OAuth2ExceptionJackson2DeserializerTests.java

/*
 * Copyright 2011 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
 * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations under the License.
 */
package org.springframework.security.oauth2.common.exception;

import static org.junit.Assert.assertEquals;

import org.junit.BeforeClass;
import org.junit.Test;
import org.springframework.security.oauth2.common.exceptions.*;

import com.fasterxml.jackson.databind.ObjectMapper;

/**
 *
 * @author Rob Winch
 * @author Dave Syer
 *
 */
public class OAuth2ExceptionJackson2DeserializerTests {
	private static final String DETAILS = "some detail";
	private static ObjectMapper mapper;

	@BeforeClass
	public static void setUpClass() {
		mapper = new ObjectMapper();
	}

	@Test
	public void readValueInvalidGrant() throws Exception {
		String accessToken = createResponse(OAuth2Exception.INVALID_GRANT);
		InvalidGrantException result = (InvalidGrantException) mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueInvalidRequest() throws Exception {
		String accessToken = createResponse(OAuth2Exception.INVALID_REQUEST);
		InvalidRequestException result = (InvalidRequestException) mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueInvalidScope() throws Exception {
		String accessToken = createResponse(OAuth2Exception.INVALID_SCOPE);
		InvalidScopeException result = (InvalidScopeException) mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueIsufficientScope() throws Exception {
		String accessToken = "{\"error\": \"insufficient_scope\", \"error_description\": \"insufficient scope\", \"scope\": \"bar foo\"}";
		InsufficientScopeException result = (InsufficientScopeException) mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals("insufficient scope",result.getMessage());
		assertEquals("bar foo",result.getAdditionalInformation().get("scope").toString());
	}

	@Test
	public void readValueUnsupportedGrantType() throws Exception {
		String accessToken = createResponse(OAuth2Exception.UNSUPPORTED_GRANT_TYPE);
		UnsupportedGrantTypeException result = (UnsupportedGrantTypeException) mapper.readValue(accessToken,
				OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueUnauthorizedClient() throws Exception {
		String accessToken = createResponse(OAuth2Exception.UNAUTHORIZED_CLIENT);
		UnauthorizedClientException result = (UnauthorizedClientException) mapper.readValue(accessToken,
				OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueAccessDenied() throws Exception {
		String accessToken = createResponse(OAuth2Exception.ACCESS_DENIED);
		UserDeniedAuthorizationException result = (UserDeniedAuthorizationException) mapper.readValue(accessToken,
				OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueRedirectUriMismatch() throws Exception {
		String accessToken = createResponse(OAuth2Exception.INVALID_GRANT, "Redirect URI mismatch.");
		RedirectMismatchException result = (RedirectMismatchException) mapper.readValue(accessToken,
				OAuth2Exception.class);
		assertEquals("Redirect URI mismatch.",result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueInvalidToken() throws Exception {
		String accessToken = createResponse(OAuth2Exception.INVALID_TOKEN);
		InvalidTokenException result = (InvalidTokenException) mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueUndefinedException() throws Exception {
		String accessToken = createResponse("notdefinedcode");
		OAuth2Exception result = mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueInvalidClient() throws Exception {
		String accessToken = createResponse(OAuth2Exception.INVALID_CLIENT);
		InvalidClientException result = (InvalidClientException) mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals(null,result.getAdditionalInformation());
	}

	@Test
	public void readValueWithAdditionalDetails() throws Exception {
		String accessToken = "{\"error\": \"invalid_client\", \"error_description\": \"some detail\", \"foo\": \"bar\"}";
		InvalidClientException result = (InvalidClientException) mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals(DETAILS,result.getMessage());
		assertEquals("{foo=bar}",result.getAdditionalInformation().toString());
	}

	@Test
	public void readValueWithObjects() throws Exception {
		String accessToken = "{\"error\": [\"invalid\",\"client\"], \"error_description\": {\"some\":\"detail\"}, \"foo\": [\"bar\"]}";
		OAuth2Exception result = mapper.readValue(accessToken, OAuth2Exception.class);
		assertEquals("{some=detail}",result.getMessage());
		assertEquals("{foo=[bar]}",result.getAdditionalInformation().toString());
	}

	// gh-594
	@Test
	public void readValueWithNullErrorDescription() throws Exception {
		OAuth2Exception ex = new OAuth2Exception(null);
		OAuth2Exception result = mapper.readValue(mapper.writeValueAsString(ex), OAuth2Exception.class);
		// Null error description defaults to error code when deserialized
		assertEquals(ex.getOAuth2ErrorCode(), result.getMessage());
	}

	private String createResponse(String error, String message) {
		return "{\"error\":\"" + error + "\",\"error_description\":\""+message+"\"}";
	}

	private String createResponse(String error) {
		return createResponse(error, DETAILS);
	}

}