Orcid3StepOauthFlowTest.java example

Explorer
ORCID-Source-master
/**
 * =============================================================================
 *
 * ORCID (R) Open Source
 * http://orcid.org
 *
 * Copyright (c) 2012-2014 ORCID, Inc.
 * Licensed under an MIT-Style License (MIT)
 * http://orcid.org/open-source-license
 *
 * This copyright and license information (including a link to the full license)
 * shall be included in its entirety in all copies or substantial portion of
 * the software.
 *
 * =============================================================================
 */
package org.orcid.integration.blackbox.api;

import static org.junit.Assert.assertTrue;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.annotation.Resource;

import org.codehaus.jettison.json.JSONException;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.orcid.integration.blackbox.api.v12.T2OAuthAPIService;
import org.orcid.integration.blackbox.api.v2.rc1.BlackBoxBaseRC1;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

import com.sun.jersey.api.client.ClientResponse;

@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = { "classpath:test-context.xml" })
public class Orcid3StepOauthFlowTest extends BlackBoxBaseRC1 {
    private static final Pattern ERROR_PATTERN = Pattern.compile("error=(.+)&");
    private static final Pattern ERROR_DESCRIPTION_PATTERN = Pattern.compile("error_description=(.+)");
    private static final String ERROR_NAME = "invalid_scope";

    @Resource(name = "t2OAuthClient")
    private T2OAuthAPIService<ClientResponse> oauthT2Client;

    @Test
    public void testInvalidScopeThrowException() throws JSONException, InterruptedException {
        signout();
        String scopes = "/orcid-profile/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        String url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/orcid-profile/create");

        scopes = "/orcid-works/create /orcid-profile/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/orcid-profile/create");

        scopes = "/orcid-profile/create /orcid-works/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/orcid-profile/create");

        scopes = "/read-public";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/read-public");

        scopes = "/orcid-works/create /read-public";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/read-public");

        scopes = "/read-public /orcid-works/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/read-public");

        scopes = "/webhook";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/webhook");

        scopes = "/orcid-works/create /webhook";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/webhook");

        scopes = "/webhook /orcid-works/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/webhook");

        scopes = "/premium-notification";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/premium-notification");

        scopes = "/orcid-works/create /premium-notification";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/premium-notification");

        scopes = "/premium-notification /orcid-works/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/premium-notification");
        
        scopes = "/group-id-record/read /orcid-works/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/group-id-record/read");
        
        scopes = "/group-id-record/update /orcid-works/create";
        webDriver.get(String.format("%s/oauth/authorize?client_id=%s&response_type=code&scope=%s&redirect_uri=%s", this.getWebBaseUrl(), this.getClient1ClientId(), scopes, this.getClient1RedirectUri()));
        url = webDriver.getCurrentUrl();
        evaluateUrl(url, "/group-id-record/update");
        
    }

    private void evaluateUrl(String currentUrl, String invalidScope) {
        Matcher matcher = ERROR_PATTERN.matcher(currentUrl);
        assertTrue(matcher.find());
        String error = matcher.group(1);
        assertTrue(ERROR_NAME.equals(error));

        matcher = ERROR_DESCRIPTION_PATTERN.matcher(currentUrl);
        assertTrue(matcher.find());
        String errorDescription = matcher.group(1);
        assertTrue(errorDescription.contains(invalidScope));
    }
}