Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@

package org.wso2.identity.integration.test.applicationNativeAuthentication;

import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import io.restassured.http.ContentType;
import io.restassured.response.ExtractableResponse;
import io.restassured.response.Response;
Expand Down Expand Up @@ -67,13 +69,15 @@
public class ApplicationNativeAuthenticationDeviceFlowTestCase extends OAuth2ServiceAbstractIntegrationTest {

private static final String CLIENT_ID_PARAM = "client_id";
private static final String IDP_SESSION_KEY_CLAIM_NAME = "isk";
private static final String DEVICE_CODE = "device_code";
private static final String USER_CODE = "user_code";
private static final String INTERVAL = "interval";
private static final String EXPIRES_IN = "expires_in";
private static final String VERIFICATION_URI = "verification_uri";
private static final String VERIFICATION_URI_COMPLETE = "verification_uri_complete";
private static final String GRANT_TYPE = "urn:ietf:params:oauth:grant-type:device_code";
private static final String JWT = "JWT";
private CloseableHttpClient client;
private UserManagementClient userMgtServiceClient;
private String appId;
Expand Down Expand Up @@ -163,7 +167,7 @@ public void testSendDeviceAuthorize() throws Exception {

List<NameValuePair> urlParameters = new ArrayList<>();
urlParameters.add(new BasicNameValuePair(CLIENT_ID_PARAM, consumerKey));
urlParameters.add(new BasicNameValuePair(SCOPE_PLAYGROUND_NAME, "device_01"));
urlParameters.add(new BasicNameValuePair(SCOPE_PLAYGROUND_NAME, OAuth2Constant.OAUTH2_SCOPE_OPENID));
JSONObject responseObject = responseObjectNew(urlParameters, deviceAuthEndpoint);
deviceCode = responseObject.get(DEVICE_CODE).toString();
userCode = responseObject.get(USER_CODE).toString();
Expand Down Expand Up @@ -235,6 +239,14 @@ public void testTokenRequest() throws Exception {
JSONObject obj = sendTokenRequest(GRANT_TYPE, consumerKey, deviceCode);
String accessToken = obj.get("access_token").toString();
Assert.assertNotNull(accessToken, "Assess token is null");

String idToken = obj.get(OAuth2Constant.ID_TOKEN).toString();
Assert.assertNotNull(idToken, "ID token is null");
Comment on lines +243 to +244

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Avoid toString() before null assertion for id_token.

At Line 243, toString() can throw before the test reaches the assertion. Cast first, then assert non-null for a clearer failure.

Proposed fix
-        String idToken = obj.get(OAuth2Constant.ID_TOKEN).toString();
-        Assert.assertNotNull(idToken, "ID token is null");
+        String idToken = (String) obj.get(OAuth2Constant.ID_TOKEN);
+        Assert.assertNotNull(idToken, "ID token is null");
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
String idToken = obj.get(OAuth2Constant.ID_TOKEN).toString();
Assert.assertNotNull(idToken, "ID token is null");
String idToken = (String) obj.get(OAuth2Constant.ID_TOKEN);
Assert.assertNotNull(idToken, "ID token is null");
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/applicationNativeAuthentication/ApplicationNativeAuthenticationDeviceFlowTestCase.java`
around lines 243 - 244, The test currently calls toString() directly on
obj.get(OAuth2Constant.ID_TOKEN) which can throw before the Assert.assertNotNull
runs; in ApplicationNativeAuthenticationDeviceFlowTestCase locate the lines
assigning idToken (using obj.get(OAuth2Constant.ID_TOKEN)) and change the flow
to first retrieve the raw Object (e.g., tokenObj), call
Assert.assertNotNull(tokenObj, "ID token is null"), then convert it to String
(tokenObj.toString()) and assign idToken so the assertion fails clearly if the
token is missing.


JWTClaimsSet claims = SignedJWT.parse(idToken).getJWTClaimsSet();
Assert.assertNotNull(claims, "ID token claim set is null");
Assert.assertNotNull(claims.getClaim(IDP_SESSION_KEY_CLAIM_NAME),
"IDP session key not available in ID token.");
}

private ApplicationResponseModel createApp() throws Exception {
Expand All @@ -249,6 +261,11 @@ private ApplicationResponseModel createApp() throws Exception {
oidcConfig.setGrantTypes(grantTypes);
oidcConfig.setPublicClient(true);

AccessTokenConfiguration accessTokenConfiguration = new AccessTokenConfiguration().type(JWT);
accessTokenConfiguration.setUserAccessTokenExpiryInSeconds(3600L);
accessTokenConfiguration.setApplicationAccessTokenExpiryInSeconds(3600L);
oidcConfig.setAccessToken(accessTokenConfiguration);

InboundProtocols inboundProtocolsConfig = new InboundProtocols();
inboundProtocolsConfig.setOidc(oidcConfig);

Expand Down