Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed https://github.com/auth0/Auth0.Android/issues/726 #727

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -284,8 +284,9 @@ public class CredentialsManager @VisibleForTesting(otherwise = VisibleForTesting
}
val request = authenticationClient.renewAuth(refreshToken)
request.addParameters(parameters)
if (scope != null) {
request.addParameter("scope", scope)
val scopeForRenew = scope ?: storedScope
if (scopeForRenew != null) {
request.addParameter("scope", scopeForRenew)
}

for (header in headers) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -555,6 +555,180 @@ public class CredentialsManagerTest {
MatcherAssert.assertThat(retrievedCredentials.scope, Is.`is`("newScope"))
}

@Test
public fun shouldRenewExpiredCredentialsIfSavedScopeIsNotNullAndRequiredScopeIsNull() {
Mockito.`when`(storage.retrieveString("com.auth0.id_token")).thenReturn("idToken")
Mockito.`when`(storage.retrieveString("com.auth0.access_token")).thenReturn("accessToken")
Mockito.`when`(storage.retrieveString("com.auth0.refresh_token")).thenReturn("refreshToken")
Mockito.`when`(storage.retrieveString("com.auth0.token_type")).thenReturn("type")
val expirationTime = CredentialsMock.CURRENT_TIME_MS // expired credentials
Mockito.`when`(storage.retrieveLong("com.auth0.expires_at")).thenReturn(expirationTime)
Mockito.`when`(storage.retrieveLong("com.auth0.cache_expires_at"))
.thenReturn(expirationTime)
Mockito.`when`(storage.retrieveString("com.auth0.scope")).thenReturn("saved scope")
Mockito.`when`(
client.renewAuth("refreshToken")
).thenReturn(request)
val newDate = Date(CredentialsMock.ONE_HOUR_AHEAD_MS + ONE_HOUR_SECONDS * 1000)
val jwtMock = mock<Jwt>()
Mockito.`when`(jwtMock.expiresAt).thenReturn(newDate)
Mockito.`when`(jwtDecoder.decode("newId")).thenReturn(jwtMock)

// Trigger success
val newRefresh: String? = null
val renewedCredentials =
Credentials("newId", "newAccess", "newType", newRefresh, newDate, "newScope")
Mockito.`when`(request.execute()).thenReturn(renewedCredentials)
manager.getCredentials(null, 0, callback)
verify(callback).onSuccess(
credentialsCaptor.capture()
)
verify(request)
.addParameter(eq("scope"), eq("saved scope"))

// Verify the credentials are property stored
verify(storage).store("com.auth0.id_token", renewedCredentials.idToken)
verify(storage).store("com.auth0.access_token", renewedCredentials.accessToken)
// RefreshToken should not be replaced
verify(storage, never()).store("com.auth0.refresh_token", newRefresh)
verify(storage).store("com.auth0.refresh_token", "refreshToken")
verify(storage).store("com.auth0.token_type", renewedCredentials.type)
verify(storage).store(
"com.auth0.expires_at", renewedCredentials.expiresAt.time
)
verify(storage).store("com.auth0.scope", renewedCredentials.scope)
verify(storage).store(
"com.auth0.cache_expires_at", renewedCredentials.expiresAt.time
)
verify(storage, never()).remove(ArgumentMatchers.anyString())

// Verify the returned credentials are the latest
val retrievedCredentials = credentialsCaptor.firstValue
MatcherAssert.assertThat(retrievedCredentials, Is.`is`(Matchers.notNullValue()))
MatcherAssert.assertThat(retrievedCredentials.idToken, Is.`is`("newId"))
MatcherAssert.assertThat(retrievedCredentials.accessToken, Is.`is`("newAccess"))
MatcherAssert.assertThat(retrievedCredentials.type, Is.`is`("newType"))
MatcherAssert.assertThat(retrievedCredentials.refreshToken, Is.`is`("refreshToken"))
MatcherAssert.assertThat(retrievedCredentials.expiresAt, Is.`is`(newDate))
MatcherAssert.assertThat(retrievedCredentials.scope, Is.`is`("newScope"))
}

@Test
public fun shouldRenewExpiredCredentialsIfSavedScopeIsNullAndRequiredScopeIsNotNull() {
Mockito.`when`(storage.retrieveString("com.auth0.id_token")).thenReturn("idToken")
Mockito.`when`(storage.retrieveString("com.auth0.access_token")).thenReturn("accessToken")
Mockito.`when`(storage.retrieveString("com.auth0.refresh_token")).thenReturn("refreshToken")
Mockito.`when`(storage.retrieveString("com.auth0.token_type")).thenReturn("type")
val expirationTime = CredentialsMock.CURRENT_TIME_MS // expired credentials
Mockito.`when`(storage.retrieveLong("com.auth0.expires_at")).thenReturn(expirationTime)
Mockito.`when`(storage.retrieveLong("com.auth0.cache_expires_at"))
.thenReturn(expirationTime)
Mockito.`when`(storage.retrieveString("com.auth0.scope")).thenReturn(null)
Mockito.`when`(
client.renewAuth("refreshToken")
).thenReturn(request)
val newDate = Date(CredentialsMock.ONE_HOUR_AHEAD_MS + ONE_HOUR_SECONDS * 1000)
val jwtMock = mock<Jwt>()
Mockito.`when`(jwtMock.expiresAt).thenReturn(newDate)
Mockito.`when`(jwtDecoder.decode("newId")).thenReturn(jwtMock)

// Trigger success
val newRefresh: String? = null
val renewedCredentials =
Credentials("newId", "newAccess", "newType", newRefresh, newDate, "newScope")
Mockito.`when`(request.execute()).thenReturn(renewedCredentials)
manager.getCredentials("required scope", 0, callback)
verify(callback).onSuccess(
credentialsCaptor.capture()
)
verify(request)
.addParameter(eq("scope"), eq("required scope"))

// Verify the credentials are property stored
verify(storage).store("com.auth0.id_token", renewedCredentials.idToken)
verify(storage).store("com.auth0.access_token", renewedCredentials.accessToken)
// RefreshToken should not be replaced
verify(storage, never()).store("com.auth0.refresh_token", newRefresh)
verify(storage).store("com.auth0.refresh_token", "refreshToken")
verify(storage).store("com.auth0.token_type", renewedCredentials.type)
verify(storage).store(
"com.auth0.expires_at", renewedCredentials.expiresAt.time
)
verify(storage).store("com.auth0.scope", renewedCredentials.scope)
verify(storage).store(
"com.auth0.cache_expires_at", renewedCredentials.expiresAt.time
)
verify(storage, never()).remove(ArgumentMatchers.anyString())

// Verify the returned credentials are the latest
val retrievedCredentials = credentialsCaptor.firstValue
MatcherAssert.assertThat(retrievedCredentials, Is.`is`(Matchers.notNullValue()))
MatcherAssert.assertThat(retrievedCredentials.idToken, Is.`is`("newId"))
MatcherAssert.assertThat(retrievedCredentials.accessToken, Is.`is`("newAccess"))
MatcherAssert.assertThat(retrievedCredentials.type, Is.`is`("newType"))
MatcherAssert.assertThat(retrievedCredentials.refreshToken, Is.`is`("refreshToken"))
MatcherAssert.assertThat(retrievedCredentials.expiresAt, Is.`is`(newDate))
MatcherAssert.assertThat(retrievedCredentials.scope, Is.`is`("newScope"))
}

@Test
public fun shouldRenewExpiredCredentialsWhenScopesAreNull() {
Mockito.`when`(storage.retrieveString("com.auth0.id_token")).thenReturn("idToken")
Mockito.`when`(storage.retrieveString("com.auth0.access_token")).thenReturn("accessToken")
Mockito.`when`(storage.retrieveString("com.auth0.refresh_token")).thenReturn("refreshToken")
Mockito.`when`(storage.retrieveString("com.auth0.token_type")).thenReturn("type")
val expirationTime = CredentialsMock.CURRENT_TIME_MS // expired credentials
Mockito.`when`(storage.retrieveLong("com.auth0.expires_at")).thenReturn(expirationTime)
Mockito.`when`(storage.retrieveLong("com.auth0.cache_expires_at"))
.thenReturn(expirationTime)
Mockito.`when`(storage.retrieveString("com.auth0.scope")).thenReturn(null)
Mockito.`when`(
client.renewAuth("refreshToken")
).thenReturn(request)
val newDate = Date(CredentialsMock.ONE_HOUR_AHEAD_MS + ONE_HOUR_SECONDS * 1000)
val jwtMock = mock<Jwt>()
Mockito.`when`(jwtMock.expiresAt).thenReturn(newDate)
Mockito.`when`(jwtDecoder.decode("newId")).thenReturn(jwtMock)

// Trigger success
val newRefresh: String? = null
val renewedCredentials =
Credentials("newId", "newAccess", "newType", newRefresh, newDate, "newScope")
Mockito.`when`(request.execute()).thenReturn(renewedCredentials)
manager.getCredentials(null, 0, callback)
verify(callback).onSuccess(
credentialsCaptor.capture()
)
verify(request, never())
.addParameter(eq("scope"), ArgumentMatchers.anyString())

// Verify the credentials are property stored
verify(storage).store("com.auth0.id_token", renewedCredentials.idToken)
verify(storage).store("com.auth0.access_token", renewedCredentials.accessToken)
// RefreshToken should not be replaced
verify(storage, never()).store("com.auth0.refresh_token", newRefresh)
verify(storage).store("com.auth0.refresh_token", "refreshToken")
verify(storage).store("com.auth0.token_type", renewedCredentials.type)
verify(storage).store(
"com.auth0.expires_at", renewedCredentials.expiresAt.time
)
verify(storage).store("com.auth0.scope", renewedCredentials.scope)
verify(storage).store(
"com.auth0.cache_expires_at", renewedCredentials.expiresAt.time
)
verify(storage, never()).remove(ArgumentMatchers.anyString())

// Verify the returned credentials are the latest
val retrievedCredentials = credentialsCaptor.firstValue
MatcherAssert.assertThat(retrievedCredentials, Is.`is`(Matchers.notNullValue()))
MatcherAssert.assertThat(retrievedCredentials.idToken, Is.`is`("newId"))
MatcherAssert.assertThat(retrievedCredentials.accessToken, Is.`is`("newAccess"))
MatcherAssert.assertThat(retrievedCredentials.type, Is.`is`("newType"))
MatcherAssert.assertThat(retrievedCredentials.refreshToken, Is.`is`("refreshToken"))
MatcherAssert.assertThat(retrievedCredentials.expiresAt, Is.`is`(newDate))
MatcherAssert.assertThat(retrievedCredentials.scope, Is.`is`("newScope"))
}

@Test
public fun shouldRenewCredentialsWithMinTtl() {
Mockito.`when`(storage.retrieveString("com.auth0.id_token")).thenReturn("idToken")
Expand Down Expand Up @@ -642,8 +816,8 @@ public class CredentialsManagerTest {
verify(callback).onSuccess(
credentialsCaptor.capture()
)
verify(request, never())
.addParameter(eq("scope"), ArgumentMatchers.anyString())
verify(request)
.addParameter(eq("scope"), eq("scope"))

// Verify the credentials are property stored
verify(storage).store("com.auth0.id_token", renewedCredentials.idToken)
Expand Down
Loading