diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsTests.java index 4cef2b88bb9..10a106c92a7 100644 --- a/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsTests.java +++ b/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsTests.java @@ -59,7 +59,6 @@ import static org.cloudfoundry.identity.uaa.oauth.client.SecretChangeRequest.ChangeMode.ADD; import static org.cloudfoundry.identity.uaa.oauth.client.SecretChangeRequest.ChangeMode.DELETE; import static org.cloudfoundry.identity.uaa.oauth.token.TokenConstants.GRANT_TYPE_AUTHORIZATION_CODE; -import static org.cloudfoundry.identity.uaa.oauth.token.TokenConstants.GRANT_TYPE_CLIENT_CREDENTIALS; import static org.cloudfoundry.identity.uaa.oauth.token.TokenConstants.GRANT_TYPE_JWT_BEARER; import static org.mockito.Mockito.any; import static org.mockito.Mockito.anyBoolean; @@ -1009,16 +1008,6 @@ void updateClientWithAutoapproveScopesTrue() { assertThat(updated.isAutoApprove("foo.write")).isTrue(); } - @Test - void clientCredentialWithEmptySecretIsRejected() { - detail.setAuthorizedGrantTypes(Collections.singletonList(GRANT_TYPE_CLIENT_CREDENTIALS)); - detail.setClientSecret(""); - detail.setScope(Collections.emptyList()); - assertThatThrownBy(() -> endpoints.createClientDetails(createClientDetailsCreation(detail))) - .isInstanceOf(InvalidClientDetailsException.class) - .hasMessage("Client secret is required for client_credentials grant type"); - } - @Test void createClientWithJsonWebKeyUri() { // https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata, see jwks_uri diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsValidatorTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsValidatorTests.java index 604234ff566..0f65b826aea 100644 --- a/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsValidatorTests.java +++ b/server/src/test/java/org/cloudfoundry/identity/uaa/client/ClientAdminEndpointsValidatorTests.java @@ -32,6 +32,7 @@ import java.util.List; import java.util.Set; +import static org.assertj.core.api.Assertions.assertThatNoException; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.fail; import static org.assertj.core.api.AssertionsForClassTypes.assertThatExceptionOfType; @@ -133,9 +134,7 @@ void validate_jwt_bearer_grant_type_without_secret() { client.setAuthorizedGrantTypes(Collections.singletonList(GRANT_TYPE_JWT_BEARER)); client.setScope(Collections.singleton(caller.getClientId() + ".write")); client.setClientSecret(""); - assertThatThrownBy(() -> validator.validate(client, true, true)) - .isInstanceOf(InvalidClientDetailsException.class) - .hasMessageContaining("Client secret is required for grant type " + GRANT_TYPE_JWT_BEARER); + assertThatNoException().isThrownBy(() -> validator.validate(client, true, true)); } @Test diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/ClientAdminEndpointsIntegrationTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/ClientAdminEndpointsIntegrationTests.java index 301b6a264d8..14ab5ab91e7 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/ClientAdminEndpointsIntegrationTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/ClientAdminEndpointsIntegrationTests.java @@ -390,7 +390,7 @@ void clientSecretExpiryCannotBeSet() { } @Test - void nonImplicitGrantClientWithoutSecretIsRejectedTxFails() { + void nonImplicitGrantClientWithSecret() { headers = getAuthenticatedHeaders(getClientCredentialsAccessToken("clients.admin,clients.read,clients.write,clients.secret")); headers.add("Accept", "application/json"); String grantTypes = "client_credentials"; @@ -411,10 +411,10 @@ void nonImplicitGrantClientWithoutSecretIsRejectedTxFails() { HttpMethod.POST, new HttpEntity<>(clients, headers), UaaException.class); - assertThat(result.getStatusCode()).isEqualTo(HttpStatus.BAD_REQUEST); + assertThat(result.getStatusCode()).isEqualTo(HttpStatus.CREATED); for (String id : ids) { ClientDetails client = getClient(id); - assertThat(client).isNull(); + assertThat(client).isNotNull(); } } diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/clients/ClientAdminEndpointsMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/clients/ClientAdminEndpointsMockMvcTests.java index c85705ef80a..25431423175 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/clients/ClientAdminEndpointsMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/clients/ClientAdminEndpointsMockMvcTests.java @@ -86,6 +86,7 @@ import static org.cloudfoundry.identity.uaa.oauth.client.SecretChangeRequest.ChangeMode.DELETE; import static org.cloudfoundry.identity.uaa.oauth.token.TokenConstants.GRANT_TYPE_AUTHORIZATION_CODE; import static org.cloudfoundry.identity.uaa.oauth.token.TokenConstants.GRANT_TYPE_JWT_BEARER; +import static org.mockito.Mockito.atLeast; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; @@ -697,11 +698,11 @@ void createClientsTxClientCredentialsWithoutSecret() throws Exception { .accept(APPLICATION_JSON) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(details)); - mockMvc.perform(createClientPost).andExpect(status().isBadRequest()); + mockMvc.perform(createClientPost).andExpect(status().isCreated()); for (ClientDetails client : details) { - assertThat(getClient(client.getClientId())).isNull(); + assertThat(getClient(client.getClientId())).isNotNull(); } - verify(mockApplicationEventPublisher, times(0)).publishEvent(abstractUaaEventCaptor.capture()); + verify(mockApplicationEventPublisher, atLeast(5)).publishEvent(abstractUaaEventCaptor.capture()); } @Test