Merge branch '114247167-identity-zone-test'

[Completes #114247167]

Author: nebhale

.idea/dictionaries/bhale.xml

@@ -14,9 +14,9 @@ run:
   path: cf-java-client/ci/integration-test.sh
 
 params:
+  TEST_ADMIN_CLIENTID:
+  TEST_ADMIN_CLIENTSECRET:
+  TEST_ADMIN_PASSWORD:
+  TEST_ADMIN_USERNAME:
   TEST_APIHOST:
-  TEST_PASSWORD:
   TEST_SKIPSSLVALIDATION:
-  TEST_UAA_CLIENTID:
-  TEST_UAA_CLIENTSECRET:
-  TEST_USERNAME:

.idea/runConfigurations/integration_test.xml

@@ -16,6 +16,7 @@
 
 package org.cloudfoundry.reactor;
 
+import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
 import org.cloudfoundry.reactor.util.DefaultSslCertificateTruster;
@@ -75,6 +76,7 @@ public HttpClient getHttpClient() {
     public ObjectMapper getObjectMapper() {
         ObjectMapper objectMapper = new ObjectMapper()
             .disable(FAIL_ON_UNKNOWN_PROPERTIES)
+            .enable(DeserializationFeature.ACCEPT_SINGLE_VALUE_AS_ARRAY)
             .registerModule(new Jdk8Module())
             .setSerializationInclusion(NON_NULL);
 

ci/integration-test.yml

@@ -23,6 +23,8 @@
 import org.cloudfoundry.reactor.util.JsonCodec;
 import org.cloudfoundry.reactor.util.NetworkLogging;
 import org.immutables.value.Value;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.web.util.UriComponentsBuilder;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
@@ -34,6 +36,8 @@
 
 abstract class AbstractUaaTokenProvider implements TokenProvider {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger("cloudfoundry-client.token");
+
     private static final Duration REFRESH_MARGIN = Duration.ofSeconds(10);
 
     private final Object refreshTokenMonitor = new Object();
@@ -103,6 +107,7 @@ private Mono<String> getTokenFlow(ConnectionContext connectionContext) {
             ))
             .repeat()
             .cast(String.class)
+            .doOnNext(token -> LOGGER.debug("JWT Token: {}", token))
             .cache(1)
             .next();
     }

cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/_DefaultConnectionContext.java

@@ -14,25 +14,25 @@
  * limitations under the License.
  */
 
-package org.cloudfoundry.uaa.identityzones;
+package org.cloudfoundry.reactor.tokenprovider;
 
-import com.fasterxml.jackson.annotation.JsonProperty;
-import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
-import org.cloudfoundry.Nullable;
+import org.cloudfoundry.reactor.TokenProvider;
 import org.immutables.value.Value;
+import org.springframework.web.util.UriComponentsBuilder;
 
 /**
- * The payload for the token policy keys
+ * The Client Credentials Grant implementation of {@link TokenProvider}
  */
-@JsonDeserialize
 @Value.Immutable
-abstract class _KeyInformation {
+abstract class _ClientCredentialsGrantTokenProvider extends AbstractUaaTokenProvider {
 
-    /**
-     * The Signing key
-     */
-    @JsonProperty("signingKey")
-    @Nullable
-    abstract String getSigningKey();
+    @Override
+    protected UriComponentsBuilder getAccessTokenUri(UriComponentsBuilder builder) {
+        return builder
+            .queryParam("client_id", getClientId())
+            .queryParam("client_secret", getClientSecret())
+            .queryParam("grant_type", "client_credentials")
+            .queryParam("response_type", "token");
+    }
 
 }

cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/tokenprovider/AbstractUaaTokenProvider.java

@@ -29,11 +29,11 @@ abstract class _PasswordGrantTokenProvider extends AbstractUaaTokenProvider {
     @Override
     protected UriComponentsBuilder getAccessTokenUri(UriComponentsBuilder builder) {
         return builder
-            .queryParam("grant_type", "password")
             .queryParam("client_id", getClientId())
             .queryParam("client_secret", getClientSecret())
-            .queryParam("username", getUsername())
-            .queryParam("password", getPassword());
+            .queryParam("grant_type", "password")
+            .queryParam("password", getPassword())
+            .queryParam("username", getUsername());
     }
 
     /**

cloudfoundry-client/src/main/java/org/cloudfoundry/uaa/identityzones/_KeyInformation.java renamed to cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/tokenprovider/_ClientCredentialsGrantTokenProvider.java

@@ -31,6 +31,7 @@
 import java.security.KeyFactory;
 import java.security.PublicKey;
 import java.security.spec.X509EncodedKeySpec;
+import java.util.Optional;
 
 import static org.cloudfoundry.util.tuple.TupleUtils.function;
 
@@ -81,7 +82,9 @@ private static Mono<PublicKey> getSigningKey(Tokens tokens) {
 
     private static String getUsername(PublicKey publicKey, String token) {
         Jws<Claims> jws = Jwts.parser().setSigningKey(publicKey).parseClaimsJws(token);
-        return jws.getBody().get("user_name", String.class);
+        return Optional
+            .ofNullable(jws.getBody().get("user_name", String.class))
+            .orElseThrow(() -> new IllegalStateException("Unable to retrieve username from token"));
     }
 
     private static Mono<GetTokenKeyResponse> requestTokenKey(Tokens tokens) {

cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/tokenprovider/_PasswordGrantTokenProvider.java

@@ -16,6 +16,7 @@
 
 package org.cloudfoundry.reactor;
 
+import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
 import okhttp3.mockwebserver.Dispatcher;
@@ -38,6 +39,7 @@ public abstract class AbstractRestTest {
         .httpClient(HttpClient.create())
         .objectMapper(new ObjectMapper()
             .addHandler(new FailingDeserializationProblemHandler())
+            .enable(DeserializationFeature.ACCEPT_SINGLE_VALUE_AS_ARRAY)
             .registerModule(new Jdk8Module())
             .setSerializationInclusion(NON_NULL))
         .build();

cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/uaa/UsernameProvider.java

@@ -40,7 +40,9 @@
 import static io.netty.handler.codec.http.HttpMethod.PUT;
 import static io.netty.handler.codec.http.HttpResponseStatus.CREATED;
 import static io.netty.handler.codec.http.HttpResponseStatus.OK;
+import static org.cloudfoundry.uaa.tokens.GrantType.AUTHORIZATION_CODE;
 import static org.cloudfoundry.uaa.tokens.GrantType.CLIENT_CREDENTIALS;
+import static org.cloudfoundry.uaa.tokens.GrantType.REFRESH_TOKEN;
 
 public final class ReactorClientsTest {
 
@@ -148,6 +150,66 @@ protected Mono<DeleteClientResponse> invoke(DeleteClientRequest request) {
         }
     }
 
+    public static final class Deserialize extends AbstractUaaApiTest<ListClientsRequest, ListClientsResponse> {
+
+        private final ReactorClients clients = new ReactorClients(CONNECTION_CONTEXT, this.root, TOKEN_PROVIDER);
+
+        @Override
+        protected InteractionContext getInteractionContext() {
+            return InteractionContext.builder()
+                .request(TestRequest.builder()
+                    .method(GET).path("/oauth/clients")
+                    .build())
+                .response(TestResponse.builder()
+                    .status(OK)
+                    .payload("fixtures/uaa/clients/GET_response_deserialize.json")
+                    .build())
+                .build();
+        }
+
+        @Override
+        protected ListClientsResponse getResponse() {
+            return ListClientsResponse.builder()
+                .resource(Client.builder()
+                    .action("none")
+                    .authority("uaa.none")
+                    .authorizedGrantType(AUTHORIZATION_CODE, REFRESH_TOKEN)
+                    .autoApprove("true")
+                    .clientId("ssh-proxy")
+                    .lastModified(1469112324000L)
+                    .redirectUriPattern("/login")
+                    .resourceId("none")
+                    .scope("openid", "cloud_controller.read", "cloud_controller.write")
+                    .build())
+                .resource(Client.builder()
+                    .action("none")
+                    .authority("routing.routes.write", "routing.routes.read")
+                    .authorizedGrantType(CLIENT_CREDENTIALS, REFRESH_TOKEN)
+                    .autoApprove("routing.routes.write", "routing.routes.read")
+                    .clientId("tcp_emitter")
+                    .lastModified(1469112324000L)
+                    .resourceId("none")
+                    .scope("uaa.none")
+                    .build())
+                .startIndex(1)
+                .itemsPerPage(2)
+                .totalResults(2)
+                .schema("http://cloudfoundry.org/schema/scim/oauth-clients-1.0")
+                .build();
+        }
+
+        @Override
+        protected ListClientsRequest getValidRequest() throws Exception {
+            return ListClientsRequest.builder()
+                .build();
+        }
+
+        @Override
+        protected Mono<ListClientsResponse> invoke(ListClientsRequest request) {
+            return this.clients.list(request);
+        }
+    }
+
     public static final class Get extends AbstractUaaApiTest<GetClientRequest, GetClientResponse> {
 
         private final ReactorClients clients = new ReactorClients(CONNECTION_CONTEXT, this.root, TOKEN_PROVIDER);