Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[OB3] Fix toolkit build failures due to updated package naming #96

Merged
merged 7 commits into from
Jul 29, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -222,6 +222,7 @@
<exclude>**/*DefaultSPMetadataFilter.class</exclude>
<exclude>**/*IdentityServiceExporter.class</exclude>
<exclude>**/*DeviceVerificationToken.class</exclude>
<exclude>**/wrapper/*</exclude>
</excludes>
</configuration>
<executions>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
* Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
Expand All @@ -21,7 +21,7 @@
import com.wso2.openbanking.accelerator.common.validator.OpenBankingValidator;
import com.wso2.openbanking.accelerator.identity.dcr.exception.DCRValidationException;
import com.wso2.openbanking.accelerator.identity.dcr.model.RegistrationRequest;
import com.wso2.openbanking.accelerator.identity.dcr.validation.validationorder.ValidationOrder;
import com.wso2.openbanking.accelerator.identity.dcr.validation.validationgroups.ValidationOrder;
import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonConstants;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,6 @@
*/
package com.wso2.openbanking.accelerator.identity.dcr.validation.validationgroups;

import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.AttributeChecks;
import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.MandatoryChecks;
import com.wso2.openbanking.accelerator.identity.common.annotations.validationgroups.SignatureCheck;

import javax.validation.GroupSequence;

/**
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
* Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
Expand Down Expand Up @@ -34,6 +34,8 @@
import org.wso2.carbon.identity.oauth.common.CodeTokenResponseValidator;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;

import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
Expand Down Expand Up @@ -273,4 +275,54 @@ public void testValidGetStateFromRequestURI() throws OAuthProblemException, OAut
assertEquals(obOAuthAuthzRequest.getState(), "abc");
}

@Test
public void testInvalidGetStateFromRequestURI() throws OAuthProblemException, OAuthSystemException {

Map<String, String[]> mockParameterMap = new HashMap<>();
mockParameterMap.put(IdentityCommonConstants.RESPONSE_TYPE, new String[]{"code id_token"});
mockParameterMap.put(IdentityCommonConstants.REQUEST_URI,
new String[]{SAMPLE_REQUEST_URI});

when(mockRequest.getParameterMap()).thenReturn(mockParameterMap);
when(mockRequest.getParameter(IdentityCommonConstants.RESPONSE_TYPE)).thenReturn("code id_token");
when(mockRequest.getParameter(IdentityCommonConstants.REDIRECT_URI)).thenReturn("abc.com");
when(mockRequest.getParameter(IdentityCommonConstants.SCOPE)).thenReturn("openid");
when(mockRequest.getParameter(IdentityCommonConstants.REQUEST_URI)).thenReturn(SAMPLE_REQUEST_URI);

// Simulate an exception being thrown when decoding the state
PowerMockito.when(IdentityCommonUtil.decodeRequestObjectAndGetKey(mockRequest, OAuth.OAUTH_STATE))
.thenThrow(OAuthProblemException.error("invalid_request").description("Invalid state").state("abc"));

obOAuthAuthzRequest = new OBOAuthAuthzRequest(mockRequest);

assertEquals(obOAuthAuthzRequest.getState(), null);
}

@Test
public void testValidGetScopesFromRequest_WhenRequestURIIsAbsent() throws OAuthProblemException,
OAuthSystemException {

Map<String, String[]> mockParameterMap = new HashMap<>();
mockParameterMap.put(IdentityCommonConstants.RESPONSE_TYPE, new String[]{"code id_token"});
mockParameterMap.put(IdentityCommonConstants.SCOPE, new String[]{"openid"});
mockParameterMap.put(IdentityCommonConstants.REQUEST,
new String[]{Base64.getEncoder().encodeToString(
"{\"scope\": \"openid\", \"redirect_uri\": \"http://example.com\"}".getBytes(
StandardCharsets.UTF_8))});
mockParameterMap.put(IdentityCommonConstants.REDIRECT_URI, new String[]{"http://example.com"});

when(mockRequest.getParameterMap()).thenReturn(mockParameterMap);
when(mockRequest.getParameter(IdentityCommonConstants.RESPONSE_TYPE)).thenReturn("code id_token");
when(mockRequest.getParameter(IdentityCommonConstants.SCOPE)).thenReturn("openid");
when(mockRequest.getParameter(IdentityCommonConstants.REQUEST)).thenReturn(
Base64.getEncoder().encodeToString(
"{\"scope\": \"openid\", \"redirect_uri\": \"http://example.com\"}".getBytes(
StandardCharsets.UTF_8)));
when(mockRequest.getParameter(IdentityCommonConstants.REDIRECT_URI)).thenReturn("http://example.com");

obOAuthAuthzRequest = new OBOAuthAuthzRequest(mockRequest);

assertEquals(obOAuthAuthzRequest.getScopes(), new HashSet<>(Collections.singletonList("openid")));
}

}
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com).
* Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
Expand Down Expand Up @@ -28,10 +28,12 @@

import static org.mockito.Matchers.anyObject;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.doThrow;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import static org.testng.Assert.fail;
import static org.testng.AssertJUnit.assertEquals;

/**
Expand Down Expand Up @@ -96,7 +98,7 @@ public void checkValidCodeResponseTypeHandling() throws IdentityOAuth2Exception,
}

@Test
public void checkHandlerLogic() {
public void checkHandlerLogic() {

OAuthAuthzReqMessageContext mock = mock(OAuthAuthzReqMessageContext.class);
when(mock.getRefreshTokenvalidityPeriod()).thenReturn(6666L);
Expand All @@ -107,4 +109,24 @@ public void checkHandlerLogic() {
assertEquals(6666L, uut.updateRefreshTokenValidityPeriod(mock));

}

@Test
public void checkExceptionHandling_WhenIsRegulatoryThrowsOpenBankingException() throws Exception {

OAuthAuthzReqMessageContext mockAuthzReqMsgCtx = mock(OAuthAuthzReqMessageContext.class);
OAuth2AuthorizeReqDTO mockAuthorizeReqDTO = mock(OAuth2AuthorizeReqDTO.class);
when(mockAuthzReqMsgCtx.getAuthorizationReqDTO()).thenReturn(mockAuthorizeReqDTO);
when(mockAuthorizeReqDTO.getConsumerKey()).thenReturn("dummyClientId");
OBCodeResponseTypeHandlerExtension uut = spy(new OBCodeResponseTypeHandlerExtension());
doThrow(new OpenBankingException("Simulated isRegulatory exception"))
.when(uut).isRegulatory("dummyClientId");

try {
uut.issue(mockAuthzReqMsgCtx);
fail("Expected IdentityOAuth2Exception was not thrown.");
} catch (IdentityOAuth2Exception e) {
// Verify that the IdentityOAuth2Exception is thrown with the expected message
assertEquals("Error while reading regulatory property", e.getMessage());
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
/**
* Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.wso2.openbanking.accelerator.identity.dcr.validation;

import com.wso2.openbanking.accelerator.common.constant.OpenBankingConstants;
import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateAlgorithm;
import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder;
import org.apache.commons.beanutils.BeanUtils;
import org.mockito.Mock;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.testng.PowerMockTestCase;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.validation.ConstraintValidatorContext;

import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;

@PowerMockIgnore("jdk.internal.reflect.*")
@PrepareForTest({BeanUtils.class, IdentityExtensionsDataHolder.class})
public class AlgorithmValidatorTest extends PowerMockTestCase {

private AlgorithmValidator validator;

@Mock
private ValidateAlgorithm validateAlgorithm;

@BeforeMethod
public void setUp() {
validator = new AlgorithmValidator();

when(validateAlgorithm.idTokenAlg()).thenReturn("idTokenAlg");
when(validateAlgorithm.reqObjAlg()).thenReturn("reqObjAlg");
when(validateAlgorithm.tokenAuthAlg()).thenReturn("tokenAuthAlg");

validator.initialize(validateAlgorithm);
}

@Test
public void testIsValid_ReturnsTrue_WhenAlgorithmsAreAllowed() throws Exception {
Object requestObject = mock(Object.class);
ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);

PowerMockito.mockStatic(BeanUtils.class);
PowerMockito.when(BeanUtils.getProperty(requestObject, "idTokenAlg")).thenReturn("RS256");
PowerMockito.when(BeanUtils.getProperty(requestObject, "reqObjAlg")).thenReturn("RS256");
PowerMockito.when(BeanUtils.getProperty(requestObject, "tokenAuthAlg")).thenReturn("RS256");

List<String> allowedAlgorithms = Arrays.asList("RS256", "HS256");

PowerMockito.mockStatic(IdentityExtensionsDataHolder.class);
IdentityExtensionsDataHolder dataHolder = PowerMockito.mock(IdentityExtensionsDataHolder.class);
Map<String, Object> configMap = new HashMap<>();
configMap.put(OpenBankingConstants.SIGNATURE_ALGORITHMS, allowedAlgorithms);
when(dataHolder.getConfigurationMap()).thenReturn(configMap);
PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(dataHolder);

boolean result = validator.isValid(requestObject, context);
Assert.assertTrue(result);
}

@Test
public void testIsValid_ReturnsFalse_WhenAlgorithmsAreNotAllowed() throws Exception {
Object requestObject = mock(Object.class);
ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);

PowerMockito.mockStatic(BeanUtils.class);
PowerMockito.when(BeanUtils.getProperty(requestObject, "idTokenAlg")).thenReturn("RS512");
PowerMockito.when(BeanUtils.getProperty(requestObject, "reqObjAlg")).thenReturn("RS512");
PowerMockito.when(BeanUtils.getProperty(requestObject, "tokenAuthAlg")).thenReturn("RS512");

List<String> allowedAlgorithms = Arrays.asList("RS256", "HS256");

PowerMockito.mockStatic(IdentityExtensionsDataHolder.class);
IdentityExtensionsDataHolder dataHolder = PowerMockito.mock(IdentityExtensionsDataHolder.class);
Map<String, Object> configMap = new HashMap<>();
configMap.put(OpenBankingConstants.SIGNATURE_ALGORITHMS, allowedAlgorithms);
when(dataHolder.getConfigurationMap()).thenReturn(configMap);
PowerMockito.when(IdentityExtensionsDataHolder.getInstance()).thenReturn(dataHolder);

boolean result = validator.isValid(requestObject, context);
Assert.assertFalse(result);
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
/**
* Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com).
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package com.wso2.openbanking.accelerator.identity.dcr.validation;

import com.wso2.openbanking.accelerator.common.util.JWTUtils;
import com.wso2.openbanking.accelerator.identity.dcr.validation.annotation.ValidateIssuer;
import org.apache.commons.beanutils.BeanUtils;
import org.mockito.Mock;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.testng.PowerMockTestCase;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

import javax.validation.ConstraintValidatorContext;

import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;

@PowerMockIgnore("jdk.internal.reflect.*")
@PrepareForTest({JWTUtils.class, BeanUtils.class})
public class IssuerValidatorTest extends PowerMockTestCase {

private IssuerValidator validator;

@Mock
private ValidateIssuer validateIssuer;

@BeforeMethod
public void setUp() {
validator = new IssuerValidator();

when(validateIssuer.issuerProperty()).thenReturn("issuer");
when(validateIssuer.ssa()).thenReturn("ssa");

validator.initialize(validateIssuer);
}

@Test
public void testIsValid_ReturnsTrue_WhenIssuerOrSoftwareStatementIsNull() throws Exception {
Object registrationRequest = mock(Object.class);
ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);

PowerMockito.mockStatic(BeanUtils.class);
PowerMockito.when(BeanUtils.getProperty(registrationRequest, "issuer")).thenReturn(null);
PowerMockito.when(BeanUtils.getProperty(registrationRequest, "ssa")).thenReturn(null);

boolean result = validator.isValid(registrationRequest, context);
Assert.assertTrue(result);
}

@Test
public void testIsValid_ReturnsFalse_OnException() throws Exception {
Object registrationRequest = mock(Object.class);
ConstraintValidatorContext context = mock(ConstraintValidatorContext.class);

PowerMockito.mockStatic(BeanUtils.class);
PowerMockito.when(BeanUtils.getProperty(registrationRequest, "issuer")).thenThrow(new NoSuchMethodException());
PowerMockito.when(BeanUtils.getProperty(registrationRequest, "ssa")).thenReturn("dummy-ssa");

boolean result = validator.isValid(registrationRequest, context);
Assert.assertFalse(result);
}
}
Loading
Loading