1 /*
2  * Copyright 2015, Google Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are
6  * met:
7  *
8  *    * Redistributions of source code must retain the above copyright
9  * notice, this list of conditions and the following disclaimer.
10  *    * Redistributions in binary form must reproduce the above
11  * copyright notice, this list of conditions and the following disclaimer
12  * in the documentation and/or other materials provided with the
13  * distribution.
14  *
15  *    * Neither the name of Google Inc. nor the names of its
16  * contributors may be used to endorse or promote products derived from
17  * this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 package com.google.auth.oauth2;
33 
34 import com.google.api.client.http.HttpStatusCodes;
35 import com.google.api.client.http.HttpTransport;
36 import com.google.api.client.json.Json;
37 import com.google.api.client.testing.http.MockLowLevelHttpRequest;
38 import com.google.api.client.testing.http.MockLowLevelHttpResponse;
39 import com.google.auth.http.AuthHttpConstants;
40 import java.io.IOException;
41 
42 /** Mock transport to simulate an http server that checks tokens */
43 public class MockTokenCheckingTransport extends HttpTransport {
44 
45   public static final String SUCCESS_CONTENT = "{\"key\":\"value\"}";
46 
47   private MockTokenServerTransport tokenServer;
48   private String refreshToken;
49 
MockTokenCheckingTransport(MockTokenServerTransport tokenServer, String refreshToken)50   public MockTokenCheckingTransport(MockTokenServerTransport tokenServer, String refreshToken) {
51     this.tokenServer = tokenServer;
52     this.refreshToken = refreshToken;
53   }
54 
55   @Override
buildRequest(String method, String url)56   public MockLowLevelHttpRequest buildRequest(String method, String url) throws IOException {
57     return new MockLowLevelHttpRequest() {
58       @Override
59       public MockLowLevelHttpResponse execute() throws IOException {
60         String credentialValue = getFirstHeaderValue(AuthHttpConstants.AUTHORIZATION);
61         String correctAccessToken = tokenServer.getAccessToken(refreshToken);
62         if (credentialValue == null) {
63           return makeErrorResponse();
64         }
65         if (!credentialValue.startsWith(OAuth2Utils.BEARER_PREFIX)) {
66           return makeErrorResponse();
67         }
68         String actualAccessToken = credentialValue.substring(OAuth2Utils.BEARER_PREFIX.length());
69         if (!correctAccessToken.equals(actualAccessToken)) {
70           return makeErrorResponse();
71         } else {
72           return makeSuccessResponse();
73         }
74       }
75     };
76   }
77 
78   private MockLowLevelHttpResponse makeErrorResponse() {
79     MockLowLevelHttpResponse errorResponse = new MockLowLevelHttpResponse();
80     errorResponse.addHeader("custom_header", "value");
81     errorResponse.setStatusCode(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
82     errorResponse.setContentType(Json.MEDIA_TYPE);
83     errorResponse.setContent("{\"error\":\"invalid credentials\"}");
84     return errorResponse;
85   }
86 
87   private MockLowLevelHttpResponse makeSuccessResponse() {
88     MockLowLevelHttpResponse successResponse = new MockLowLevelHttpResponse();
89     successResponse.addHeader("custom_header", "value");
90     successResponse.setStatusCode(HttpStatusCodes.STATUS_CODE_OK);
91     successResponse.setContentType(Json.MEDIA_TYPE);
92     successResponse.setContent(SUCCESS_CONTENT);
93     return successResponse;
94   }
95 }
96