Send scope when requesting token

and using client credentials with spring
auth server

Author: MarcialRosales

selenium/test/authnz-msg-protocols/amqp10.js

@@ -51,13 +51,14 @@ describe('Having AMQP 1.0 protocol enabled and the following auth_backends: ' +
       let oauthProviderUrl = process.env.OAUTH_PROVIDER_URL
       let oauthClientId = process.env.OAUTH_CLIENT_ID
       let oauthClientSecret = process.env.OAUTH_CLIENT_SECRET
-      let tokenFormat = process.env.OAUTH_TOKEN_FORMAT || 'jwt'
+      let scopes = process.env.OAUTH_SCOPES
       log("oauthProviderUrl  : " + oauthProviderUrl)
       log("oauthClientId  : " + oauthClientId)
       log("oauthClientSecret  : " + oauthClientSecret)
+      log("oauthScope  : " + scopes)
       let openIdConfig = openIdConfiguration(oauthProviderUrl)
       log("Obtained token_endpoint : " + openIdConfig.token_endpoint)
-      password = tokenFor(oauthClientId, oauthClientSecret, openIdConfig.token_endpoint)
+      password = tokenFor(oauthClientId, oauthClientSecret, openIdConfig.token_endpoint, scopes)
       log("Obtained access token : " + password)
       amqpSettings.password = password
       setAmqpOptions(amqpSettings)

selenium/test/authnz-msg-protocols/env.oauth-producer

@@ -1,3 +1,4 @@
 export RABBITMQ_AMQP_USERNAME=oauth
 export OAUTH_CLIENT_ID=producer
 export OAUTH_CLIENT_SECRET=producer
+export OAUTH_SCOPES="rabbitmq.configure:*/* rabbitmq.read:*/* rabbitmq.write:*/*"

selenium/test/authnz-msg-protocols/mqtt.js

@@ -44,9 +44,10 @@ describe('Having MQTT protocol enbled and the following auth_backends: ' + backe
       let oauthProviderUrl = process.env.OAUTH_PROVIDER_URL
       let oauthClientId = process.env.OAUTH_CLIENT_ID
       let oauthClientSecret = process.env.OAUTH_CLIENT_SECRET
+      let scope = process.env.OAUTH_SCOPES
       let openIdConfig = openIdConfiguration(oauthProviderUrl)
       log("Obtained token_endpoint : " + openIdConfig.token_endpoint)
-      password = tokenFor(oauthClientId, oauthClientSecret, openIdConfig.token_endpoint)
+      password = tokenFor(oauthClientId, oauthClientSecret, openIdConfig.token_endpoint, scope)
       log("Obtained access token : " + password)
     }
     mqttOptions = {

selenium/test/authnz-msg-protocols/spring/application.yml

@@ -47,7 +47,7 @@ spring:
                 - client_credentials
               client-authentication-methods:
                 - client_secret_basic
-              scope: 
+              scopes: 
                 - openid
                 - profile
                 - rabbitmq.tag:management
@@ -66,7 +66,7 @@ spring:
                 - client_credentials
               client-authentication-methods:
                 - client_secret_basic
-              scope: 
+              scopes: 
                 - openid
                 - profile
                 - rabbitmq.tag:management
@@ -82,7 +82,7 @@ spring:
                 - client_credentials
               client-authentication-methods:
                 - client_secret_basic
-              scope: 
+              scopes: 
                 - openid
                 - profile
                 - rabbitmq.tag:management

selenium/test/utils.js

@@ -236,13 +236,16 @@ module.exports = {
     }
   },
 
-  tokenFor: (client_id, client_secret, url = uaaUrl, token_format = "jwt") => {
+  tokenFor: (client_id, client_secret, url = uaaUrl, scope) => {
     const req = new XMLHttpRequest()
-    const params = 'client_id=' + client_id +
+    let params = 'client_id=' + client_id +
       '&client_secret=' + client_secret +
       '&grant_type=client_credentials' +
-      '&token_format=' + token_format + 
+//      '&token_format=' + token_format + 
       '&response_type=token'
+    if (scope != undefined && scope != "") {
+      params = params + '&scope=' + scope
+    } 
 
     req.open('POST', url, false)
     req.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded')