Revert "Using ./gradlew run now uses ROOT context path"

This reverts commit 46c4762.
cloudfoundry · Dec 6, 2019 · 65952b1 · 65952b1
1 parent 9c1f29d
commit 65952b1
Show file tree

Hide file tree

Showing 77 changed files with 275 additions and 273 deletions.
diff --git a/README.md b/README.md
@@ -18,7 +18,7 @@ The authentication service is `uaa`. It's a plain Spring MVC webapp.
 Deploy as normal in Tomcat or your container of choice, or execute
 `./gradlew run` to run it directly from `uaa` directory in the source
 tree. When running with gradle it listens on port 8080 and the URL is
-`http://localhost:8080`
+`http://localhost:8080/uaa`
 
 The UAA Server supports the APIs defined in the UAA-APIs document. To summarise:
 
@@ -82,7 +82,7 @@ If this works you are in business:
 
 
 The apps all work together with the apps running on the same port
-(8080) as [`/uaa`](http://localhost:8080), [`/app`](http://localhost:8080/app) and [`/api`](http://localhost:8080/api).
+(8080) as [`/uaa`](http://localhost:8080/uaa), [`/app`](http://localhost:8080/app) and [`/api`](http://localhost:8080/api).
 
 UAA will log to a file called `uaa.log` which can be found using the following command:-
 
@@ -101,7 +101,7 @@ First run the UAA server as described above:
 From another terminal you can use curl to verify that UAA has started by
 requesting system information:
 
-    $ curl -H "Accept: application/json" localhost:8080/login
+    $ curl -H "Accept: application/json" localhost:8080/uaa/login
     {
       "timestamp":"2012-03-28T18:25:49+0100",
       "commit_id":"111274e",

diff --git a/build.gradle b/build.gradle
@@ -167,7 +167,7 @@ cargo {
 
     deployable {
         file = file("uaa/build/libs/cloudfoundry-identity-uaa-" + version + ".war")
-        context = "/"
+        context = "uaa"
     }
 
     local {
@@ -235,6 +235,7 @@ task integrationTest(dependsOn: subprojects.integrationTest) {
     finalizedBy cargoStopLocal
 }
 
+
 // task dependencies
 assemble.dependsOn subprojects.assemble
 test.dependsOn subprojects.test

diff --git a/docs/Sysadmin-Guide.rst b/docs/Sysadmin-Guide.rst
@@ -301,7 +301,7 @@ cf and uaac each need a target. cf points to a cloud controller and uaac to a ua
     cf target api.cf116.dev.las01.vcsops.com
     uaac target uaa.cf116.dev.las01.vcsops.com # dev deployment
     uaac target uaa.cfpartners.cloudfoundry.com # production
-    uaac target localhost:8080 # local dev
+    uaac target localhost:8080/uaa # local dev
 
 uaac context will contain clients or an end user id. These are added to
 your context after authenticating.

diff --git a/docs/UAA-APIs.rst b/docs/UAA-APIs.rst
diff --git a/docs/UAA-Tokens.md b/docs/UAA-Tokens.md
@@ -21,7 +21,7 @@ This step requires that you have Java 1.7 or higher installed.
 You now have a UAA server running. There is a Ruby gem called cf-uaac, that one can use to communicate with the UAA.
 But for sake of clarity, we will use ```curl``` commands.
 
-    curl -v -d"username=marissa&password=koala&client_id=app&grant_type=password" -u "app:appclientsecret" http://localhost:8080/oauth/token
+    curl -v -d"username=marissa&password=koala&client_id=app&grant_type=password" -u "app:appclientsecret" http://localhost:8080/uaa/oauth/token
 
 This yields a return token
 
@@ -46,7 +46,7 @@ More on Tokens can be found [here](https://developers.google.com/accounts/docs/O
         "user_id": "7f791ea9-99b9-423d-988b-931f0222a79f", 
         "sub": "7f791ea9-99b9-423d-988b-931f0222a79f", 
         "cid": "app", 
-        "iss": "http://localhost:8080/oauth/token",
+        "iss": "http://localhost:8080/uaa/oauth/token", 
         "jti": "bc3e7456-91f5-4961-b88d-db705626ba77", 
         "client_id": "app", 
         "iat": 1406568935, 

diff --git a/docs/google-oidc-provider.md b/docs/google-oidc-provider.md
@@ -18,7 +18,7 @@ Please refer to 'https://accounts.google.com/.well-known/openid-configuration' f
           tokenUrl: https://www.googleapis.com/oauth2/v4/token
           tokenKeyUrl: https://www.googleapis.com/oauth2/v3/certs
           issuer: https://accounts.google.com
-          redirectUrl: http://localhost:8080
+          redirectUrl: http://localhost:8080/uaa
           scopes:
             - openid
             - email

diff --git a/docs/login/Okta-README.md b/docs/login/Okta-README.md
@@ -5,7 +5,7 @@ It assumes that you have a SAML application setup on Okta Preview with admin rig
 
 ##Pivotal Preview and Standalone Login Server
 The UAA comes with with a `sample-okta-metadata.xml` file
-that will redirect your SAML request back to http://localhost:8080
+that will redirect your SAML request back to http://localhost:8080/uaa
 This configuration requires you to have an account on 
 https://pivotal.oktapreview.com
 
@@ -36,7 +36,7 @@ Test SAML authentication
   - a) Go to http://localhost:8080/login
   - b) Click `Okta Preview 1`
   - c) Authenticate on the Okta server
-  - d) You should be redirected to 'localhost:8080' and be signed in with your credentials (email address)
+  - d) You should be redirected to 'localhost:8080/uaa' and be signed in with your credentials (email address)
 
 ##Pivotal Preview - Configure Custom Application
 To configure a custom redirect URL on the https://pivotal.oktapreview.com 
@@ -68,7 +68,7 @@ Configure Okta to have UAA as a service that wishes to authenticate
 
   - a) Go to your Okta application and click on the 'General' tab
   - b) Edit the SAML settings
-  - c) Fill in the 'SingleSignOnURL' field  with 'http://localhost:8080/saml/SSO/alias/cloudfoundry-saml-login'
+  - c) Fill in the 'SingleSignOnURL' field  with 'http://localhost:8080/uaa/saml/SSO/alias/cloudfoundry-saml-login'
        and select 'Use this for Recipient URL and Destination URL'
   - d) Fill in the 'Audience URI' field with 'cloudfoundry-saml-login' which is the entityID for the UAA
        This field can be set using login.entityID or login.saml.entityIDAlias. If the login.entityID is a URL, the alias
@@ -81,7 +81,7 @@ Test SAML authentication
 
   - a) Go to 'My Applications' on Octa Preview
   - b) Click on your SAML application
-  - c) You should be redirected to 'localhost:8080' and be signed in with your credentials
+  - c) You should be redirected to 'localhost:8080/uaa' and be signed in with your credentials
 
 
 
diff --git a/docs/login/OpenAM-README.md b/docs/login/OpenAM-README.md
@@ -66,7 +66,7 @@ Configure and start UAA
 Configure OpenAM to have UAA as a service that wishes to authenticate
 
   - a) Click 'register a service provider'
-  - b) Put the 'http://localhost:8080/saml/metadata' as the URL
+  - b) Put the 'http://localhost:8080/uaa/saml/metadata' as the URL
   - c) Click 'Configure'
 
 ###Step 7
@@ -83,6 +83,6 @@ Create a SAML user
 ###Step 8
 Test SAML Authentication
 
-  - a) Go to http://localhost:8080
+  - a) Go to http://localhost:8080/uaa
   - b) Click "Use your corporate credentials" (or the link name you configured in login.yml)
   - c) Sign in with the user you created
diff --git a/samples/api/src/main/java/org/cloudfoundry/identity/api/web/ApiController.java b/samples/api/src/main/java/org/cloudfoundry/identity/api/web/ApiController.java
@@ -24,8 +24,8 @@
 public class ApiController {
 
     private String infoResource;
-    private String loginUrl = "http://localhost:8080";
-    private String uaaUrl = "http://localhost:8080";
+    private String loginUrl = "http://localhost:8080/uaa";
+    private String uaaUrl = "http://localhost:8080/uaa";
 
     /**
      * @param loginUrl the loginUrl to set

diff --git a/samples/api/src/main/resources/application.properties b/samples/api/src/main/resources/application.properties
@@ -12,5 +12,5 @@
 ###############################################################################
 
 
-auth.url=http://localhost:8080/login
-checkTokenEndpointUrl=http://localhost:8080/check_token
+auth.url=http://localhost:8080/uaa/login
+checkTokenEndpointUrl=http://localhost:8080/uaa/check_token
diff --git a/samples/api/src/main/webapp/WEB-INF/spring-servlet.xml b/samples/api/src/main/webapp/WEB-INF/spring-servlet.xml
@@ -98,8 +98,8 @@
     </bean>
 
     <bean class="org.cloudfoundry.identity.api.web.ApiController">
-        <property name="uaaUrl" value="${uaa.url:http://localhost:8080}" />
-        <property name="loginUrl" value="${login.url:http://localhost:8080}" />
+        <property name="uaaUrl" value="${uaa.url:http://localhost:8080/uaa}" />
+        <property name="loginUrl" value="${login.url:http://localhost:8080/uaa}" />
         <property name="info" value="classpath:/info.tmpl" />
     </bean>
 

diff --git a/samples/api/src/test/java/org/cloudfoundry/identity/api/web/ServerRunning.java b/samples/api/src/test/java/org/cloudfoundry/identity/api/web/ServerRunning.java
@@ -73,7 +73,7 @@ public class ServerRunning extends TestWatchman implements RestTemplateHolder, U
 
     private static String DEFAULT_HOST = "localhost";
 
-    private static final String DEFAULT_AUTH_SERVER_ROOT = "/";
+    private static final String DEFAULT_AUTH_SERVER_ROOT = "/uaa";
 
     private String authServerRoot = DEFAULT_AUTH_SERVER_ROOT;
 
@@ -121,7 +121,7 @@ public void setHostName(String hostName) {
     public Statement apply(Statement base, FrameworkMethod method, Object target) {
         try {
             RestTemplate client = new RestTemplate();
-            client.getForEntity(new UriTemplate(getUrl("/login", uaaPort)).toString(), String.class);
+            client.getForEntity(new UriTemplate(getUrl("/uaa/login", uaaPort)).toString(), String.class);
             client.getForEntity(new UriTemplate(getUrl("/api/index.html")).toString(), String.class);
             logger.debug("Basic connectivity test passed");
         } catch (RestClientException e) {

diff --git a/samples/app/README.md b/samples/app/README.md
@@ -9,7 +9,7 @@ resources in the API service.  Run it with `./gradlew run` from the
 The application can operate in multiple different profiles according
 to the location (and presence) of the UAA server and the Login
 application.  By default it will look for a UAA on
-`localhost:8080`, but you can change this by setting an
+`localhost:8080/uaa`, but you can change this by setting an
 environment variable (or System property) called `UAA_PROFILE`.  In
 the application source code (`samples/app/src/main/resources`) you will find
 multiple properties files pre-configured with different likely

diff --git a/samples/app/src/main/java/org/cloudfoundry/identity/app/web/HomeController.java b/samples/app/src/main/java/org/cloudfoundry/identity/app/web/HomeController.java
@@ -22,7 +22,7 @@
 @Controller
 public class HomeController {
 
-    private String userAuthorizationUri = "http://localhost:8080/oauth/authorize";
+    private String userAuthorizationUri = "http://localhost:8080/uaa/oauth/authorize";
 
     private String dataUri = "http://localhost:8080/api/apps";
 

diff --git a/samples/app/src/main/resources/application-local-vcap.properties b/samples/app/src/main/resources/application-local-vcap.properties
@@ -14,9 +14,9 @@
 
 userInfoUri=http://uaa.vcap.me/userinfo
 checkTokenUrl=http://uaa.vcap.me/check_token
-accessTokenUri=http://localhost:8080/oauth/token
-userAuthorizationUri=http://localhost:8080/oauth/authorize
-approvalsUri=http://localhost:8080/approvals
+accessTokenUri=http://localhost:8080/uaa/oauth/token
+userAuthorizationUri=http://localhost:8080/uaa/oauth/authorize
+approvalsUri=http://localhost:8080/uaa/approvals
 treeUrlPattern=http://api.vcap.me/{type}
 dataUri=http://api.vcap.me/apps
-cloudFoundryLogoutUrl=http://localhost:8080/logout.do
+cloudFoundryLogoutUrl=http://localhost:8080/uaa/logout.do
diff --git a/samples/app/src/main/resources/application-local.properties b/samples/app/src/main/resources/application-local.properties
@@ -12,11 +12,11 @@
 ###############################################################################
 
 
-userInfoUri=http://localhost:8080/userinfo
-checkTokenUrl=http://localhost:8080/check_token
-accessTokenUri=http://localhost:8080/oauth/token
-userAuthorizationUri=http://localhost:8080/oauth/authorize
-approvalsUri=http://localhost:8080/approvals
+userInfoUri=http://localhost:8080/uaa/userinfo
+checkTokenUrl=http://localhost:8080/uaa/check_token
+accessTokenUri=http://localhost:8080/uaa/oauth/token
+userAuthorizationUri=http://localhost:8080/uaa/oauth/authorize
+approvalsUri=http://localhost:8080/uaa/approvals
 treeUrlPattern=http://localhost:8080/api/{type}
 dataUri=http://localhost:8080/api/apps
-cloudFoundryLogoutUrl=http://localhost:8080/logout.do
+cloudFoundryLogoutUrl=http://localhost:8080/uaa/logout.do
diff --git a/samples/app/src/main/resources/application-ruby-local.properties b/samples/app/src/main/resources/application-ruby-local.properties
@@ -12,9 +12,9 @@
 ###############################################################################
 
 
-userInfoUri=http://localhost:8080/userinfo
-checkTokenUrl=http://localhost:8080/check_token
-accessTokenUri=http://localhost:8080/oauth/token
+userInfoUri=http://localhost:8080/uaa/userinfo
+checkTokenUrl=http://localhost:8080/uaa/check_token
+accessTokenUri=http://localhost:8080/uaa/oauth/token
 userAuthorizationUri=http://localhost:3000/oauth/authorize
 approvalsUri=http://localhost:3000/approvals
 treeUrlPattern=http://localhost:8080/api/{type}

diff --git a/samples/app/src/main/resources/application.properties b/samples/app/src/main/resources/application.properties
@@ -12,11 +12,11 @@
 ###############################################################################
 
 
-userInfoUri=http://localhost:8080/userinfo
-checkTokenUrl=http://localhost:8080/check_token
-accessTokenUri=http://localhost:8080/oauth/token
-approvalsUri=http://localhost:8080/approvals
-userAuthorizationUri=http://localhost:8080/oauth/authorize
+userInfoUri=http://localhost:8080/uaa/userinfo
+checkTokenUrl=http://localhost:8080/uaa/check_token
+accessTokenUri=http://localhost:8080/uaa/oauth/token
+approvalsUri=http://localhost:8080/uaa/approvals
+userAuthorizationUri=http://localhost:8080/uaa/oauth/authorize
 treeUrlPattern=http://localhost:8080/api/{type}
 dataUri=http://localhost:8080/api/apps
-cloudFoundryLogoutUrl=http://localhost:8080/logout.do
+cloudFoundryLogoutUrl=http://localhost:8080/uaa/logout.do
diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/home/BuildInfo.java b/server/src/main/java/org/cloudfoundry/identity/uaa/home/BuildInfo.java
@@ -15,7 +15,7 @@
 public class BuildInfo implements InitializingBean {
     private final Logger logger = LoggerFactory.getLogger(getClass());
 
-    @Value("${uaa.url:http://localhost:8080}")
+    @Value("${uaa.url:http://localhost:8080/uaa}")
     private String uaaUrl;
     private String version;
     private String commitId;

diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/util/UaaUrlUtils.java b/server/src/main/java/org/cloudfoundry/identity/uaa/util/UaaUrlUtils.java
@@ -102,7 +102,7 @@ public static String getHostForURI(String uri) {
 
     public static String getBaseURL(HttpServletRequest request) {
         //returns scheme, host and context path
-        //for example http://localhost:8080 or http://login.uaa-acceptance.cf-app.com
+        //for example http://localhost:8080/uaa or http://login.uaa-acceptance.cf-app.com
         String requestURL = request.getRequestURL().toString();
         return hasText(request.getServletPath()) ?
                 requestURL.substring(0, requestURL.lastIndexOf(request.getServletPath())) :

diff --git a/server/src/main/resources/spring/login-ui.xml b/server/src/main/resources/spring/login-ui.xml
@@ -30,7 +30,7 @@
 
     <authentication-manager xmlns="http://www.springframework.org/schema/security"/>
 
-    <oauth:resource id="uaa" access-token-uri="${uaa.token.url:http://localhost:8080/oauth/token}"
+    <oauth:resource id="uaa" access-token-uri="${uaa.token.url:http://localhost:8080/uaa/oauth/token}"
                     client-id="login" client-secret="${LOGIN_SECRET:loginsecret}" type="client_credentials"/>
 
     <bean id="notificationsTemplate" class="org.cloudfoundry.identity.uaa.message.LocalUaaRestTemplate"/>
@@ -468,7 +468,7 @@
     <bean id="emailService" class="org.cloudfoundry.identity.uaa.message.EmailService">
         <constructor-arg index="0"
                          ref="#{T(org.springframework.util.StringUtils).hasText('${smtp.host:}') ? 'smtpJavaMailSender' : 'fakeJavaMailSender'}"/>
-        <constructor-arg index="1" value="${login.url:http://localhost:8080}"/>
+        <constructor-arg index="1" value="${login.url:http://localhost:8080/uaa}"/>
         <constructor-arg index="2" value="${smtp.from_address:}"/>
     </bean>
 

diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/ServerRunning.java b/server/src/test/java/org/cloudfoundry/identity/uaa/ServerRunning.java
@@ -91,7 +91,7 @@ public class ServerRunning implements MethodRule, RestTemplateHolder, UrlHelper
 
     private static String DEFAULT_HOST = "localhost";
 
-    private static String DEFAULT_ROOT_PATH = "/";
+    private static String DEFAULT_ROOT_PATH = "/uaa";
 
     private int port;
 

diff --git a/...udfoundry/identity/uaa/authentication/manager/PasswordGrantAuthenticationManagerTest.java b/...udfoundry/identity/uaa/authentication/manager/PasswordGrantAuthenticationManagerTest.java
@@ -96,7 +96,7 @@ void setUp() throws Exception {
         when(idp.getConfig()).thenReturn(idpConfig);
         when(idp.getType()).thenReturn(OriginKeys.OIDC10);
         when(idpConfig.isPasswordGrantEnabled()).thenReturn(true);
-        when(idpConfig.getTokenUrl()).thenReturn(new URL("http://localhost:8080/oauth/token"));
+        when(idpConfig.getTokenUrl()).thenReturn(new URL("http://localhost:8080/uaa/oauth/token"));
         when(idpConfig.getRelyingPartyId()).thenReturn("identity");
         when(idpConfig.getRelyingPartySecret()).thenReturn("identitysecret");
 
@@ -170,7 +170,7 @@ void testOIDCPasswordGrant() {
         instance.authenticate(auth);
 
         ArgumentCaptor<HttpEntity> httpEntityArgumentCaptor = ArgumentCaptor.forClass(HttpEntity.class);
-        verify(rt, times(1)).exchange(eq("http://localhost:8080/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
+        verify(rt, times(1)).exchange(eq("http://localhost:8080/uaa/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
         ArgumentCaptor<XOAuthCodeToken> tokenArgumentCaptor = ArgumentCaptor.forClass(XOAuthCodeToken.class);
         verify(xoAuthAuthenticationManager, times(1)).authenticate(tokenArgumentCaptor.capture());
         verify(zoneAwareAuthzAuthenticationManager, times(0)).authenticate(any());
@@ -222,7 +222,7 @@ void testOIDCPasswordGrantWithForwardHeader() {
         instance.authenticate(auth);
 
         ArgumentCaptor<HttpEntity> httpEntityArgumentCaptor = ArgumentCaptor.forClass(HttpEntity.class);
-        verify(rt, times(1)).exchange(eq("http://localhost:8080/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
+        verify(rt, times(1)).exchange(eq("http://localhost:8080/uaa/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
         ArgumentCaptor<XOAuthCodeToken> tokenArgumentCaptor = ArgumentCaptor.forClass(XOAuthCodeToken.class);
         verify(xoAuthAuthenticationManager, times(1)).authenticate(tokenArgumentCaptor.capture());
         verify(zoneAwareAuthzAuthenticationManager, times(0)).authenticate(any());
@@ -471,7 +471,7 @@ void testOIDCPasswordGrantWithPrompts() {
         instance.authenticate(auth);
 
         ArgumentCaptor<HttpEntity> httpEntityArgumentCaptor = ArgumentCaptor.forClass(HttpEntity.class);
-        verify(rt, times(1)).exchange(eq("http://localhost:8080/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
+        verify(rt, times(1)).exchange(eq("http://localhost:8080/uaa/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
         ArgumentCaptor<XOAuthCodeToken> tokenArgumentCaptor = ArgumentCaptor.forClass(XOAuthCodeToken.class);
         verify(xoAuthAuthenticationManager, times(1)).authenticate(tokenArgumentCaptor.capture());
         verify(zoneAwareAuthzAuthenticationManager, times(0)).authenticate(any());
@@ -601,7 +601,7 @@ void testOIDCPasswordGrant_NoLoginHintWithDefaultOIDC() {
         instance.authenticate(auth);
 
         ArgumentCaptor<HttpEntity> httpEntityArgumentCaptor = ArgumentCaptor.forClass(HttpEntity.class);
-        verify(rt, times(1)).exchange(eq("http://localhost:8080/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
+        verify(rt, times(1)).exchange(eq("http://localhost:8080/uaa/oauth/token"), eq(HttpMethod.POST), httpEntityArgumentCaptor.capture(),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
         ArgumentCaptor<XOAuthCodeToken> tokenArgumentCaptor = ArgumentCaptor.forClass(XOAuthCodeToken.class);
         verify(xoAuthAuthenticationManager, times(1)).authenticate(tokenArgumentCaptor.capture());
         verify(zoneAwareAuthzAuthenticationManager, times(0)).authenticate(any());
@@ -647,7 +647,7 @@ void testOIDCPasswordGrant_LoginHintOidcOverridesDefaultUaa() {
 
         instance.authenticate(auth);
 
-        verify(rt, times(1)).exchange(eq("http://localhost:8080/oauth/token"), eq(HttpMethod.POST), any(HttpEntity.class),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
+        verify(rt, times(1)).exchange(eq("http://localhost:8080/uaa/oauth/token"), eq(HttpMethod.POST), any(HttpEntity.class),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
         verify(xoAuthAuthenticationManager, times(1)).authenticate(any(XOAuthCodeToken.class));
         verify(zoneAwareAuthzAuthenticationManager, times(0)).authenticate(any());
     }
@@ -691,7 +691,7 @@ void testOIDCPasswordGrant_NoLoginHintDefaultNotAllowedSingleIdpOIDC() {
 
         instance.authenticate(auth);
 
-        verify(rt, times(1)).exchange(eq("http://localhost:8080/oauth/token"), eq(HttpMethod.POST), any(HttpEntity.class),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
+        verify(rt, times(1)).exchange(eq("http://localhost:8080/uaa/oauth/token"), eq(HttpMethod.POST), any(HttpEntity.class),eq(new ParameterizedTypeReference<Map<String,String>>(){}));
         verify(xoAuthAuthenticationManager, times(1)).authenticate(any(XOAuthCodeToken.class));
         verify(zoneAwareAuthzAuthenticationManager, times(0)).authenticate(any());
     }