Skip to content

Update for latest cwms-data-api-client and OpenID Connect changes. #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
MikeNeilson merged 3 commits into from
Nov 10, 2025
Merged

Update for latest cwms-data-api-client and OpenID Connect changes. #39

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c46068f
Update for latest cwms-data-api-client and OpenID Connect changes.
MikeNeilson Nov 5, 2025
5f58141
Correct behavior of token provider. Still need to update test.
MikeNeilson Nov 5, 2025
e410048
Setup a more flexible cumulus/auth mock for test.
MikeNeilson Nov 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,4 @@ build
**/bin
**/.idea/
lib/
.vscode
2 changes: 1 addition & 1 deletion build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ subprojects {
}

jacoco {
toolVersion = "0.8.7"
toolVersion = "0.8.11"
}

jacocoTestReport {
Expand Down
2 changes: 1 addition & 1 deletion cumulus-client/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ dependencies {
testImplementation(libs.mockito.junit.jupiter)
testImplementation(libs.jackson.databind)
testImplementation(libs.jackson.jsr310)
testImplementation(libs.okhttp.mockwebserver)

testRuntimeOnly(libs.okhttp.mockwebserver)
testRuntimeOnly(libs.junit.engine)
}

Expand Down
15 changes: 7 additions & 8 deletions ...ent/src/main/java/mil/army/usace/hec/cumulus/client/auth/CumulusTokenProviderFactory.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,17 +24,16 @@
package mil.army.usace.hec.cumulus.client.auth;

import hec.army.usace.hec.cwbi.auth.http.client.CwbiAuthSslSocketFactory;
import hec.army.usace.hec.cwbi.auth.http.client.DiscoveredCwbiAuthTokenProvider;
import hec.army.usace.hec.cwbi.auth.http.client.trustmanagers.CwbiAuthTrustManager;
import hec.army.usace.hec.cwbi.auth.http.client.CwbiAuthTokenProvider;
import java.io.IOException;
import java.util.Collections;
import java.util.Objects;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLSocketFactory;
import mil.army.usace.hec.cumulus.client.controllers.CumulusConstants;
import mil.army.usace.hec.cumulus.client.controllers.CumulusIdentityProviderController;
import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
import mil.army.usace.hec.cwms.http.client.ApiConnectionInfoBuilder;
import mil.army.usace.hec.cwms.http.client.SslSocketData;
import mil.army.usace.hec.cwms.http.client.auth.OAuth2TokenProvider;

public final class CumulusTokenProviderFactory {
Expand All @@ -44,10 +43,10 @@ private CumulusTokenProviderFactory() {

public static OAuth2TokenProvider createTokenProvider(String url, KeyManager keyManager) throws IOException {
SSLSocketFactory sslSocketFactory = CwbiAuthSslSocketFactory.buildSSLSocketFactory(Collections.singletonList(Objects.requireNonNull(keyManager, "Missing required KeyManager")));
SslSocketData sslSocketData = new SslSocketData(Objects.requireNonNull(sslSocketFactory, "Missing required SSLSocketFactory"),
CwbiAuthTrustManager.getTrustManager());
ApiConnectionInfo apiConnectionInfo = new ApiConnectionInfoBuilder(Objects.requireNonNull(url, "Missing required url")).build();
CumulusTokenUrlDiscoveryService tokenUrlDiscoveryService = new CumulusTokenUrlDiscoveryService(apiConnectionInfo, sslSocketData);
return new DiscoveredCwbiAuthTokenProvider(CumulusConstants.CLIENT_ID, tokenUrlDiscoveryService);
ApiConnectionInfo configInfo = new ApiConnectionInfoBuilder(Objects.requireNonNull(url, "Missing required url")).build();
final String wellKnownUrl = new CumulusIdentityProviderController().retrieveWellKnownEndpoint(configInfo);
return new CwbiAuthTokenProvider(wellKnownUrl,
CumulusConstants.CLIENT_ID,
Objects.requireNonNull(sslSocketFactory, "Missing required SSLSocketFactory"));
}
}
48 changes: 0 additions & 48 deletions ...src/main/java/mil/army/usace/hec/cumulus/client/auth/CumulusTokenUrlDiscoveryService.java
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion ...java/mil/army/usace/hec/cumulus/client/controllers/CumulusIdentityProviderController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public final class CumulusIdentityProviderController extends OpenIdTokenControll
private static final String CONFIG_ENDPOINT = "configuration";

@Override
protected String retrieveWellKnownEndpoint(ApiConnectionInfo apiConnectionInfo) throws IOException {
public String retrieveWellKnownEndpoint(ApiConnectionInfo apiConnectionInfo) throws IOException {
IdentityProviderConfiguration configuration = retrieveConfiguration(apiConnectionInfo);
return configuration.getWellKnownEndpoint();
}
Expand Down
98 changes: 93 additions & 5 deletions ...src/test/java/mil/army/usace/hec/cumulus/client/auth/TestCumulusTokenProviderFactory.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,22 +23,101 @@
*/
package mil.army.usace.hec.cumulus.client.auth;

import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;

import javax.net.ssl.KeyManager;
import mil.army.usace.hec.cumulus.client.controllers.TestCumulusMock;
import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
import mil.army.usace.hec.cwms.http.client.ApiConnectionInfoBuilder;
import mil.army.usace.hec.cwms.http.client.MockHttpServer;
import mil.army.usace.hec.cwms.http.client.auth.OAuth2TokenProvider;
import okhttp3.HttpUrl;
import okhttp3.mockwebserver.Dispatcher;
import okhttp3.mockwebserver.MockResponse;
import okhttp3.mockwebserver.RecordedRequest;

import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.fail;

import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;

final class TestCumulusTokenProviderFactory extends TestCumulusMock {
final class TestCumulusTokenProviderFactory {

static MockHttpServer mockCumulusServer;
static MockHttpServer mockAuthServer;

@BeforeAll
static void setUp() throws IOException {
mockCumulusServer = MockHttpServer.create();
mockAuthServer = MockHttpServer.create();
mockCumulusServer.start();
mockAuthServer.start();

mockCumulusServer.getMockServer().setDispatcher(new Dispatcher() {

@Override
public MockResponse dispatch(RecordedRequest request) throws InterruptedException {
final HttpUrl url = request.getRequestUrl();
final String path = url.encodedPath();
System.out.println(path);
try {
if (path.endsWith("configuration")) {
return new MockResponse().setBody(getResource("cumulus/json/idPConfig.json")
.replace("PORT", ""+mockAuthServer.getPort()));
}
} catch (IOException ex) {
fail("Couldn't process mocked request", ex);
}
return new MockResponse().setResponseCode(404).setBody("Request not mocked.");
}
});

mockAuthServer.getMockServer().setDispatcher(new Dispatcher() {
@Override
public MockResponse dispatch(RecordedRequest request) throws InterruptedException {
final HttpUrl url = request.getRequestUrl();
final String path = url.encodedPath();
System.out.println("Got request for url: " + url);
System.out.println("path: " + path);
try {
if (path.endsWith("openid-configuration")) {
return new MockResponse().setBody(getResource("cumulus/json/openIdConfig.json")
.replace("PORT", ""+mockAuthServer.getPort()));
}
} catch (IOException ex) {
fail("Couldn't process mocked request", ex);
}
return new MockResponse().setResponseCode(404).setBody("Request not mocked.");
}
});
}

@AfterAll
static void tearDown() throws IOException {
mockCumulusServer.shutdown();
mockAuthServer.shutdown();
}

ApiConnectionInfo buildCumulusInfo() {
String baseUrl = String.format("http://localhost:%s", mockCumulusServer.getPort());
return new ApiConnectionInfoBuilder(baseUrl).build();
}

ApiConnectionInfo buildAuthInfo() {
String baseUrl = String.format("http://localhost:%s", mockAuthServer.getPort());
return new ApiConnectionInfoBuilder(baseUrl).build();
}
Copy link

@oskarhurst oskarhurst Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If there is an error in the BeforeAll section to my understanding the AfterAll would never get run so the tearDown might never get called.

Copy link
Collaborator Author

@MikeNeilson MikeNeilson Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll go check the manual to verify. That basically means a test would never clean up, at least until all tests are done. This is using random ports so that's not really a huge deal here though I think.

Copy link
Collaborator Author

@MikeNeilson MikeNeilson Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

confirmed it's always called, not that we could do much anyways.


@Test
void testNotNull() throws IOException {
String resource = "cumulus/json/idPConfig.json";
launchMockServerWithResource(resource);
ApiConnectionInfo webServiceUrl = buildConnectionInfo();
ApiConnectionInfo webServiceUrl = buildCumulusInfo();
System.out.println("URL: " + webServiceUrl.getApiRoot());
OAuth2TokenProvider tokenProvider = CumulusTokenProviderFactory.createTokenProvider(webServiceUrl.getApiRoot(), new KeyManager() {});
assertNotNull(tokenProvider);
}
Expand All @@ -48,4 +127,13 @@ void testNulls() {
assertThrows(NullPointerException.class, () -> CumulusTokenProviderFactory.createTokenProvider("test", null));
assertThrows(NullPointerException.class, () -> CumulusTokenProviderFactory.createTokenProvider(null, new KeyManager() {}));
}

protected static String getResource(String resource) throws IOException {
URL resourceUrl = TestCumulusTokenProviderFactory.class.getClassLoader().getResource(resource);
if (resourceUrl == null) {
throw new IOException("Failed to get resource: " + resource);
}
Path path = new File(resourceUrl.getFile()).toPath();
return String.join("\n", Files.readAllLines(path));
}
}
66 changes: 0 additions & 66 deletions ...test/java/mil/army/usace/hec/cumulus/client/auth/TestCumulusTokenUrlDiscoveryService.java
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion .../mil/army/usace/hec/cumulus/client/controllers/TestCumulusIdentityProviderController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,6 @@ void testRetrieveTokenUrl() throws IOException {
enqueueMockServer(readResourceAsString(openIdConfig));
SslSocketData sslSocketData = new SslSocketData(mockSslSocketFactory, CwbiAuthTrustManager.getTrustManager());
ApiConnectionInfo tokenUrl = new CumulusIdentityProviderController().retrieveTokenUrl(buildConnectionInfo(), sslSocketData);
assertEquals("https://api.example.com/auth/realms/cwbi/protocol/openid-connect/token", tokenUrl.getApiRoot());
assertEquals("http://localhost:PORT/auth/realms/cwbi/protocol/openid-connect/token", tokenUrl.getApiRoot());
}
}
16 changes: 15 additions & 1 deletion ...s-client/src/test/java/mil/army/usace/hec/cumulus/client/controllers/TestCumulusMock.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,11 @@ ApiConnectionInfo buildConnectionInfoWithAuth() {
}

protected static void enqueueMockServer(String body) {
mockHttpServer.enqueue(body);
mockHttpServer.enqueue((String)body);
}

protected void enqueueAdditionalResource(String resource) throws IOException {
mockHttpServer.enqueue(readResourceAsString(resource));
}

protected void launchMockServerWithResource(String resource) throws IOException {
Expand Down Expand Up @@ -130,6 +134,16 @@ public OAuth2Token refreshToken() {
public OAuth2Token newToken() throws IOException {
return null;
}

@Override
public ApiConnectionInfo getAuthUrl() {
return null;
}

@Override
public ApiConnectionInfo getTokenUrl() {
return null;
}
};
}

Expand Down
2 changes: 1 addition & 1 deletion cumulus-client/src/test/resources/cumulus/json/idPConfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{
"token_endpoint": "https://api.example.com/oauth2/token",
"well_known_endpoint": "https://api.example.com/.well-known/openid-configuration"
"well_known_endpoint": "http://localhost:PORT/.well-known/openid-configuration"
}
Loading