SEBSERV-313 for 1.3.4 patch
This commit is contained in:
parent
6ed3817bc4
commit
e3c532faf4
6 changed files with 64 additions and 5 deletions
|
@ -22,6 +22,7 @@ import org.apache.commons.lang3.BooleanUtils;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.context.annotation.Lazy;
|
import org.springframework.context.annotation.Lazy;
|
||||||
import org.springframework.core.env.Environment;
|
import org.springframework.core.env.Environment;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
@ -72,6 +73,13 @@ public class WebserviceInfo {
|
||||||
private final WebserviceInfoDAO webserviceInfoDAO;
|
private final WebserviceInfoDAO webserviceInfoDAO;
|
||||||
private boolean isMaster = false;
|
private boolean isMaster = false;
|
||||||
|
|
||||||
|
@Value("${sebserver.webservice.api.admin.accessTokenValiditySeconds:3600}")
|
||||||
|
private int adminAccessTokenValSec;
|
||||||
|
@Value("${sebserver.webservice.api.admin.refreshTokenValiditySeconds:-1}")
|
||||||
|
private int adminRefreshTokenValSec;
|
||||||
|
@Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:43200}")
|
||||||
|
private int examAPITokenValiditySeconds;
|
||||||
|
|
||||||
public WebserviceInfo(
|
public WebserviceInfo(
|
||||||
final WebserviceInfoDAO webserviceInfoDAO,
|
final WebserviceInfoDAO webserviceInfoDAO,
|
||||||
final Environment environment) {
|
final Environment environment) {
|
||||||
|
@ -249,6 +257,18 @@ public class WebserviceInfo {
|
||||||
.orElse(null);
|
.orElse(null);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public int getAdminAccessTokenValSec() {
|
||||||
|
return this.adminAccessTokenValSec;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getAdminRefreshTokenValSec() {
|
||||||
|
return this.adminRefreshTokenValSec;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getExamAPITokenValiditySeconds() {
|
||||||
|
return this.examAPITokenValiditySeconds;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String toString() {
|
public String toString() {
|
||||||
final StringBuilder builder = new StringBuilder();
|
final StringBuilder builder = new StringBuilder();
|
||||||
|
|
|
@ -150,6 +150,14 @@ public class WebserviceInit implements ApplicationListener<ApplicationReadyEvent
|
||||||
SEBServerInit.INIT_LOGGER.info("---->");
|
SEBServerInit.INIT_LOGGER.info("---->");
|
||||||
SEBServerInit.INIT_LOGGER.info("----> HTTP Scheme {}", this.webserviceInfo.getHttpScheme());
|
SEBServerInit.INIT_LOGGER.info("----> HTTP Scheme {}", this.webserviceInfo.getHttpScheme());
|
||||||
SEBServerInit.INIT_LOGGER.info("---->");
|
SEBServerInit.INIT_LOGGER.info("---->");
|
||||||
|
SEBServerInit.INIT_LOGGER.info("----> Access-Tokens:");
|
||||||
|
SEBServerInit.INIT_LOGGER.info(
|
||||||
|
"----> admin API access token validity: " + this.webserviceInfo.getAdminAccessTokenValSec() + "s");
|
||||||
|
SEBServerInit.INIT_LOGGER.info(
|
||||||
|
"----> admin API refresh token validity: " + this.webserviceInfo.getAdminRefreshTokenValSec() + "s");
|
||||||
|
SEBServerInit.INIT_LOGGER.info(
|
||||||
|
"----> exam API access token validity: " + this.webserviceInfo.getExamAPITokenValiditySeconds() + "s");
|
||||||
|
SEBServerInit.INIT_LOGGER.info("----> ");
|
||||||
SEBServerInit.INIT_LOGGER.info("----> Property Override Test: {}", this.webserviceInfo.getTestProperty());
|
SEBServerInit.INIT_LOGGER.info("----> Property Override Test: {}", this.webserviceInfo.getTestProperty());
|
||||||
|
|
||||||
SEBServerInit.INIT_LOGGER.info("---->");
|
SEBServerInit.INIT_LOGGER.info("---->");
|
||||||
|
|
|
@ -169,6 +169,7 @@ public class ClientConfigServiceImpl implements ClientConfigService {
|
||||||
private final WebserviceInfo webserviceInfo;
|
private final WebserviceInfo webserviceInfo;
|
||||||
private final CertificateDAO certificateDAO;
|
private final CertificateDAO certificateDAO;
|
||||||
private final long defaultPingInterval;
|
private final long defaultPingInterval;
|
||||||
|
private final int examAPITokenValiditySeconds;
|
||||||
|
|
||||||
protected ClientConfigServiceImpl(
|
protected ClientConfigServiceImpl(
|
||||||
final SEBClientConfigDAO sebClientConfigDAO,
|
final SEBClientConfigDAO sebClientConfigDAO,
|
||||||
|
@ -178,7 +179,8 @@ public class ClientConfigServiceImpl implements ClientConfigService {
|
||||||
final WebserviceInfo webserviceInfo,
|
final WebserviceInfo webserviceInfo,
|
||||||
final CertificateDAO certificateDAO,
|
final CertificateDAO certificateDAO,
|
||||||
@Qualifier(WebSecurityConfig.CLIENT_PASSWORD_ENCODER_BEAN_NAME) final PasswordEncoder clientPasswordEncoder,
|
@Qualifier(WebSecurityConfig.CLIENT_PASSWORD_ENCODER_BEAN_NAME) final PasswordEncoder clientPasswordEncoder,
|
||||||
@Value("${sebserver.webservice.api.exam.defaultPingInterval:1000}") final long defaultPingInterval) {
|
@Value("${sebserver.webservice.api.exam.defaultPingInterval:1000}") final long defaultPingInterval,
|
||||||
|
@Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:43200}") final int examAPITokenValiditySeconds) {
|
||||||
|
|
||||||
this.sebClientConfigDAO = sebClientConfigDAO;
|
this.sebClientConfigDAO = sebClientConfigDAO;
|
||||||
this.clientCredentialService = clientCredentialService;
|
this.clientCredentialService = clientCredentialService;
|
||||||
|
@ -188,6 +190,7 @@ public class ClientConfigServiceImpl implements ClientConfigService {
|
||||||
this.webserviceInfo = webserviceInfo;
|
this.webserviceInfo = webserviceInfo;
|
||||||
this.certificateDAO = certificateDAO;
|
this.certificateDAO = certificateDAO;
|
||||||
this.defaultPingInterval = defaultPingInterval;
|
this.defaultPingInterval = defaultPingInterval;
|
||||||
|
this.examAPITokenValiditySeconds = examAPITokenValiditySeconds;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -210,8 +213,8 @@ public class ClientConfigServiceImpl implements ClientConfigService {
|
||||||
|
|
||||||
baseClientDetails.setScope(Collections.emptySet());
|
baseClientDetails.setScope(Collections.emptySet());
|
||||||
baseClientDetails.setClientSecret(Utils.toString(pwd));
|
baseClientDetails.setClientSecret(Utils.toString(pwd));
|
||||||
baseClientDetails.setAccessTokenValiditySeconds(-1); // not expiring
|
baseClientDetails.setAccessTokenValiditySeconds(this.examAPITokenValiditySeconds);
|
||||||
baseClientDetails.setRefreshTokenValiditySeconds(-1); // not expiring
|
baseClientDetails.setRefreshTokenValiditySeconds(-1); // not used, not expiring
|
||||||
|
|
||||||
if (log.isDebugEnabled()) {
|
if (log.isDebugEnabled()) {
|
||||||
log.debug("Created new BaseClientDetails for id: {}", clientName);
|
log.debug("Created new BaseClientDetails for id: {}", clientName);
|
||||||
|
|
|
@ -101,7 +101,7 @@ public class WebServiceSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
private Integer adminAccessTokenValSec;
|
private Integer adminAccessTokenValSec;
|
||||||
@Value("${sebserver.webservice.api.admin.refreshTokenValiditySeconds:-1}")
|
@Value("${sebserver.webservice.api.admin.refreshTokenValiditySeconds:-1}")
|
||||||
private Integer adminRefreshTokenValSec;
|
private Integer adminRefreshTokenValSec;
|
||||||
@Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:3600}")
|
@Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:43200}")
|
||||||
private Integer examAccessTokenValSec;
|
private Integer examAccessTokenValSec;
|
||||||
|
|
||||||
@Lazy
|
@Lazy
|
||||||
|
|
|
@ -61,7 +61,7 @@ sebserver.webservice.api.exam.config.init.prohibitedProcesses=config/initialProh
|
||||||
sebserver.webservice.api.exam.endpoint=/exam-api
|
sebserver.webservice.api.exam.endpoint=/exam-api
|
||||||
sebserver.webservice.api.exam.endpoint.discovery=${sebserver.webservice.api.exam.endpoint}/discovery
|
sebserver.webservice.api.exam.endpoint.discovery=${sebserver.webservice.api.exam.endpoint}/discovery
|
||||||
sebserver.webservice.api.exam.endpoint.v1=${sebserver.webservice.api.exam.endpoint}/v1
|
sebserver.webservice.api.exam.endpoint.v1=${sebserver.webservice.api.exam.endpoint}/v1
|
||||||
sebserver.webservice.api.exam.accessTokenValiditySeconds=3600
|
sebserver.webservice.api.exam.accessTokenValiditySeconds=43200
|
||||||
sebserver.webservice.api.exam.event-handling-strategy=SINGLE_EVENT_STORE_STRATEGY
|
sebserver.webservice.api.exam.event-handling-strategy=SINGLE_EVENT_STORE_STRATEGY
|
||||||
sebserver.webservice.api.exam.enable-indicator-cache=true
|
sebserver.webservice.api.exam.enable-indicator-cache=true
|
||||||
sebserver.webservice.api.pagination.maxPageSize=500
|
sebserver.webservice.api.pagination.maxPageSize=500
|
||||||
|
|
|
@ -9,9 +9,18 @@
|
||||||
package ch.ethz.seb.sebserver.webservice.integration.api.exam;
|
package ch.ethz.seb.sebserver.webservice.integration.api.exam;
|
||||||
|
|
||||||
import static org.junit.Assert.assertNotNull;
|
import static org.junit.Assert.assertNotNull;
|
||||||
|
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
|
||||||
|
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
|
||||||
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
||||||
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||||
|
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
import org.springframework.boot.json.JacksonJsonParser;
|
||||||
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.test.context.jdbc.Sql;
|
import org.springframework.test.context.jdbc.Sql;
|
||||||
|
import org.springframework.test.web.servlet.ResultActions;
|
||||||
|
import org.springframework.util.LinkedMultiValueMap;
|
||||||
|
import org.springframework.util.MultiValueMap;
|
||||||
|
|
||||||
@Sql(scripts = { "classpath:schema-test.sql", "classpath:data-test.sql", "classpath:data-test-additional.sql" })
|
@Sql(scripts = { "classpath:schema-test.sql", "classpath:data-test.sql", "classpath:data-test-additional.sql" })
|
||||||
public class ExamAPIAccessTokenRequestTest extends ExamAPIIntegrationTester {
|
public class ExamAPIAccessTokenRequestTest extends ExamAPIIntegrationTester {
|
||||||
|
@ -22,4 +31,23 @@ public class ExamAPIAccessTokenRequestTest extends ExamAPIIntegrationTester {
|
||||||
assertNotNull(accessToken);
|
assertNotNull(accessToken);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testAccessTokenResponse() throws Exception {
|
||||||
|
final MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
|
||||||
|
params.add("grant_type", "client_credentials");
|
||||||
|
params.add("scope", "read write");
|
||||||
|
|
||||||
|
final ResultActions result = this.mockMvc.perform(post("/oauth/token")
|
||||||
|
.params(params)
|
||||||
|
.with(httpBasic("test", "test"))
|
||||||
|
.accept(MediaType.APPLICATION_JSON_VALUE))
|
||||||
|
.andExpect(status().isOk())
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8_VALUE));
|
||||||
|
|
||||||
|
final String resultString = result.andReturn().getResponse().getContentAsString();
|
||||||
|
final JacksonJsonParser jsonParser = new JacksonJsonParser();
|
||||||
|
final Object expiry = jsonParser.parseMap(resultString).get("expires_in");
|
||||||
|
assertNotNull(expiry);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue