Skip to content

Commit

Permalink
fix: ensure access_token is available after introspect
Browse files Browse the repository at this point in the history
Update the code to ensure the access token is available after
validating the token using token introspect

Contributes to: eclipse-vertx#659

Signed-off-by: Chris Patmore <[email protected]>
  • Loading branch information
chrispatmore authored and Chris Patmore committed Aug 30, 2023
1 parent 79ad928 commit 8df2482
Showing 2 changed files with 20 additions and 9 deletions.
Original file line number Diff line number Diff line change
@@ -326,7 +326,7 @@ public Future<User> authenticate(Credentials credentials) {

// attempt to create a user from the json object
final User newUser = createUser(
json,
json.put("access_token", tokenCredentials.getToken()),
user.attributes().containsKey("missing-kid"));

// final step, verify if the user is not expired
Original file line number Diff line number Diff line change
@@ -141,12 +141,11 @@ public void introspectAccessToken(TestContext should) {
should.assertNotNull(token2);
JsonObject principal = token2.principal().copy();

// clean time specific value
principal.remove("expires_at");
principal.remove("access_token");
principal.remove("opaque");

final JsonObject assertion = fixtureIntrospect.copy();
// principal should be identified as opaque
assertion.put("opaque", true);
// access token should be present in the principal
assertion.put("access_token", token);

should.assertEquals(assertion.getMap(), principal.getMap());

@@ -180,11 +179,13 @@ public void introspectAccessTokenGoogleWay(TestContext should) {
should.assertNotNull(token);
// make a copy because later we need to original data
JsonObject principal = token.principal().copy();
// clean time specific value
principal.remove("opaque");

// clean up control
final JsonObject assertion = fixtureGoogle.copy();
// principal should be identified as opaque
assertion.put("opaque", true);
// access token should be present in the principal
assertion.put("access_token", OAuth2IntrospectTest.token);

should.assertEquals(assertion.getMap(), principal.getMap());

@@ -230,7 +231,17 @@ public void introspectAccessTokenKeyCloakWay(TestContext should) {
} else {
User token = res.result();
should.assertNotNull(token);
should.assertNotNull(token.principal());
// make a copy because later we need to original data
JsonObject principal = token.principal().copy();

// clean up control
final JsonObject assertion = fixtureKeycloak.copy();
// principal should be identified as opaque
assertion.put("opaque", true);
// access token should be present in the principal
assertion.put("access_token", OAuth2IntrospectTest.token);

should.assertEquals(assertion.getMap(), principal.getMap());
test.complete();
}
});

0 comments on commit 8df2482

Please sign in to comment.