Additional tests

Author: acoburn

access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrantClient.java

@@ -333,7 +333,7 @@ public CompletionStage<AccessGrant> grantAccess(final AccessRequest request,
             LOGGER.atWarn()
                 .setMessage("No data URLs supplied: {} resource URLs and {} mapped templates")
                 .addArgument(() -> request.getResources().size())
-                .addArgument(() -> templated.size())
+                .addArgument(templated::size)
                 .log();
         }
         return v1Metadata().thenCompose(metadata -> {

access-grant/src/test/java/com/inrupt/client/accessgrant/AccessGrantClientTest.java

@@ -42,6 +42,7 @@
 import java.util.UUID;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.CompletionException;
+import java.util.stream.Collectors;
 
 import org.apache.commons.io.IOUtils;
 import org.jose4j.jwk.PublicJsonWebKey;
@@ -174,7 +175,6 @@ void testFetch5() {
         assertInstanceOf(AccessGrantException.class, err1.getCause());
     }
 
-
     @Test
     void testFetch6() {
         final Map<String, Object> claims = new HashMap<>();
@@ -215,6 +215,27 @@ void testNotAccessGrant() {
                 client.fetch(uri, AccessGrant.class).toCompletableFuture()::join);
     }
 
+    @Test
+    void testFetchTemplate() {
+        final Map<String, Object> claims = new HashMap<>();
+        claims.put("webid", WEBID);
+        claims.put("sub", SUB);
+        claims.put("iss", ISS);
+        claims.put("azp", AZP);
+        final String token = generateIdToken(claims);
+        final URI uri = URIBuilder.newBuilder(baseUri).path("access-request-6").build();
+        final AccessGrantClient client = agClient.session(OpenIdSession.ofIdToken(token));
+        final AccessRequest request = client.fetch(uri, AccessRequest.class).toCompletableFuture().join();
+
+        assertEquals(uri, request.getIdentifier());
+        assertEquals(baseUri, request.getIssuer());
+
+        // Revoke
+        final CompletableFuture<Void> future = client.revoke(request).toCompletableFuture();
+        final CompletionException err1 = assertThrows(CompletionException.class, future::join);
+        assertInstanceOf(AccessGrantException.class, err1.getCause());
+    }
+
     @Test
     void testFetchInvalid() {
         final URI uri = URIBuilder.newBuilder(baseUri).path(".well-known/vc-configuration").build();
@@ -286,6 +307,33 @@ void testIssueRequestBuilder() {
         assertEquals(resources, request.getResources());
     }
 
+    @Test
+    void testGrantFromTemplate() {
+        final Map<String, Object> claims = new HashMap<>();
+        claims.put("webid", WEBID);
+        claims.put("sub", SUB);
+        claims.put("iss", ISS);
+        claims.put("azp", AZP);
+        final String token = generateIdToken(claims);
+        final URI uri = URIBuilder.newBuilder(baseUri).path("access-request-6").build();
+        final AccessGrantClient client = agClient.session(OpenIdSession.ofIdToken(token));
+        final AccessRequest request = client.fetch(uri, AccessRequest.class).toCompletableFuture().join();
+
+        final AccessGrant grant = client.grantAccess(request).toCompletableFuture().join();
+
+        final Instant expiration = Instant.parse("2022-08-27T12:00:00Z");
+        final Set<String> modes = Set.of("Read", "Append");
+        final Set<URI> purposes = Collections.singleton(URI.create("https://purpose.test/Purpose1"));
+
+        assertTrue(grant.getTypes().contains("SolidAccessGrant"));
+        assertEquals(Optional.of(URI.create("https://id.test/agent")), grant.getRecipient());
+        assertEquals(modes, grant.getModes());
+        assertEquals(expiration, grant.getExpiration());
+        assertEquals(baseUri, grant.getIssuer());
+        assertEquals(purposes, grant.getPurposes());
+        assertNotNull(grant.getAccessRequest());
+    }
+
     @Test
     void testRequestAccessNoAuth() {
         final URI recipient = URI.create("https://id.test/agent");
@@ -335,6 +383,53 @@ void testGrantAccess(final boolean verifyRequest) {
         assertNotNull(grant.getAccessRequest());
     }
 
+    @ParameterizedTest
+    @ValueSource(booleans = {true, false})
+    void testGrantTemplatedAccess(final boolean verifyRequest) {
+        final Map<String, Object> claims = new HashMap<>();
+        claims.put("webid", WEBID);
+        claims.put("sub", SUB);
+        claims.put("iss", ISS);
+        claims.put("azp", AZP);
+        final String token = generateIdToken(claims);
+        final AccessGrantClient client = agClient.session(OpenIdSession.ofIdToken(token));
+
+        final URI recipient = URI.create("https://id.test/agent");
+        final Instant expiration = Instant.parse("2022-08-27T12:00:00Z");
+        final Set<String> modes = Set.of("Read", "Append");
+        final Set<URI> purposes = Collections.singleton(URI.create("https://purpose.test/Purpose1"));
+        final Set<URI> resources = Collections.singleton(URI.create("https://storage.test/data/"));
+
+        final var req = AccessRequest.RequestParameters.newBuilder()
+            .recipient(recipient)
+            .templates(Collections.singleton("http://{storage}/path"))
+            .templates(null)
+            .template(AccessRequest.template("data"))
+            .modes(modes)
+            .purposes(purposes)
+            .expiration(expiration)
+            .build();
+
+        final AccessRequest request = client.requestAccess(req)
+            .toCompletableFuture().join();
+
+        final AccessGrant grant = client.grantAccess(request, templates ->
+                templates.stream()
+                    .map(t -> t.replace("{domain}", "storage.test").replace("{+path}/", ""))
+                    .map(URI::create)
+                    .collect(Collectors.toSet()), verifyRequest)
+            .toCompletableFuture().join();
+
+        assertTrue(grant.getTypes().contains("SolidAccessGrant"));
+        assertEquals(Optional.of(recipient), grant.getRecipient());
+        assertEquals(modes, grant.getModes());
+        assertEquals(expiration, grant.getExpiration());
+        assertEquals(baseUri, grant.getIssuer());
+        assertEquals(purposes, grant.getPurposes());
+        assertEquals(resources, grant.getResources());
+        assertNotNull(grant.getAccessRequest());
+    }
+
     @ParameterizedTest
     @ValueSource(booleans = {true, false})
     void testDenyAccess(final boolean verifyRequest) {
@@ -371,6 +466,58 @@ void testDenyAccess(final boolean verifyRequest) {
         assertInstanceOf(AccessGrantException.class, err.getCause());
     }
 
+    @Test
+    void testNoTemplatesResources() {
+        final Map<String, Object> claims = new HashMap<>();
+        claims.put("webid", WEBID);
+        claims.put("sub", SUB);
+        claims.put("iss", ISS);
+        claims.put("azp", AZP);
+        final String token = generateIdToken(claims);
+        final AccessGrantClient client = agClient.session(OpenIdSession.ofIdToken(token));
+
+        final URI recipient = URI.create("https://id.test/agent");
+        final Instant expiration = Instant.parse("2022-08-27T12:00:00Z");
+        final Set<String> modes = Set.of("Read", "Append");
+        final Set<URI> purposes = Collections.singleton(URI.create("https://purpose.test/Purpose1"));
+
+        final var req = AccessRequest.RequestParameters.newBuilder()
+            .recipient(recipient)
+            .modes(modes)
+            .purposes(purposes)
+            .expiration(expiration)
+            .build();
+
+        assertDoesNotThrow(client.requestAccess(req).toCompletableFuture()::join);
+    }
+
+    @Test
+    void testBothTemplatesResources() {
+        final Map<String, Object> claims = new HashMap<>();
+        claims.put("webid", WEBID);
+        claims.put("sub", SUB);
+        claims.put("iss", ISS);
+        claims.put("azp", AZP);
+        final String token = generateIdToken(claims);
+        final AccessGrantClient client = agClient.session(OpenIdSession.ofIdToken(token));
+
+        final URI recipient = URI.create("https://id.test/agent");
+        final Instant expiration = Instant.parse("2022-08-27T12:00:00Z");
+        final Set<String> modes = Set.of("Read", "Append");
+        final Set<URI> purposes = Collections.singleton(URI.create("https://purpose.test/Purpose1"));
+
+        final var req = AccessRequest.RequestParameters.newBuilder()
+            .recipient(recipient)
+            .modes(modes)
+            .purposes(purposes)
+            .expiration(expiration)
+            .template(AccessRequest.template("data"))
+            .resource(URI.create("https://storage.test/path/data/"))
+            .build();
+
+        assertDoesNotThrow(client.requestAccess(req).toCompletableFuture()::join);
+    }
+
     @Test
     void testGrantAccessNoAuth() {
         final Map<String, Object> claims = new HashMap<>();

access-grant/src/test/java/com/inrupt/client/accessgrant/MockAccessGrantServer.java

@@ -139,6 +139,32 @@ private void setupMocks() {
                         .withStatus(401)
                         .withHeader("WWW-Authenticate", "Bearer,DPoP algs=\"ES256\"")));
 
+        wireMockServer.stubFor(get(urlEqualTo("/access-request-6"))
+                    .atPriority(1)
+                    .withHeader("Authorization", containing("Bearer eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9."))
+                    .willReturn(aResponse()
+                        .withStatus(200)
+                        .withHeader(CONTENT_TYPE, APPLICATION_JSON)
+                        .withBody(getResource("/template-6.json", wireMockServer.baseUrl()))));
+
+        wireMockServer.stubFor(get(urlEqualTo("/access-request-6"))
+                    .atPriority(2)
+                    .willReturn(aResponse()
+                        .withStatus(401)
+                        .withHeader("WWW-Authenticate", "Bearer,DPoP algs=\"ES256\"")));
+
+        wireMockServer.stubFor(delete(urlEqualTo("/access-request-6"))
+                    .atPriority(1)
+                    .withHeader("Authorization", containing("Bearer eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9."))
+                    .willReturn(aResponse()
+                        .withStatus(204)));
+
+        wireMockServer.stubFor(delete(urlEqualTo("/access-request-6"))
+                    .atPriority(2)
+                    .willReturn(aResponse()
+                        .withStatus(401)
+                        .withHeader("WWW-Authenticate", "Bearer,DPoP algs=\"ES256\"")));
+
         wireMockServer.stubFor(get(urlEqualTo("/access-grant-6"))
                     .atPriority(1)
                     .withHeader("Authorization", containing("Bearer eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9."))

access-grant/src/test/resources/template-6.json

@@ -0,0 +1,31 @@
+{
+    "@context":[
+        "https://www.w3.org/2018/credentials/v1",
+        "https://w3id.org/security/suites/ed25519-2020/v1",
+        "https://w3id.org/vc-revocation-list-2020/v1",
+        "https://schema.inrupt.com/credentials/v2.jsonld"],
+    "id":"{{baseUrl}}/access-request-6",
+    "type":["VerifiableCredential","SolidAccessRequest"],
+    "issuer":"{{baseUrl}}",
+    "expirationDate":"2022-08-27T12:00:00Z",
+    "issuanceDate":"2022-08-25T20:34:05.153Z",
+    "credentialStatus":{
+        "id":"https://accessgrant.example/status/CVAM#2832",
+        "revocationListCredential":"https://accessgrant.example/status/CVAM",
+        "revocationListIndex":"2832",
+        "type":"RevocationList2020Status"},
+    "credentialSubject":{
+        "id":"https://id.test/username",
+        "hasConsent":{
+            "mode":["Read","Append"],
+            "hasStatus":"https://w3id.org/GConsent#ConsentStatusRequested",
+            "forPurpose":["https://purpose.test/Purpose1"],
+            "template":["https://{domain}/{+path}/data/"]}},
+    "proof":{
+        "created":"2022-08-25T20:34:05.236Z",
+        "proofPurpose":"assertionMethod",
+        "proofValue":"nIeQF44XVik7onnAbdkbp8xxJ2C8JoTw6-VtCkAzxuWYRFsSfYpft5MuAJaivyeKDmaK82Lj_YsME2xgL2WIBQ",
+        "type":"Ed25519Signature2020",
+        "verificationMethod":"https://accessgrant.example/key/1e332728-4af5-46e4-a5db-4f7b89e3f378"}
+}
+