Class ValidateScopeTest
- java.lang.Object
-
- org.opensaml.core.testing.OpenSAMLInitBaseTestCase
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.BaseOIDCResponseActionTest
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.ValidateScopeTest
-
public class ValidateScopeTest extends BaseOIDCResponseActionTest
ValidateScopeunit test.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.BaseOIDCResponseActionTest
BaseOIDCResponseActionTest.MockRevocationCache
-
-
Field Summary
Fields Modifier and Type Field Description private net.shibboleth.idp.plugin.oidc.op.profile.impl.ValidateScopeactionAction to test.private com.nimbusds.openid.connect.sdk.rp.OIDCClientMetadatametaDataClient metadata.-
Fields inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.BaseOIDCResponseActionTest
clientId, credentialEC256, credentialEC384, credentialEC521, credentialHMAC, credentialRSA, idGenerator, metadataCtx, profileRequestCtx, request, requestCtx, respCtx, rpCtx, subject
-
-
Constructor Summary
Constructors Constructor Description ValidateScopeTest()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private voidinit()voidtestAuthnNoScopes()Test that action copes if there are no registered scopes in the metadata during an Authentication request.voidtestAuthnSuccess()Test that action filters out non valid scopes during an Authentication request.voidtestTokenClientCredentials()Test that action filters out unregistered scopes on back-channel with no prior grant.voidtestTokenGrantedScopes()Test that action filters out unregistered scopes on back-channel with prior grants.voidtestTokenNoGrantedScopes()Test that action filters out unregistered scopes on back-channel with prior grant of nothing.voidtestUserInfoGrantedScopes()Test that action filters out unregistered scopes on UserInfo with prior grants.-
Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.BaseOIDCResponseActionTest
addEntryToMap, getDataSealer, initializeDataSealer, setAuthenticationRequest, setIdTokenToResponseContext, setTokenRequest, setUp, setUserInfoRequest, setUserInfoResponseToResponseContext, signIdTokenInResponseContext, signUserInfoResponseInResponseContext
-
-
-
-
Method Detail
-
init
@BeforeMethod private void init() throws ComponentInitializationException, URISyntaxException
-
testAuthnSuccess
public void testAuthnSuccess() throws ComponentInitializationExceptionTest that action filters out non valid scopes during an Authentication request.The message here is created by the base class's setup method.
- Throws:
ComponentInitializationException
-
testAuthnNoScopes
public void testAuthnNoScopes() throws ComponentInitializationExceptionTest that action copes if there are no registered scopes in the metadata during an Authentication request.- Throws:
ComponentInitializationException
-
testTokenClientCredentials
public void testTokenClientCredentials() throws ComponentInitializationException, URISyntaxExceptionTest that action filters out unregistered scopes on back-channel with no prior grant.This is most common for the client_credentials grant, which has no prior step.
-
testTokenNoGrantedScopes
public void testTokenNoGrantedScopes() throws ComponentInitializationException, URISyntaxExceptionTest that action filters out unregistered scopes on back-channel with prior grant of nothing.This is likely impossible in practice, but theoretical.
-
testTokenGrantedScopes
public void testTokenGrantedScopes() throws ComponentInitializationException, URISyntaxExceptionTest that action filters out unregistered scopes on back-channel with prior grants.
-
testUserInfoGrantedScopes
public void testUserInfoGrantedScopes() throws ComponentInitializationException, URISyntaxExceptionTest that action filters out unregistered scopes on UserInfo with prior grants.Exercises case with prior grants but nothing requested.
-
-