result.getHeaders().getLocation().toString(); } else { // Token cached so no need for second approval assertEquals(HttpStatus.FOUND, response.getStatusCode()); location = response.getHeaders().getLocation().toString(); } assertTrue("Wrong location: " + location, location.matches(resource.getPreEstablishedRedirectUri() + ".*code=.+")); formData.clear(); formData.add("client_id", resource.getClientId()); formData.add("redirect_uri", resource.getPreEstablishedRedirectUri()); formData.add("grant_type", GRANT_TYPE_AUTHORIZATION_CODE); formData.add("code", location.split("code=")[1].split("&")[0]); HttpHeaders tokenHeaders = new HttpHeaders(); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(resource.getClientId(), resource.getClientSecret())); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/oauth/token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(tokenResponse.getBody()); HttpHeaders headers = new HttpHeaders(); formData = new LinkedMultiValueMap<String, String>(); headers.set("Authorization", testAccounts.getAuthorizationHeader(resource.getClientId(), resource.getClientSecret())); formData.add("token", accessToken.getValue()); tokenResponse = serverRunning.postForMap("/check_token", formData, headers); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> map = tokenResponse.getBody(); assertNotNull(map.get("iss")); assertEquals(testAccounts.getUserName(), map.get("user_name")); assertEquals(testAccounts.getEmail(), map.get("email")); // Test that Spring's default converter can create an auth from the response. Authentication auth = (new DefaultUserAuthenticationConverter()).extractAuthentication(map); }
From source file:org.cloudfoundry.identity.uaa.integration.CheckTokenEndpointIntegrationTests.java
@Test public void testUnauthorized() { MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); formData.add("token", "FOO"); HttpHeaders headers = new HttpHeaders(); headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON)); @SuppressWarnings("rawtypes") ResponseEntity<Map> response = serverRunning.postForMap("/check_token", formData, headers); assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> map = response.getBody(); assertTrue(map.containsKey("error")); }
From source file:org.cloudfoundry.identity.uaa.integration.CheckTokenEndpointIntegrationTests.java
@Test public void testForbidden() throws Exception { MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); formData.add("token", "FOO"); HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", "Basic " + new String(Base64.encode("cf:".getBytes("UTF-8")))); headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON)); @SuppressWarnings("rawtypes") ResponseEntity<Map> response = serverRunning.postForMap("/check_token", formData, headers); assertEquals(HttpStatus.FORBIDDEN, response.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> map = response.getBody(); assertTrue(map.containsKey("error")); }
From source file:org.cloudfoundry.identity.uaa.integration.CheckTokenEndpointIntegrationTests.java
@Test public void testValidPasswordGrant() { OAuth2AccessToken accessToken = getUserToken(null); MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); HttpHeaders tokenHeaders = new HttpHeaders(); ClientCredentialsResourceDetails resource = testAccounts.getClientCredentialsResource("app", null, "app", "appclientsecret"); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(resource.getClientId(), resource.getClientSecret())); formData.add("token", accessToken.getValue()); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/check_token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); assertNotNull(tokenResponse.getBody()); System.out.println(tokenResponse.getBody()); @SuppressWarnings("unchecked") Map<String, String> map = tokenResponse.getBody(); assertNotNull(map.get("iss")); assertEquals(testAccounts.getUserName(), map.get("user_name")); assertEquals(testAccounts.getEmail(), map.get("email")); }
From source file:org.cloudfoundry.identity.uaa.integration.CheckTokenEndpointIntegrationTests.java
@Test public void testAddidionalAttributes() { OAuth2AccessToken accessToken = getUserToken( "{\"az_attr\":{\"external_group\":\"domain\\\\group1\",\"external_id\":\"abcd1234\"}}"); MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); HttpHeaders tokenHeaders = new HttpHeaders(); ClientCredentialsResourceDetails resource = testAccounts.getClientCredentialsResource("app", null, "app", "appclientsecret"); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(resource.getClientId(), resource.getClientSecret())); formData.add("token", accessToken.getValue()); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/check_token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); assertNotNull(tokenResponse.getBody()); System.out.println(tokenResponse.getBody()); @SuppressWarnings("unchecked") Map<String, String> map = tokenResponse.getBody(); assertNotNull(map.get("iss")); assertEquals(testAccounts.getUserName(), map.get("user_name")); assertEquals(testAccounts.getEmail(), map.get("email")); }
From source file:org.cloudfoundry.identity.uaa.integration.CheckTokenEndpointIntegrationTests.java
@Test public void testInvalidAddidionalAttributes() { OAuth2AccessToken accessToken = getUserToken( "{\"az_attr\":{\"external_group\":true,\"external_id\":{\"nested_group\":true,\"nested_id\":1234}} }"); MultiValueMap<String, String> formData = new LinkedMultiValueMap<String, String>(); HttpHeaders tokenHeaders = new HttpHeaders(); ClientCredentialsResourceDetails resource = testAccounts.getClientCredentialsResource("app", null, "app", "appclientsecret"); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(resource.getClientId(), resource.getClientSecret())); formData.add("token", accessToken.getValue()); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/check_token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> map = tokenResponse.getBody(); assertNull(map.get("az_attr")); }
From source file:org.cloudfoundry.identity.uaa.integration.feature.AutologinIT.java
@Test public void testSimpleAutologinFlow() throws Exception { HttpHeaders headers = getAppBasicAuthHttpHeaders(); LinkedMultiValueMap<String, String> requestBody = new LinkedMultiValueMap<>(); requestBody.add("username", testAccounts.getUserName()); requestBody.add("password", testAccounts.getPassword()); //generate an autologin code with our credentials ResponseEntity<Map> autologinResponseEntity = restOperations.exchange(baseUrl + "/autologin", HttpMethod.POST, new HttpEntity<>(requestBody.toSingleValueMap(), headers), Map.class); String autologinCode = (String) autologinResponseEntity.getBody().get("code"); //start the authorization flow - this will issue a login event //by using the autologin code String authorizeUrl = UriComponentsBuilder.fromHttpUrl(baseUrl).path("/oauth/authorize") .queryParam("redirect_uri", appUrl).queryParam("response_type", "code") .queryParam("client_id", "app").queryParam("code", autologinCode).build().toUriString(); //rest template that does NOT follow redirects RestTemplate template = new RestTemplate(new DefaultIntegrationTestConfig.HttpClientFactory()); headers.remove("Authorization"); headers.add(HttpHeaders.ACCEPT, MediaType.TEXT_HTML_VALUE); ResponseEntity<String> authorizeResponse = template.exchange(authorizeUrl, HttpMethod.GET, new HttpEntity<>(new HashMap<String, String>(), headers), String.class); //we are now logged in. retrieve the JSESSIONID List<String> cookies = authorizeResponse.getHeaders().get("Set-Cookie"); int cookiesAdded = 0; headers = getAppBasicAuthHttpHeaders(); for (String cookie : cookies) { if (cookie.startsWith("X-Uaa-Csrf=") || cookie.startsWith("JSESSIONID=")) { headers.add("Cookie", cookie); cookiesAdded++;/*from www . j a va 2 s. c om*/ } } assertEquals(2, cookiesAdded); //if we receive a 200, then we must approve our scopes if (HttpStatus.OK == authorizeResponse.getStatusCode()) { authorizeUrl = UriComponentsBuilder.fromHttpUrl(baseUrl).path("/oauth/authorize") .queryParam("user_oauth_approval", "true") .queryParam(DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(authorizeResponse.getBody())) .build().toUriString(); authorizeResponse = template.exchange(authorizeUrl, HttpMethod.POST, new HttpEntity<>(new HashMap<String, String>(), headers), String.class); } //approval is complete, we receive a token code back assertEquals(HttpStatus.FOUND, authorizeResponse.getStatusCode()); List<String> location = authorizeResponse.getHeaders().get("Location"); assertEquals(1, location.size()); String newCode = location.get(0).substring(location.get(0).indexOf("code=") + 5); //request a token using our code String tokenUrl = UriComponentsBuilder.fromHttpUrl(baseUrl).path("/oauth/token").build().toUriString(); MultiValueMap<String, String> tokenParams = new LinkedMultiValueMap<>(); tokenParams.add("response_type", "token"); tokenParams.add("grant_type", GRANT_TYPE_AUTHORIZATION_CODE); tokenParams.add("code", newCode); tokenParams.add("redirect_uri", appUrl); headers.set(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED_VALUE); headers.set(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE); RequestEntity<MultiValueMap<String, String>> requestEntity = new RequestEntity<>(tokenParams, headers, HttpMethod.POST, new URI(tokenUrl)); ResponseEntity<Map> tokenResponse = template.exchange(requestEntity, Map.class); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); //here we must reset our state. we do that by following the logout flow. headers.clear(); BasicCookieStore cookieStore = new BasicCookieStore(); ResponseEntity<String> loginResponse = template.exchange(baseUrl + "/login", HttpMethod.GET, new HttpEntity<>(null, getHeaders(cookieStore)), String.class); setCookiesFromResponse(cookieStore, loginResponse); String csrf = IntegrationTestUtils.extractCookieCsrf(loginResponse.getBody()); requestBody.add(DEFAULT_CSRF_COOKIE_NAME, csrf); headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); loginResponse = restOperations.exchange(baseUrl + "/login.do", HttpMethod.POST, new HttpEntity<>(requestBody, getHeaders(cookieStore)), String.class); cookies = loginResponse.getHeaders().get("Set-Cookie"); assertThat(cookies, hasItem(startsWith("JSESSIONID"))); assertThat(cookies, hasItem(startsWith("X-Uaa-Csrf"))); if (IdentityZoneHolder.get().getConfig().isAccountChooserEnabled()) { assertThat(cookies, hasItem(startsWith("Saved-Account-"))); } assertThat(cookies, hasItem(startsWith("Current-User"))); cookieStore.clear(); setCookiesFromResponse(cookieStore, loginResponse); headers.add(HttpHeaders.ACCEPT, MediaType.TEXT_HTML_VALUE); ResponseEntity<String> profilePage = restOperations.exchange(baseUrl + "/profile", HttpMethod.GET, new HttpEntity<>(null, getHeaders(cookieStore)), String.class); setCookiesFromResponse(cookieStore, profilePage); String revokeApprovalsUrl = UriComponentsBuilder.fromHttpUrl(baseUrl).path("/profile").build() .toUriString(); requestBody.clear(); requestBody.add("clientId", "app"); requestBody.add("delete", ""); requestBody.add(DEFAULT_CSRF_COOKIE_NAME, IntegrationTestUtils.extractCookieCsrf(profilePage.getBody())); ResponseEntity<Void> revokeResponse = template.exchange(revokeApprovalsUrl, HttpMethod.POST, new HttpEntity<>(requestBody, getHeaders(cookieStore)), Void.class); assertEquals(HttpStatus.FOUND, revokeResponse.getStatusCode()); }
From source file:org.cloudfoundry.identity.uaa.integration.feature.AutologinIT.java
@Test public void testFormEncodedAutologinRequest() throws Exception { HttpHeaders headers = getAppBasicAuthHttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); MultiValueMap<String, String> requestBody = new LinkedMultiValueMap<>(); requestBody.add("username", testAccounts.getUserName()); requestBody.add("password", testAccounts.getPassword()); ResponseEntity<Map> autologinResponseEntity = restOperations.exchange(baseUrl + "/autologin", HttpMethod.POST, new HttpEntity<>(requestBody.toSingleValueMap(), headers), Map.class); String autologinCode = (String) autologinResponseEntity.getBody().get("code"); assertEquals(10, autologinCode.length()); }