From 396cdf60a27937d872ad79d3f3d8ec6b710cee94 Mon Sep 17 00:00:00 2001 From: lojzatran Date: Tue, 26 Mar 2024 13:32:14 +0100 Subject: [PATCH 1/6] Add test for refresh token flow --- ...alCustomerPasswordAuthIntegrationTest.java | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java index d967f10a14c..9040cb6e0aa 100644 --- a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java +++ b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java @@ -3,18 +3,25 @@ import static commercetools.utils.CommercetoolsTestUtils.*; +import java.time.Duration; import java.util.concurrent.ExecutionException; +import com.commercetools.api.defaultconfig.ServiceRegion; import com.commercetools.api.models.customer.Customer; import com.commercetools.api.models.customer.CustomerDraft; import com.commercetools.api.models.customer.CustomerDraftBuilder; import commercetools.customer.CustomerFixtures; import commercetools.utils.CommercetoolsTestUtils; +import io.vrap.rmf.base.client.AuthenticationToken; import io.vrap.rmf.base.client.HttpClientSupplier; +import io.vrap.rmf.base.client.ServiceRegionConfig; import io.vrap.rmf.base.client.VrapHttpClient; import io.vrap.rmf.base.client.oauth2.GlobalCustomerPasswordTokenSupplier; +import io.vrap.rmf.base.client.oauth2.InMemoryTokenStorage; +import io.vrap.rmf.base.client.oauth2.RefreshFlowTokenSupplier; +import io.vrap.rmf.base.client.utils.ClientUtils; import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; @@ -59,6 +66,27 @@ public void execute() { } } + @Test + public void refreshTokenFlow () { + CustomerFixtures.withCustomer(customer -> { + GlobalCustomerPasswordTokenSupplier globalCustomerPasswordTokenSupplier = new GlobalCustomerPasswordTokenSupplier( + getClientId(), getClientSecret(), customer.getEmail(), CustomerFixtures.TEST_CUSTOMER_PASSWORD, null, + ServiceRegion.GCP_EUROPE_WEST1.getPasswordFlowTokenURL(CommercetoolsTestUtils.getProjectKey()), vrapHttpClient); + + final AuthenticationToken authenticationToken = ClientUtils.blockingWait(globalCustomerPasswordTokenSupplier.getToken(), Duration.ofSeconds(10)); + + InMemoryTokenStorage tokenStorage = new InMemoryTokenStorage(authenticationToken); + + RefreshFlowTokenSupplier refreshFlowTokenSupplier = new RefreshFlowTokenSupplier( + getClientId(), getClientSecret(), ServiceRegion.GCP_EUROPE_WEST1.getOAuthTokenUrl(), + tokenStorage, vrapHttpClient); + AuthenticationToken newAuthenticationToken = ClientUtils.blockingWait(refreshFlowTokenSupplier.refreshToken(), Duration.ofSeconds(10)); + + Assertions.assertNotEquals(authenticationToken.getAccessToken(), newAuthenticationToken.getAccessToken()); + Assertions.assertTrue(authenticationToken.getExpiresInZonedDateTime().isBefore(newAuthenticationToken.getExpiresInZonedDateTime())); + }); + } + @Test public void throwExceptionWrongCredentials() { Assertions.assertThrows(ExecutionException.class, () -> { From c4d3b5f96f8dca23235dfd3f75882e01a849b54a Mon Sep 17 00:00:00 2001 From: "ct-sdks[bot]" <153784748+ct-sdks[bot]@users.noreply.github.com> Date: Tue, 26 Mar 2024 12:34:36 +0000 Subject: [PATCH 2/6] spotless: Fix code style --- ...alCustomerPasswordAuthIntegrationTest.java | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java index 9040cb6e0aa..ff70a6d0920 100644 --- a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java +++ b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java @@ -15,13 +15,12 @@ import io.vrap.rmf.base.client.AuthenticationToken; import io.vrap.rmf.base.client.HttpClientSupplier; -import io.vrap.rmf.base.client.ServiceRegionConfig; import io.vrap.rmf.base.client.VrapHttpClient; import io.vrap.rmf.base.client.oauth2.GlobalCustomerPasswordTokenSupplier; - import io.vrap.rmf.base.client.oauth2.InMemoryTokenStorage; import io.vrap.rmf.base.client.oauth2.RefreshFlowTokenSupplier; import io.vrap.rmf.base.client.utils.ClientUtils; + import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; @@ -67,23 +66,26 @@ public void execute() { } @Test - public void refreshTokenFlow () { + public void refreshTokenFlow() { CustomerFixtures.withCustomer(customer -> { GlobalCustomerPasswordTokenSupplier globalCustomerPasswordTokenSupplier = new GlobalCustomerPasswordTokenSupplier( - getClientId(), getClientSecret(), customer.getEmail(), CustomerFixtures.TEST_CUSTOMER_PASSWORD, null, - ServiceRegion.GCP_EUROPE_WEST1.getPasswordFlowTokenURL(CommercetoolsTestUtils.getProjectKey()), vrapHttpClient); + getClientId(), getClientSecret(), customer.getEmail(), CustomerFixtures.TEST_CUSTOMER_PASSWORD, null, + ServiceRegion.GCP_EUROPE_WEST1.getPasswordFlowTokenURL(CommercetoolsTestUtils.getProjectKey()), + vrapHttpClient); - final AuthenticationToken authenticationToken = ClientUtils.blockingWait(globalCustomerPasswordTokenSupplier.getToken(), Duration.ofSeconds(10)); + final AuthenticationToken authenticationToken = ClientUtils + .blockingWait(globalCustomerPasswordTokenSupplier.getToken(), Duration.ofSeconds(10)); InMemoryTokenStorage tokenStorage = new InMemoryTokenStorage(authenticationToken); - RefreshFlowTokenSupplier refreshFlowTokenSupplier = new RefreshFlowTokenSupplier( - getClientId(), getClientSecret(), ServiceRegion.GCP_EUROPE_WEST1.getOAuthTokenUrl(), - tokenStorage, vrapHttpClient); - AuthenticationToken newAuthenticationToken = ClientUtils.blockingWait(refreshFlowTokenSupplier.refreshToken(), Duration.ofSeconds(10)); + RefreshFlowTokenSupplier refreshFlowTokenSupplier = new RefreshFlowTokenSupplier(getClientId(), + getClientSecret(), ServiceRegion.GCP_EUROPE_WEST1.getOAuthTokenUrl(), tokenStorage, vrapHttpClient); + AuthenticationToken newAuthenticationToken = ClientUtils + .blockingWait(refreshFlowTokenSupplier.refreshToken(), Duration.ofSeconds(10)); Assertions.assertNotEquals(authenticationToken.getAccessToken(), newAuthenticationToken.getAccessToken()); - Assertions.assertTrue(authenticationToken.getExpiresInZonedDateTime().isBefore(newAuthenticationToken.getExpiresInZonedDateTime())); + Assertions.assertTrue(authenticationToken.getExpiresInZonedDateTime() + .isBefore(newAuthenticationToken.getExpiresInZonedDateTime())); }); } From c47a71726e604606600949f78285022ed110ab84 Mon Sep 17 00:00:00 2001 From: "ct-sdks[bot]" <153784748+ct-sdks[bot]@users.noreply.github.com> Date: Tue, 26 Mar 2024 12:34:37 +0000 Subject: [PATCH 3/6] spotless: add commit to blame ignore revs file --- .git-blame-ignore-revs | 1 + 1 file changed, 1 insertion(+) diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs index b7a8d1a2968..c97cfb482b2 100644 --- a/.git-blame-ignore-revs +++ b/.git-blame-ignore-revs @@ -5,3 +5,4 @@ a8ec45c8ea4ba559247b654d01b0d35b21a68865 +c4d3b5f96f8dca23235dfd3f75882e01a849b54a From cb45d5c8a32313cb8bedbe23a64be6be2fe72691 Mon Sep 17 00:00:00 2001 From: lojzatran Date: Wed, 27 Mar 2024 22:44:56 +0100 Subject: [PATCH 4/6] Add test to get access token from apiRoot --- ...alCustomerPasswordAuthIntegrationTest.java | 69 ++++++++++++++++++- 1 file changed, 68 insertions(+), 1 deletion(-) diff --git a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java index ff70a6d0920..313f5502304 100644 --- a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java +++ b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java @@ -3,19 +3,28 @@ import static commercetools.utils.CommercetoolsTestUtils.*; +import java.security.MessageDigest; import java.time.Duration; +import java.util.Arrays; import java.util.concurrent.ExecutionException; +import com.commercetools.api.client.ApiRoot; +import com.commercetools.api.defaultconfig.ApiRootBuilder; import com.commercetools.api.defaultconfig.ServiceRegion; import com.commercetools.api.models.customer.Customer; import com.commercetools.api.models.customer.CustomerDraft; import com.commercetools.api.models.customer.CustomerDraftBuilder; +import com.commercetools.api.models.project.Project; import commercetools.customer.CustomerFixtures; import commercetools.utils.CommercetoolsTestUtils; +import io.vrap.rmf.base.client.ApiHttpResponse; import io.vrap.rmf.base.client.AuthenticationToken; import io.vrap.rmf.base.client.HttpClientSupplier; import io.vrap.rmf.base.client.VrapHttpClient; +import io.vrap.rmf.base.client.http.HttpStatusCode; +import io.vrap.rmf.base.client.http.OAuthHandler; +import io.vrap.rmf.base.client.http.OAuthMiddleware; import io.vrap.rmf.base.client.oauth2.GlobalCustomerPasswordTokenSupplier; import io.vrap.rmf.base.client.oauth2.InMemoryTokenStorage; import io.vrap.rmf.base.client.oauth2.RefreshFlowTokenSupplier; @@ -83,12 +92,52 @@ public void refreshTokenFlow() { AuthenticationToken newAuthenticationToken = ClientUtils .blockingWait(refreshFlowTokenSupplier.refreshToken(), Duration.ofSeconds(10)); - Assertions.assertNotEquals(authenticationToken.getAccessToken(), newAuthenticationToken.getAccessToken()); + Assertions.assertNotEquals(calculateSha256(authenticationToken.getAccessToken()), calculateSha256(newAuthenticationToken.getAccessToken())); Assertions.assertTrue(authenticationToken.getExpiresInZonedDateTime() .isBefore(newAuthenticationToken.getExpiresInZonedDateTime())); }); } + @Test + public void getNewAccessTokenFromApiRoot() { + CustomerFixtures.withCustomer(customer -> { + GlobalCustomerPasswordTokenSupplier globalCustomerPasswordTokenSupplier = new GlobalCustomerPasswordTokenSupplier( + getClientId(), getClientSecret(), customer.getEmail(), CustomerFixtures.TEST_CUSTOMER_PASSWORD, null, + ServiceRegion.GCP_EUROPE_WEST1.getPasswordFlowTokenURL(CommercetoolsTestUtils.getProjectKey()), + vrapHttpClient); + + AuthenticationToken authenticationToken = ClientUtils + .blockingWait(globalCustomerPasswordTokenSupplier.getToken(), Duration.ofSeconds(10)); + String oldAccessToken = authenticationToken.getAccessToken(); + authenticationToken.setExpiresIn(0L); + + InMemoryTokenStorage tokenStorage = new InMemoryTokenStorage(authenticationToken); + + RefreshFlowTokenSupplier refreshFlowTokenSupplier = new RefreshFlowTokenSupplier(getClientId(), + getClientSecret(), ServiceRegion.GCP_EUROPE_WEST1.getOAuthTokenUrl(), tokenStorage, vrapHttpClient); + + OAuthHandler oAuthHandler = new OAuthHandler(refreshFlowTokenSupplier, Duration.ofSeconds(60)); + + ApiRoot apiRoot = ApiRootBuilder.ofEnvironmentVariables() + .withOAuthMiddleware(OAuthMiddleware.of(oAuthHandler)) + .withPolicies(policyBuilder -> policyBuilder.withRetry(builder -> builder.maxRetries(5) + .statusCodes(Arrays.asList(HttpStatusCode.BAD_GATEWAY_502, + HttpStatusCode.SERVICE_UNAVAILABLE_503, HttpStatusCode.GATEWAY_TIMEOUT_504)) + )) + .build(); + + + apiRoot.withProjectKey(getProjectKey()) + .get() + .execute() + .thenApply(ApiHttpResponse::getBody) + .thenApply(Project::getName) + .join(); + + Assertions.assertNotEquals(calculateSha256(oldAccessToken), calculateSha256(tokenStorage.getToken().getAccessToken())); + }); + } + @Test public void throwExceptionWrongCredentials() { Assertions.assertThrows(ExecutionException.class, () -> { @@ -100,4 +149,22 @@ public void throwExceptionWrongCredentials() { globalCustomerPasswordTokenSupplier.getToken().get(); }); } + + public static String calculateSha256(final String base) { + try{ + final MessageDigest digest = MessageDigest.getInstance("SHA-256"); + final byte[] hash = digest.digest(base.getBytes("UTF-8")); + final StringBuilder hexString = new StringBuilder(); + for (int i = 0; i < hash.length; i++) { + final String hex = Integer.toHexString(0xff & hash[i]); + if(hex.length() == 1) + hexString.append('0'); + hexString.append(hex); + } + return hexString.toString(); + } catch(Exception ex){ + throw new RuntimeException(ex); + } + } + } From 7c713fb498eba102edbd8eb50d5072e16f1b188d Mon Sep 17 00:00:00 2001 From: "ct-sdks[bot]" <153784748+ct-sdks[bot]@users.noreply.github.com> Date: Wed, 27 Mar 2024 21:47:42 +0000 Subject: [PATCH 5/6] spotless: Fix code style --- ...alCustomerPasswordAuthIntegrationTest.java | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java index 313f5502304..606b6e0ec6c 100644 --- a/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java +++ b/commercetools/commercetools-sdk-java-api/src/integrationTest/java/commercetools/oauth/GlobalCustomerPasswordAuthIntegrationTest.java @@ -92,7 +92,8 @@ public void refreshTokenFlow() { AuthenticationToken newAuthenticationToken = ClientUtils .blockingWait(refreshFlowTokenSupplier.refreshToken(), Duration.ofSeconds(10)); - Assertions.assertNotEquals(calculateSha256(authenticationToken.getAccessToken()), calculateSha256(newAuthenticationToken.getAccessToken())); + Assertions.assertNotEquals(calculateSha256(authenticationToken.getAccessToken()), + calculateSha256(newAuthenticationToken.getAccessToken())); Assertions.assertTrue(authenticationToken.getExpiresInZonedDateTime() .isBefore(newAuthenticationToken.getExpiresInZonedDateTime())); }); @@ -102,9 +103,9 @@ public void refreshTokenFlow() { public void getNewAccessTokenFromApiRoot() { CustomerFixtures.withCustomer(customer -> { GlobalCustomerPasswordTokenSupplier globalCustomerPasswordTokenSupplier = new GlobalCustomerPasswordTokenSupplier( - getClientId(), getClientSecret(), customer.getEmail(), CustomerFixtures.TEST_CUSTOMER_PASSWORD, null, - ServiceRegion.GCP_EUROPE_WEST1.getPasswordFlowTokenURL(CommercetoolsTestUtils.getProjectKey()), - vrapHttpClient); + getClientId(), getClientSecret(), customer.getEmail(), CustomerFixtures.TEST_CUSTOMER_PASSWORD, null, + ServiceRegion.GCP_EUROPE_WEST1.getPasswordFlowTokenURL(CommercetoolsTestUtils.getProjectKey()), + vrapHttpClient); AuthenticationToken authenticationToken = ClientUtils .blockingWait(globalCustomerPasswordTokenSupplier.getToken(), Duration.ofSeconds(10)); @@ -114,7 +115,7 @@ public void getNewAccessTokenFromApiRoot() { InMemoryTokenStorage tokenStorage = new InMemoryTokenStorage(authenticationToken); RefreshFlowTokenSupplier refreshFlowTokenSupplier = new RefreshFlowTokenSupplier(getClientId(), - getClientSecret(), ServiceRegion.GCP_EUROPE_WEST1.getOAuthTokenUrl(), tokenStorage, vrapHttpClient); + getClientSecret(), ServiceRegion.GCP_EUROPE_WEST1.getOAuthTokenUrl(), tokenStorage, vrapHttpClient); OAuthHandler oAuthHandler = new OAuthHandler(refreshFlowTokenSupplier, Duration.ofSeconds(60)); @@ -122,11 +123,9 @@ public void getNewAccessTokenFromApiRoot() { .withOAuthMiddleware(OAuthMiddleware.of(oAuthHandler)) .withPolicies(policyBuilder -> policyBuilder.withRetry(builder -> builder.maxRetries(5) .statusCodes(Arrays.asList(HttpStatusCode.BAD_GATEWAY_502, - HttpStatusCode.SERVICE_UNAVAILABLE_503, HttpStatusCode.GATEWAY_TIMEOUT_504)) - )) + HttpStatusCode.SERVICE_UNAVAILABLE_503, HttpStatusCode.GATEWAY_TIMEOUT_504)))) .build(); - apiRoot.withProjectKey(getProjectKey()) .get() .execute() @@ -134,7 +133,8 @@ public void getNewAccessTokenFromApiRoot() { .thenApply(Project::getName) .join(); - Assertions.assertNotEquals(calculateSha256(oldAccessToken), calculateSha256(tokenStorage.getToken().getAccessToken())); + Assertions.assertNotEquals(calculateSha256(oldAccessToken), + calculateSha256(tokenStorage.getToken().getAccessToken())); }); } @@ -151,18 +151,19 @@ public void throwExceptionWrongCredentials() { } public static String calculateSha256(final String base) { - try{ + try { final MessageDigest digest = MessageDigest.getInstance("SHA-256"); final byte[] hash = digest.digest(base.getBytes("UTF-8")); final StringBuilder hexString = new StringBuilder(); for (int i = 0; i < hash.length; i++) { final String hex = Integer.toHexString(0xff & hash[i]); - if(hex.length() == 1) + if (hex.length() == 1) hexString.append('0'); hexString.append(hex); } return hexString.toString(); - } catch(Exception ex){ + } + catch (Exception ex) { throw new RuntimeException(ex); } } From 1a108e0e3ac4088735a7ef5128e430741c99badc Mon Sep 17 00:00:00 2001 From: "ct-sdks[bot]" <153784748+ct-sdks[bot]@users.noreply.github.com> Date: Wed, 27 Mar 2024 21:47:44 +0000 Subject: [PATCH 6/6] spotless: add commit to blame ignore revs file --- .git-blame-ignore-revs | 1 + 1 file changed, 1 insertion(+) diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs index c97cfb482b2..0b8f98431e8 100644 --- a/.git-blame-ignore-revs +++ b/.git-blame-ignore-revs @@ -6,3 +6,4 @@ a8ec45c8ea4ba559247b654d01b0d35b21a68865 c4d3b5f96f8dca23235dfd3f75882e01a849b54a +7c713fb498eba102edbd8eb50d5072e16f1b188d