diff --git a/Server/src/main/java/org/xdi/oxauth/auth/AuthenticationFilter.java b/Server/src/main/java/org/xdi/oxauth/auth/AuthenticationFilter.java index 4a9824a810..27efa8455c 100644 --- a/Server/src/main/java/org/xdi/oxauth/auth/AuthenticationFilter.java +++ b/Server/src/main/java/org/xdi/oxauth/auth/AuthenticationFilter.java @@ -30,7 +30,6 @@ import org.xdi.oxauth.model.token.ClientAssertionType; import org.xdi.oxauth.model.token.TokenErrorResponseType; import org.xdi.oxauth.model.util.Util; -import org.xdi.oxauth.service.AuthenticationService; import org.xdi.oxauth.service.ClientService; import org.xdi.oxauth.service.SessionIdService; import org.xdi.util.StringHelper; @@ -41,7 +40,6 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import java.io.IOException; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; @@ -74,7 +72,8 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo @Override public void process() { try { - if (httpRequest.getRequestURL().toString().equals(ConfigurationFactory.instance().getConfiguration().getTokenEndpoint())) { + final String requestUrl = httpRequest.getRequestURL().toString(); + if (requestUrl.equals(ConfigurationFactory.instance().getConfiguration().getTokenEndpoint()) || isLocalEmbeddedTest(requestUrl)) { if (httpRequest.getParameter("client_assertion") != null && httpRequest.getParameter("client_assertion_type") != null) { processJwtAuth(httpRequest, httpResponse, filterChain); @@ -116,6 +115,11 @@ public void process() { }.run(); } + private boolean isLocalEmbeddedTest(String requestUrl) { + return Boolean.parseBoolean(System.getProperty("seam.local.test")) && + requestUrl.equals("http://localhost:80/seam/resource/restv1/oxauth/token"); + } + private void processSessionAuth(String p_sessionId, SessionIdService sessionIdService, HttpServletRequest p_httpRequest, HttpServletResponse p_httpResponse, FilterChain p_filterChain) throws IOException, ServletException { boolean requireAuth; diff --git a/Server/src/main/java/org/xdi/oxauth/model/token/ClientAssertion.java b/Server/src/main/java/org/xdi/oxauth/model/token/ClientAssertion.java index 848561d485..60c9ef9370 100644 --- a/Server/src/main/java/org/xdi/oxauth/model/token/ClientAssertion.java +++ b/Server/src/main/java/org/xdi/oxauth/model/token/ClientAssertion.java @@ -115,7 +115,7 @@ private boolean load(String clientId, ClientAssertionType clientAssertionType, S throw new InvalidJwtException("JWT has expired"); } } else { - throw new InvalidJwtException("Invalid audience"); + throw new InvalidJwtException("Invalid audience: " + audience + ", tokenUrl: " + tokenUrl); } } else { throw new InvalidJwtException("Invalid clientId"); diff --git a/Server/src/main/java/org/xdi/oxauth/service/external/ExternalAuthenticationService.java b/Server/src/main/java/org/xdi/oxauth/service/external/ExternalAuthenticationService.java index 8179a0a8c0..3535f656c5 100644 --- a/Server/src/main/java/org/xdi/oxauth/service/external/ExternalAuthenticationService.java +++ b/Server/src/main/java/org/xdi/oxauth/service/external/ExternalAuthenticationService.java @@ -233,7 +233,8 @@ public int executeExternalGetApiVersion(CustomScriptConfiguration customScriptCo } public boolean isEnabled(AuthenticationScriptUsageType usageType) { - return this.customScriptConfigurationsMapByUsageType.get(usageType).size() > 0; + return this.customScriptConfigurationsMapByUsageType != null && + this.customScriptConfigurationsMapByUsageType.get(usageType).size() > 0; } public CustomScriptConfiguration getExternalAuthenticatorByAuthLevel(AuthenticationScriptUsageType usageType, int authLevel) { diff --git a/Server/src/test/resources/testng.properties b/Server/src/test/resources/testng.properties index 047fed0d48..60abb986b5 100644 --- a/Server/src/test/resources/testng.properties +++ b/Server/src/test/resources/testng.properties @@ -13,9 +13,9 @@ federationMetadataPath=/restv1/oxauth/federationmetadata federationPath=/restv1/oxauth/federation idGenerationPath=/restv1/id introspectionPath=/restv1/introspection -userId=${auth.user.uid} -userSecret=${auth.user.password} -userInum=${auth.user.inum} +userId=yuriy +userSecret=secret +userInum=@!1111!0000!DDD1 userEmail=${auth.user.email} clientId=${auth.client.id} clientSecret=${auth.client.secret} diff --git a/pom.xml b/pom.xml index f5440c118e..85a7795325 100644 --- a/pom.xml +++ b/pom.xml @@ -675,7 +675,7 @@ false false false - -Dsun.lang.ClassLoader.allowArraySyntax=true + -Dsun.lang.ClassLoader.allowArraySyntax=true -Dseam.local.test=true target/test-classes/testng.xml @@ -748,7 +748,7 @@ false false false - -Dsun.lang.ClassLoader.allowArraySyntax=true + -Dsun.lang.ClassLoader.allowArraySyntax=true -Dseam.local.test=true target/test-classes/testng-benchmark.xml