MultipleTokensPerUserAndScopeTest.java example

Explorer
ORCID-Source-master
/**
 * =============================================================================
 *
 * ORCID (R) Open Source
 * http://orcid.org
 *
 * Copyright (c) 2012-2014 ORCID, Inc.
 * Licensed under an MIT-Style License (MIT)
 * http://orcid.org/open-source-license
 *
 * This copyright and license information (including a link to the full license)
 * shall be included in its entirety in all copies or substantial portion of
 * the software.
 *
 * =============================================================================
 */
package org.orcid.integration.blackbox.api.v2.rc1;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;

import java.net.URISyntaxException;
import java.util.List;

import javax.ws.rs.core.Response;

import org.codehaus.jettison.json.JSONException;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.orcid.jaxb.model.message.ScopePathType;
import org.orcid.jaxb.model.record.summary_rc1.ActivitiesSummary;
import org.orcid.jaxb.model.record_rc1.Work;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

import com.sun.jersey.api.client.ClientResponse;

@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = { "classpath:test-context.xml" })
public class MultipleTokensPerUserAndScopeTest extends BlackBoxBaseRC1 {
    
    @Test
    public void useSameScopesGetDifferentTokensTest() throws InterruptedException, JSONException, URISyntaxException {
        List<String> scopes = getScopes(ScopePathType.READ_LIMITED);
        String token1 = getNonCachedAccessTokens(getUser1UserName(), getUser1Password(), scopes, getClient1ClientId(), getClient1ClientSecret(), getClient1RedirectUri());
        String token2 = getNonCachedAccessTokens(getUser1UserName(), getUser1Password(), scopes, getClient1ClientId(), getClient1ClientSecret(), getClient1RedirectUri());

        // Check the scopes are not null
        assertNotNull(token1);
        assertNotNull(token2);
        assertFalse(token1.equals(token2));

        // Check token 1 is working
        ClientResponse token1Response = memberV2ApiClient.viewActivities(this.getUser1OrcidId(), token1);
        assertNotNull(token1Response);
        assertEquals(Response.Status.OK.getStatusCode(), token1Response.getStatus());
        ActivitiesSummary token1Activities = token1Response.getEntity(ActivitiesSummary.class);
        assertNotNull(token1Activities);

        // Check token 2 is working
        ClientResponse token2Response = memberV2ApiClient.viewActivities(this.getUser1OrcidId(), token2);
        assertNotNull(token2Response);
        assertEquals(Response.Status.OK.getStatusCode(), token2Response.getStatus());
        ActivitiesSummary token2Activities = token2Response.getEntity(ActivitiesSummary.class);
        assertNotNull(token2Activities);

        assertTrue(token1Activities.equals(token2Activities));
        
        // Check tokens works just for his scopes
        Work workToCreate = (Work) unmarshallFromPath("/record_2.0_rc1/samples/work-2.0_rc1.xml", Work.class);
        workToCreate.setPutCode(null);
        workToCreate.getWorkTitle().getTitle().setContent("Title " + System.currentTimeMillis());
        
        ClientResponse token1AddWorkresponse = memberV2ApiClient.createWorkXml(this.getUser1OrcidId(), workToCreate, token1);
        assertNotNull(token1AddWorkresponse);
        assertEquals(Response.Status.FORBIDDEN.getStatusCode(), token1AddWorkresponse.getStatus());
                
        ClientResponse token2AddWorkresponse = memberV2ApiClient.createWorkXml(this.getUser1OrcidId(), workToCreate, token2);
        assertNotNull(token2AddWorkresponse);
        assertEquals(Response.Status.FORBIDDEN.getStatusCode(), token2AddWorkresponse.getStatus());  
        
        // Check a new token with other scope can add the work
        scopes.add(ScopePathType.ACTIVITIES_UPDATE.value());
        String token3 = getNonCachedAccessTokens(getUser1UserName(), getUser1Password(), scopes, getClient1ClientId(), getClient1ClientSecret(), getClient1RedirectUri());
        assertNotNull(token3);
        assertFalse(token1.equals(token3));
        
        // Check token 3 is working
        ClientResponse token3Response = memberV2ApiClient.viewActivities(this.getUser1OrcidId(), token3);
        assertNotNull(token3Response);
        assertEquals(Response.Status.OK.getStatusCode(), token3Response.getStatus());
        ActivitiesSummary token3Activities = token3Response.getEntity(ActivitiesSummary.class);
        assertNotNull(token3Activities);
        
        assertTrue(token1Activities.equals(token3Activities));
        
        //Check that token 3 can add works
        ClientResponse token3AddWorkresponse = memberV2ApiClient.createWorkXml(this.getUser1OrcidId(), workToCreate, token3);
        assertNotNull(token3AddWorkresponse);
        assertEquals(Response.Status.CREATED.getStatusCode(), token3AddWorkresponse.getStatus());
        
        ClientResponse getResponse = memberV2ApiClient.viewLocationXml(token3AddWorkresponse.getLocation(), token3);
        assertEquals(Response.Status.OK.getStatusCode(), getResponse.getStatus());
        Work gotWork = getResponse.getEntity(Work.class);
        assertNotNull(gotWork);
        assertNotNull(gotWork.getPutCode());
        
        ClientResponse deleteNewWork = memberV2ApiClient.deleteWorkXml(getUser1OrcidId(), gotWork.getPutCode(), token3);
        assertNotNull(deleteNewWork);
        assertEquals(ClientResponse.Status.NO_CONTENT.getStatusCode(), deleteNewWork.getStatus());
    }          
}