Add more testcases to oauth

Issue-ID: AAF-111
Change-Id: I17664026c187d3fa27ac5de71bd54253b5bf41e3
Signed-off-by: Sai Gandham <sg481n@att.com>

10 files changed, 1042 insertions, 0 deletions

diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java
new file mode 100644
index 00000000..ed80b10c
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java
@@ -0,0 +1,127 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.oauth;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import java.util.Map;
+import java.util.Properties;
+import java.util.TreeMap;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.onap.aaf.auth.env.AuthzEnv;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.layer.Result;
+import org.onap.aaf.auth.oauth.facade.DirectIntrospect;
+import org.onap.aaf.auth.rserv.TransFilter;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.taf.TafResp;
+import org.onap.aaf.misc.env.APIException;
+
+import aafoauth.v2_0.Introspect;
+
+public class JU_DirectOAuthTAF {
+
+	@Mock
+	private AuthzEnv env;
+
+	@Mock
+	private PropAccess access;
+
+	private Properties props = new Properties();
+
+	@Mock
+	private HttpServletRequest req;
+
+	private Map<String, String[]> parameterMap;
+	@Mock
+	private DirectIntrospect<Introspect> facade;
+	@Mock
+	private AuthzTrans trans;
+	@Mock
+	private Result<Introspect> ri;
+
+	@Before
+	public void setup() {
+		initMocks(this);
+		parameterMap = new TreeMap<String, String[]>();
+
+	}
+
+	@Test
+	public void testValidateWithoutSecret() throws APIException, CadiException {
+		parameterMap.put("client_id", new String[] { "Client1" });
+		// parameterMap.put("client_secret", new String[] { "Secret1" });
+		parameterMap.put("username", new String[] { "User1" });
+		parameterMap.put("password", new String[] { "Pass1" });
+		parameterMap.put("token", new String[] { "token1" });
+		when(env.access()).thenReturn(access);
+		when(access.getProperties()).thenReturn(props);
+		when(req.getContentType()).thenReturn("application/x-www-form-urlencoded");
+		when(req.getParameterMap()).thenReturn(parameterMap);
+
+		DirectOAuthTAF oAuthTaf = new DirectOAuthTAF(env, null, null);
+
+		TafResp validate = oAuthTaf.validate(null, req, null);
+
+		assertNotNull(validate);
+		assertEquals(validate.getAccess(), access);
+		assertEquals(validate.desc(), "client_id and client_secret required");
+	}
+
+	@Test
+	public void testValidateWithSecret() throws APIException, CadiException {
+		parameterMap.put("client_id", new String[] { "Client1" });
+		parameterMap.put("client_secret", new String[] { "Secret1" });
+		parameterMap.put("username", new String[] { "User1" });
+		parameterMap.put("password", new String[] { "Pass1" });
+		parameterMap.put("token", new String[] { "token1" });
+
+		when(env.access()).thenReturn(access);
+		when(access.getProperties()).thenReturn(props);
+		when(req.getContentType()).thenReturn("application/x-www-form-urlencoded");
+		when(req.getParameterMap()).thenReturn(parameterMap);
+		when(req.getAttribute(TransFilter.TRANS_TAG)).thenReturn(trans);
+		when(facade.mappedIntrospect(trans, "token1")).thenReturn(ri);
+
+		DirectOAuthTAF oAuthTaf = new DirectOAuthTAF(env, null, facade);
+
+		TafResp validate = oAuthTaf.validate(null, req, null);
+
+		assertNotNull(validate);
+		assertEquals(validate.getAccess(), access);
+		assertEquals(validate.desc(), ri.errorString());
+
+		assertNull(oAuthTaf.revalidate(null, null));
+		assertNotNull(oAuthTaf.directUserPass());
+	}
+
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java
new file mode 100644
index 00000000..9ae7a012
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java
@@ -0,0 +1,71 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.oauth;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotSame;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.oauth.facade.OAFacade;
+
+import aafoauth.v2_0.Introspect;
+
+public class JU_OACodeTest {
+
+	@Mock
+	private OAFacade<Introspect> facade;
+
+	@Mock
+	private OAFacade<Introspect> facade1;
+
+	@Before
+	public void setup() {
+		initMocks(this);
+	}
+
+	@Test
+	public void testOACodeDefaultMethod() throws Exception {
+		OACode code = new OACode(facade, "Original Description", true, "role1") {
+
+			@Override
+			public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+				// Blank implementation to test abstract OACode class.
+			}
+		};
+
+		OACode clone = code.clone(facade1, false);
+
+		assertNotSame(code, clone);
+
+		assertTrue(code.useJSON);
+		assertFalse(clone.useJSON);
+
+	}
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java
new file mode 100644
index 00000000..56dc669d
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java
@@ -0,0 +1,88 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.oauth;
+
+import static org.mockito.Mockito.only;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.onap.aaf.cadi.principal.BearerPrincipal;
+
+public class JU_OAuth2FilterTest {
+
+	@Mock
+	private HttpServletRequest request;
+	@Mock
+	private FilterChain chain;
+	@Mock
+	private BearerPrincipal principal;
+
+	@Before
+	public void setup() {
+		initMocks(this);
+	}
+
+	@Test
+	public void testDoFilterWithContentType() throws IOException, ServletException {
+		when(request.getContentType()).thenReturn("application/x-www-form-urlencoded");
+
+		OAuth2Filter filter = new OAuth2Filter();
+		filter.doFilter(request, null, chain);
+
+		verify(chain, only()).doFilter(request, null);
+	}
+
+	@Test
+	public void testDoFilter() throws IOException, ServletException {
+		when(request.getContentType()).thenReturn("somethingElse");
+		when(request.getUserPrincipal()).thenReturn(principal);
+		when(request.getHeader("Authorization")).thenReturn("Bearer 1;Bearer2");
+
+		OAuth2Filter filter = new OAuth2Filter();
+		filter.init(null);
+		filter.destroy();
+		filter.doFilter(request, null, chain);
+
+		verify(chain, only()).doFilter(request, null);
+		verify(principal, only()).setBearer("1");
+	}
+
+	@Test
+	public void testDoFilterWithoutBearerPrincipal() throws IOException, ServletException {
+		when(request.getContentType()).thenReturn("somethingElse");
+		when(request.getHeader("Authorization")).thenReturn("Bearer 1;Bearer2");
+
+		OAuth2Filter filter = new OAuth2Filter();
+		filter.doFilter(request, null, chain);
+
+		verify(chain, only()).doFilter(request, null);
+	}
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java
new file mode 100644
index 00000000..7a332fa3
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java
@@ -0,0 +1,64 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.oauth;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.mockito.Mockito.only;
+import static org.mockito.Mockito.verify;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.onap.aaf.cadi.taf.TafResp.RESP;
+
+public class JU_OAuth2FormHttpTafRespTest {
+
+	@Mock
+	private HttpServletResponse resp;
+
+	@Before
+	public void setup() {
+		initMocks(this);
+	}
+
+	@Test
+	public void testAuthenticated() throws IOException {
+		OAuth2FormHttpTafResp oAuth2 = new OAuth2FormHttpTafResp(null, null, null, null, resp);
+
+		assertEquals(oAuth2.authenticate(), RESP.HTTP_REDIRECT_INVOKED);
+
+		verify(resp, only()).setStatus(401);
+	}
+
+	@Test
+	public void testIsAuthenticated() throws IOException {
+		OAuth2FormHttpTafResp oAuth2 = new OAuth2FormHttpTafResp(null, null, null, RESP.HAS_PROCESSED, null, false);
+
+		assertEquals(oAuth2.isAuthenticated(), RESP.HAS_PROCESSED);
+		assertFalse(oAuth2.isFailedAttempt());
+	}
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java
new file mode 100644
index 00000000..1393f291
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java
@@ -0,0 +1,36 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.oauth.facade;
+
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Test;
+
+public class JU_DirectOAFacadeImplTest {
+
+	@Test
+	public void test() {
+		DirectOAFacadeImpl oAFacade = new DirectOAFacadeImpl();
+		assertNotNull(oAFacade);
+	}
+
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java
new file mode 100644
index 00000000..bf9cbdd6
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java
@@ -0,0 +1,87 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.oauth.facade;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.onap.aaf.auth.dao.cass.OAuthTokenDAO.Data;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.layer.Result;
+import org.onap.aaf.auth.oauth.service.OAuthService;
+import org.onap.aaf.misc.env.APIException;
+
+import aafoauth.v2_0.Introspect;
+
+public class JU_OAFacadeFactory {
+
+	@Mock
+	private OAuthService service;
+
+	private String token;
+
+	private AuthzTrans trans;
+	@Mock
+	private Result<Data> rs;
+
+	@Before
+	public void setUp() throws Exception {
+		initMocks(this);
+	}
+
+	@Test
+	public void testStatusNotOk() throws APIException {
+		when(service.introspect(trans, token)).thenReturn(rs);
+		when(rs.notOK()).thenReturn(true);
+
+		DirectIntrospect<Introspect> direct = OAFacadeFactory.directV1_0(service);
+		Result<Introspect> rti = direct.mappedIntrospect(trans, token);
+
+		assertEquals(rti.status, 0);
+	}
+
+	@Test
+	public void testStatusOk() throws APIException {
+		when(service.introspect(trans, token)).thenReturn(rs);
+		when(rs.notOK()).thenReturn(false);
+
+		DirectIntrospect<Introspect> directV1_0 = OAFacadeFactory.directV1_0(service);
+		Result<Introspect> rti = directV1_0.mappedIntrospect(trans, token);
+
+		assertEquals(rti.status, 0);
+	}
+
+	@Test
+	public void testStatusOkWithResultSetEmpty() throws APIException {
+		when(service.introspect(trans, token)).thenReturn(rs);
+		when(rs.isEmpty()).thenReturn(true);
+		when(rs.notOK()).thenReturn(false);
+
+		DirectIntrospect<Introspect> directV1_0 = OAFacadeFactory.directV1_0(service);
+		Result<Introspect> rti = directV1_0.mappedIntrospect(trans, token);
+
+		assertEquals(rti.status, Result.ERR_NotFound);
+	}
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java
new file mode 100644
index 00000000..c872cb8e
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java
@@ -0,0 +1,226 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.oauth.mapper;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import java.util.Map;
+import java.util.TreeMap;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Answers;
+import org.mockito.Mock;
+import org.onap.aaf.auth.dao.cass.OAuthTokenDAO.Data;
+import org.onap.aaf.auth.layer.Result;
+import org.onap.aaf.auth.oauth.mapper.Mapper.API;
+import org.onap.aaf.auth.oauth.service.OAuthService.GRANT_TYPE;
+import org.onap.aaf.auth.oauth.service.OCreds;
+import org.onap.aaf.cadi.client.Holder;
+import org.onap.aaf.cadi.oauth.OAuth2Principal;
+
+import aaf.v2_0.Error;
+import aafoauth.v2_0.Introspect;
+import aafoauth.v2_0.Token;
+import aafoauth.v2_0.TokenRequest;
+
+public class JU_Mapper1_0Test {
+	@Mock
+	private HttpServletRequest req;
+
+	@Mock
+	private TokenRequest tokenRequest;
+
+	@Mock
+	private Holder<GRANT_TYPE> hgt;
+
+	@Mock(answer = Answers.RETURNS_DEEP_STUBS)
+	private OAuth2Principal p;
+
+	private Data data;
+
+	@Before
+	public void setup() {
+		initMocks(this);
+		data = new Data();
+		data.id = "id";
+	}
+
+	@Test
+	public void testMapper() {
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+		assertEquals(TokenRequest.class, mapper.getClass(API.TOKEN_REQ));
+		assertEquals(Token.class, mapper.getClass(API.TOKEN));
+		assertEquals(Introspect.class, mapper.getClass(API.INTROSPECT));
+		assertEquals(Error.class, mapper.getClass(API.ERROR));
+		assertEquals(Void.class, mapper.getClass(API.VOID));
+
+		assertTrue(mapper.newInstance(API.TOKEN_REQ) instanceof TokenRequest);
+		assertTrue(mapper.newInstance(API.TOKEN) instanceof Token);
+		assertTrue(mapper.newInstance(API.INTROSPECT) instanceof Introspect);
+		assertTrue(mapper.newInstance(API.ERROR) instanceof Error);
+		assertEquals(null, mapper.newInstance(API.VOID));
+
+		Error error = mapper.errorFromMessage(null, null, "text", "var1", "var2");
+		assertEquals("text", error.getText());
+
+		Object tokenReqFromParams = mapper.tokenReqFromParams(req);
+		assertNull(tokenReqFromParams);
+	}
+
+	@Test
+	public void testTokeReqFromParams() {
+		Map<String, String[]> parameterMap = new TreeMap<String, String[]>();
+		parameterMap.put("client_id", new String[] { "ClientId1" });
+		parameterMap.put("client_secret", new String[] { "client_secret" });
+		parameterMap.put("username", new String[] { "username" });
+		parameterMap.put("password", new String[] { "password" });
+		parameterMap.put("scope", new String[] { "scope" });
+		parameterMap.put("grant_type", new String[] { "grant_type" });
+		parameterMap.put("refresh_token", new String[] { "refresh_token" });
+		parameterMap.put("etc", new String[] { "etc" });
+		when(req.getParameterMap()).thenReturn(parameterMap);
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		TokenRequest param = mapper.tokenReqFromParams(req);
+
+		assertEquals("ClientId1", param.getClientId());
+		assertEquals("client_secret", param.getClientSecret());
+		assertEquals("username", param.getUsername());
+		assertEquals("password", param.getPassword());
+		assertEquals("scope", param.getScope());
+		assertEquals("grant_type", param.getGrantType());
+		assertEquals("refresh_token", param.getRefreshToken());
+
+		OCreds credsFromReq = mapper.credsFromReq(param);
+		assertEquals("ClientId1", credsFromReq.client_id);
+		assertEquals("username", credsFromReq.username);
+
+	}
+
+	@Test
+	public void testTokeReqFromParamsWithNoValues() {
+		Map<String, String[]> parameterMap = new TreeMap<String, String[]>();
+		parameterMap.put("client_id", new String[] {});
+		parameterMap.put("client_secret", new String[] {});
+		parameterMap.put("username", new String[] {});
+		parameterMap.put("password", new String[] {});
+		parameterMap.put("scope", new String[] {});
+		parameterMap.put("grant_type", new String[] {});
+		parameterMap.put("refresh_token", new String[] {});
+		parameterMap.put("etc", new String[] {});
+		when(req.getParameterMap()).thenReturn(parameterMap);
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		Object param = mapper.tokenReqFromParams(req);
+
+		assertNull(param);
+
+	}
+
+	@Test
+	public void testClientTokenReqWithClientCred() {
+		when(hgt.get()).thenReturn(GRANT_TYPE.client_credentials);
+		when(tokenRequest.getState()).thenReturn("State");
+		when(tokenRequest.getGrantType()).thenReturn("client_credentials");
+		when(tokenRequest.getScope()).thenReturn("Scope");
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		Data clientTokenReq = mapper.clientTokenReq(tokenRequest, hgt);
+
+		assertEquals("State", clientTokenReq.state);
+		assertTrue(clientTokenReq.scopes.contains("Scope"));
+
+	}
+
+	@Test
+	public void testClientTokenReqWithPassword() {
+		when(hgt.get()).thenReturn(GRANT_TYPE.unknown);
+		when(tokenRequest.getState()).thenReturn("State");
+		when(tokenRequest.getRefreshToken()).thenReturn("UnKnown");
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		Data clientTokenReq = mapper.clientTokenReq(tokenRequest, hgt);
+
+		assertEquals("State", clientTokenReq.state);
+		assertEquals(clientTokenReq.type, 0);
+	}
+
+	@Test
+	public void testTokenFromDataWithNotOk() {
+		Result<Data> dataResult = Result.create(null, 1, "detail", "var");
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
+
+		assertEquals(null, clientTokenReq.value);
+	}
+
+	@Test
+	public void testTokenFromData() {
+
+		Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
+
+		assertEquals(clientTokenReq.value.getAccessToken(), data.id);
+	}
+
+	@Test
+	public void testTokenFromDataWithNoTokenType() {
+		data.type = 20;
+
+		Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
+
+		assertEquals(clientTokenReq.value.getAccessToken(), data.id);
+		assertEquals(clientTokenReq.value.getTokenType(), "Invalid");
+	}
+
+	@Test
+	public void testFromPrincipal() {
+
+		Introspect introspect = new Introspect();
+		when(p.tokenPerm().getIntrospect()).thenReturn(introspect);
+
+		Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+
+		Introspect intro = mapper.fromPrincipal(p);
+
+		assertEquals(introspect, intro);
+	}
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java
new file mode 100644
index 00000000..d303755f
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java
@@ -0,0 +1,94 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.oauth.mapper;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import java.util.HashSet;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.xml.ws.handler.MessageContext.Scope;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.onap.aaf.auth.dao.cass.OAuthTokenDAO.Data;
+import org.onap.aaf.auth.layer.Result;
+
+import aafoauth.v2_0.Introspect;
+
+public class JU_MapperIntrospect1_0Test {
+	@Mock
+	private HttpServletRequest req;
+
+	Data data;
+
+	@Before
+	public void setup() {
+		initMocks(this);
+		data = new Data();
+	}
+
+	@Test
+	public void testIntrospect() {
+		data.type = 1;
+
+		Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+
+		MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
+
+		Result<Introspect> intro = mapper.introspect(dataResult);
+
+		assertEquals(intro.value.getClientType(), "confidential");
+	}
+
+	@Test
+	public void testIntrospectWithUnknowType() {
+		data.type = 5;
+		data.scopes = new HashSet<String>();
+
+		data.scopes.add(Scope.APPLICATION.toString());
+		data.scopes.add(Scope.HANDLER.toString());
+
+		Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+
+		MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
+
+		Result<Introspect> intro = mapper.introspect(dataResult);
+
+		assertEquals(intro.value.getClientType(), "unknown");
+	}
+
+	@Test
+	public void testIntrospectWithNotOk() {
+		data.type = 5;
+
+		Result<Data> dataResult = Result.create(data, 1, "detail", "var");
+
+		MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
+
+		Result<Introspect> intro = mapper.introspect(dataResult);
+
+		assertEquals(intro.value, null);
+	}
+
+}
\ No newline at end of file
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
new file mode 100644
index 00000000..1a13580f
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
@@ -0,0 +1,200 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.oauth.service;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.only;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.xml.ws.handler.MessageContext.Scope;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.onap.aaf.auth.common.Define;
+import org.onap.aaf.auth.dao.cass.NsSplit;
+import org.onap.aaf.auth.dao.cass.PermDAO;
+import org.onap.aaf.auth.dao.hl.Question;
+import org.onap.aaf.auth.env.AuthzEnv;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.layer.Result;
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.misc.env.APIException;
+import org.onap.aaf.misc.env.Env;
+import org.onap.aaf.misc.env.TimeTaken;
+
+public class JU_JSONPermLoaderFactoryTest {
+	@Mock
+	private AAFCon<?> aafcon;
+	@Mock
+	private AuthzTrans trans;
+	@Mock
+	private TimeTaken tt;
+	@Mock
+	Rcli c;
+	@Mock
+	private Future fs;
+	@Mock
+	private Question question;
+	@Mock
+	private Result<NsSplit> rdns;
+	private NsSplit nss;
+
+	private Access access;
+
+	@Before
+	public void setup() throws CadiException {
+		access = new AuthzEnv();
+		Define.set(access);
+		initMocks(this);
+		nss = new NsSplit("APPLICATION", "APPLICATION");
+	}
+
+	@Test
+	public void testRemoteWithTimeOut() throws APIException, CadiException {
+		when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
+		when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+		when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
+				"application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
+		when(fs.get(0)).thenReturn(true);
+
+		Set<String> scopes = new HashSet<String>();
+		scopes.add(Scope.APPLICATION.toString());
+		scopes.add(Scope.HANDLER.toString());
+
+		JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
+
+		Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
+
+		assertEquals(0, loadJSONPerms.status);
+
+		verify(tt, only()).done();
+	}
+
+	@Test
+	public void testRemoteWith404() throws APIException, CadiException {
+		when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
+		when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+		when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
+				"application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
+		when(fs.get(0)).thenReturn(false);
+		when(fs.code()).thenReturn(404);
+
+		Set<String> scopes = new HashSet<String>();
+		scopes.add(Scope.APPLICATION.toString());
+		scopes.add(Scope.HANDLER.toString());
+
+		JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
+
+		Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
+
+		assertEquals(Result.ERR_NotFound, loadJSONPerms.status);
+
+		verify(tt, only()).done();
+	}
+
+	@Test
+	public void testRemote() throws APIException, CadiException {
+		when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
+		when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+		when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
+				"application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
+		when(fs.get(0)).thenReturn(false);
+
+		Set<String> scopes = new HashSet<String>();
+		scopes.add(Scope.APPLICATION.toString());
+		scopes.add(Scope.HANDLER.toString());
+
+		JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
+
+		Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
+
+		assertEquals(Result.ERR_Backend, loadJSONPerms.status);
+
+		verify(tt, only()).done();
+	}
+
+	@Test
+	public void testDirectWhenPdNotOk() throws APIException, CadiException {
+
+		Result<List<PermDAO.Data>> pd = Result.create(null, Result.ERR_Backend, "details", "vars");
+
+		when(question.getPermsByUser(trans, "user", false)).thenReturn(pd);
+		when(trans.start("Cached DB Perm lookup", Env.SUB)).thenReturn(tt);
+
+		Set<String> scopes = new HashSet<String>();
+		scopes.add(Scope.APPLICATION.toString());
+		scopes.add(Scope.HANDLER.toString());
+
+		JSONPermLoader factory = JSONPermLoaderFactory.direct(question);
+
+		Result<String> loadJSONPerms = factory.loadJSONPerms(trans, "user", scopes);
+
+		assertEquals(Result.ERR_Backend, loadJSONPerms.status);
+
+		verify(tt, only()).done();
+	}
+
+	@Test
+	public void testDirectWhenPdOk() throws APIException, CadiException {
+
+		when(trans.start("Cached DB Perm lookup", Env.SUB)).thenReturn(tt);
+		when(question.deriveNsSplit(trans, "name")).thenReturn(rdns);
+		when(rdns.isOKhasData()).thenReturn(false);
+
+		List<PermDAO.Data> list = new ArrayList<PermDAO.Data>();
+		list.add(new PermDAO.Data(nss, "instance", "action"));
+		list.add(new PermDAO.Data(nss, "instance", "action"));
+
+		Result<List<PermDAO.Data>> pd = Result.create(list, Result.OK, "details", "vars");
+
+		when(question.getPermsByUser(trans, "user", false)).thenReturn(pd);
+
+		Set<String> scopes = new HashSet<String>();
+		scopes.add(Scope.APPLICATION.toString());
+		scopes.add(Scope.HANDLER.toString());
+
+		JSONPermLoader factory = JSONPermLoaderFactory.direct(question);
+
+		Result<String> loadJSONPerms = factory.loadJSONPerms(trans, "user", scopes);
+
+		assertEquals(Result.OK, loadJSONPerms.status);
+		assertEquals("Success", loadJSONPerms.details);
+		assertEquals(
+				"{\"perm\":[{\"ns\":\"APPLICATION\",\"type\":\"APPLICATION\",\"instance\":\"instance\",\"action\":\"action\"},{\"ns\":\"APPLICATION\",\"type\":\"APPLICATION\",\"instance\":\"instance\",\"action\":\"action\"}]}",
+				loadJSONPerms.value);
+
+		verify(tt, only()).done();
+	}
+
+}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java
new file mode 100644
index 00000000..1c16772b
--- /dev/null
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java
@@ -0,0 +1,49 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.oauth.service;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Test;
+
+public class JU_OCredsTest {
+
+	@Test
+	public void test() {
+		OCreds cred = new OCreds("client_id", "client_secret", "username", "password");
+
+		assertEquals(cred.client_id, "client_id");
+		assertEquals(cred.username, "username");
+		assertEquals(new String(cred.client_secret), "client_secret");
+		assertEquals(new String(cred.password), "password");
+	}
+
+	@Test
+	public void testWithNullValues() {
+		OCreds cred = new OCreds("client_id", null, "username", null);
+
+		assertEquals(cred.client_id, "client_id");
+		assertEquals(cred.username, "username");
+		assertEquals(cred.client_secret, null);
+		assertEquals(cred.password, null);
+	}
+
+}