From cffe29f57f0d042b97451633ca16ebe5b4e42499 Mon Sep 17 00:00:00 2001 From: Prasanna Dangalla Date: Mon, 5 Dec 2022 09:10:42 +0530 Subject: [PATCH] Added test cases for https://github.com/wso2-enterprise/wso2-apim-internal/issues/571 . --- .../am/integration/tests/jwt/JWTTestCase.java | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/jwt/JWTTestCase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/jwt/JWTTestCase.java index dcb6506b30..5cf48d8ec3 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/jwt/JWTTestCase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/jwt/JWTTestCase.java @@ -402,6 +402,43 @@ public void testBackendJWTWithClientCredentialsGrant() throws Exception { } + @Test(groups = {"wso2.am"}, description = "Incorrect JWT API Invocation") + public void testInvocationWithIncorrectJWT() throws Exception { + APIRequest apiRequest = new APIRequest(apiName + "1", apiContext+ "1", new URL(endpointURL)); + apiRequest.setVersion(apiVersion); + apiRequest.setVisibility("public"); + apiRequest.setProvider(providerName); + + List securitySchemes = new ArrayList<>(); + securitySchemes.add("oauth2"); + securitySchemes.add("api_key"); + apiRequest.setSecurityScheme(securitySchemes); + + apiId = createAndPublishAPIUsingRest(apiRequest, restAPIPublisher, false); + restAPIStore.subscribeToAPI(apiId, oauthApplicationId, TIER_GOLD); + + ArrayList grantTypes = new ArrayList<>(); + grantTypes.add(APIMIntegrationConstants.GRANT_TYPE.CLIENT_CREDENTIAL); + grantTypes.add(APIMIntegrationConstants.GRANT_TYPE.PASSWORD); + grantTypes.add(APIMIntegrationConstants.GRANT_TYPE.AUTHORIZATION_CODE); + //generate keys + ApplicationKeyDTO applicationKeyDTO= restAPIStore.generateKeys(oauthApplicationId, "36000", CALLBACK_URL, + ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, null, grantTypes, null); + + String accessToken = applicationKeyDTO.getToken(); + + HttpClient httpclient = HttpClientBuilder.create().build(); + HttpGet get = new HttpGet(getAPIInvocationURLHttp(apiContext, apiVersion)); + get.addHeader("Authorization", "Bearer " + accessToken); + HttpResponse response = httpclient.execute(get); + Assert.assertEquals(response.getStatusLine().getStatusCode(), 900901, + "Response code mismatched when api invocation"); + + createClaimMapping(); + waitForAPIDeploymentSync(user.getUserName(), apiRequest.getName(), apiRequest.getVersion(), + APIMIntegrationConstants.IS_API_EXISTS); + } + @Test(groups = { "wso2.am" }, description = "Backend JWT Token Generation with Auth Code Grant Type") public void testBackendJWTWithAuthCodeGrant() throws Exception {