Example 6 with AuthAPI
use of com.auth0.client.auth.AuthAPI in project auth0-java-mvc-common by auth0.
the class RequestProcessorTest method shouldNotSetNonceIfRequestTypeIsNotIdToken.
@Test
public void shouldNotSetNonceIfRequestTypeIsNotIdToken() {
AuthAPI client = new AuthAPI("me.auth0.com", "clientId", "clientSecret");
RequestProcessor handler = new RequestProcessor.Builder(client, "code", verifyOptions).build();
HttpServletRequest request = new MockHttpServletRequest();
AuthorizeUrl builder = handler.buildAuthorizeUrl(request, response, "https://redirect.uri/here", "state", "nonce");
String authorizeUrl = builder.build();
assertThat(authorizeUrl, is(notNullValue()));
assertThat(authorizeUrl, not(containsString("nonce=nonce")));
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthAPI(com.auth0.client.auth.AuthAPI)
Test(org.junit.jupiter.api.Test)
Example 7 with AuthAPI
use of com.auth0.client.auth.AuthAPI in project auth0-java-mvc-common by auth0.
the class RequestProcessorTest method shouldSetNonceIfRequestTypeIsIdToken.
@Test
public void shouldSetNonceIfRequestTypeIsIdToken() {
AuthAPI client = new AuthAPI("me.auth0.com", "clientId", "clientSecret");
RequestProcessor handler = new RequestProcessor.Builder(client, "id_token", verifyOptions).build();
HttpServletRequest request = new MockHttpServletRequest();
AuthorizeUrl builder = handler.buildAuthorizeUrl(request, response, "https://redirect.uri/here", "state", "nonce");
String authorizeUrl = builder.build();
assertThat(authorizeUrl, is(notNullValue()));
assertThat(authorizeUrl, containsString("nonce=nonce"));
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthAPI(com.auth0.client.auth.AuthAPI)
Test(org.junit.jupiter.api.Test)
Example 8 with AuthAPI
use of com.auth0.client.auth.AuthAPI in project auth0-java-mvc-common by auth0.
the class RequestProcessorTest method shouldBuildAuthorizeUrl.
@Test
public void shouldBuildAuthorizeUrl() {
AuthAPI client = new AuthAPI("me.auth0.com", "clientId", "clientSecret");
SignatureVerifier signatureVerifier = mock(SignatureVerifier.class);
IdTokenVerifier.Options verifyOptions = new IdTokenVerifier.Options("issuer", "audience", signatureVerifier);
RequestProcessor handler = new RequestProcessor.Builder(client, "code", verifyOptions).build();
HttpServletRequest request = new MockHttpServletRequest();
AuthorizeUrl builder = handler.buildAuthorizeUrl(request, response, "https://redirect.uri/here", "state", "nonce");
String authorizeUrl = builder.build();
assertThat(authorizeUrl, is(notNullValue()));
assertThat(authorizeUrl, CoreMatchers.startsWith("https://me.auth0.com/authorize?"));
assertThat(authorizeUrl, containsString("client_id=clientId"));
assertThat(authorizeUrl, containsString("redirect_uri=https://redirect.uri/here"));
assertThat(authorizeUrl, containsString("response_type=code"));
assertThat(authorizeUrl, containsString("scope=openid"));
assertThat(authorizeUrl, containsString("state=state"));
assertThat(authorizeUrl, not(containsString("max_age=")));
assertThat(authorizeUrl, not(containsString("nonce=nonce")));
assertThat(authorizeUrl, not(containsString("response_mode=form_post")));
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthAPI(com.auth0.client.auth.AuthAPI)
Test(org.junit.jupiter.api.Test)
Example 9 with AuthAPI
use of com.auth0.client.auth.AuthAPI in project auth0-java-mvc-common by auth0.
the class RequestProcessorTest method shouldBuildAuthorizeUrlWithNonceAndFormPostIfResponseTypeIsIdToken.
@Test
public void shouldBuildAuthorizeUrlWithNonceAndFormPostIfResponseTypeIsIdToken() {
AuthAPI client = new AuthAPI("me.auth0.com", "clientId", "clientSecret");
RequestProcessor handler = new RequestProcessor.Builder(client, "id_token", verifyOptions).build();
HttpServletRequest request = new MockHttpServletRequest();
AuthorizeUrl builder = handler.buildAuthorizeUrl(request, response, "https://redirect.uri/here", "state", "nonce");
String authorizeUrl = builder.build();
assertThat(authorizeUrl, is(notNullValue()));
assertThat(authorizeUrl, CoreMatchers.startsWith("https://me.auth0.com/authorize?"));
assertThat(authorizeUrl, containsString("client_id=clientId"));
assertThat(authorizeUrl, containsString("redirect_uri=https://redirect.uri/here"));
assertThat(authorizeUrl, containsString("response_type=id_token"));
assertThat(authorizeUrl, containsString("scope=openid"));
assertThat(authorizeUrl, containsString("state=state"));
assertThat(authorizeUrl, containsString("nonce=nonce"));
assertThat(authorizeUrl, containsString("response_mode=form_post"));
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthAPI(com.auth0.client.auth.AuthAPI)
Test(org.junit.jupiter.api.Test)
Example 10 with AuthAPI
use of com.auth0.client.auth.AuthAPI in project CollectiveOneWebapp by CollectiveOne.
the class TestElementOrder method setUp.
@SuppressWarnings("serial")
@Before
public void setUp() throws Exception {
AuthAPI auth = new AuthAPI(auth0Domain, clientId, clientSecret);
AuthRequest request = auth.login(testEmail1, testPwd1).setScope("openid contacts");
try {
TokenHolder holder = request.execute();
authorizationTokenUser1 = holder.getIdToken();
} catch (APIException exception) {
System.out.println(exception);
} catch (Auth0Exception exception) {
System.out.println(exception);
}
MvcResult result = this.mockMvc.perform(get("/1/user/myProfile").header("Authorization", "Bearer " + authorizationTokenUser1)).andReturn();
assertEquals("error in http request: " + result.getResponse().getErrorMessage(), 200, result.getResponse().getStatus());
GetResult<AppUserDto> getResultUser = gson.fromJson(result.getResponse().getContentAsString(), new TypeToken<GetResult<AppUserDto>>() {
}.getType());
user1 = getResultUser.getData();
logger.debug("Test user created:" + result.getResponse().getContentAsString());
request = auth.login(testEmail2, testPwd2).setScope("openid contacts");
try {
TokenHolder holder = request.execute();
authorizationTokenUser2 = holder.getIdToken();
} catch (APIException exception) {
System.out.println(exception);
} catch (Auth0Exception exception) {
System.out.println(exception);
}
result = this.mockMvc.perform(get("/1/user/myProfile").header("Authorization", "Bearer " + authorizationTokenUser2)).andReturn();
assertEquals("error in http request: " + result.getResponse().getErrorMessage(), 200, result.getResponse().getStatus());
getResultUser = gson.fromJson(result.getResponse().getContentAsString(), new TypeToken<GetResult<AppUserDto>>() {
}.getType());
user2 = getResultUser.getData();
logger.debug("Test user created: " + result.getResponse().getContentAsString());
/**
* create initiative
*/
NewInitiativeDto initiativeDto = new NewInitiativeDto(initiativeName, "");
MemberDto member = new MemberDto();
member.setRole("ADMIN");
member.setUser(user1);
initiativeDto.getMembers().add(member);
result = this.mockMvc.perform(post("/1/initiative/create").header("Authorization", "Bearer " + authorizationTokenUser1).contentType(MediaType.APPLICATION_JSON).content(gson.toJson(initiativeDto))).andReturn();
assertEquals("error in http request: " + result.getResponse().getErrorMessage(), 200, result.getResponse().getStatus());
PostResult postResult = gson.fromJson(result.getResponse().getContentAsString(), PostResult.class);
initiativeId = postResult.getElementId();
logger.debug("Initiative created: " + initiativeId);
result = this.mockMvc.perform(get("/1/initiative/" + initiativeId).header("Authorization", "Bearer " + authorizationTokenUser1)).andReturn();
GetResult<InitiativeDto> getResultInit = gson.fromJson(result.getResponse().getContentAsString(), new TypeToken<GetResult<InitiativeDto>>() {
}.getType());
initiative = getResultInit.getData();
logger.debug("Initiative retrieved: " + result.getResponse().getContentAsString());
}
Also used :
AuthRequest(com.auth0.net.AuthRequest)
NewInitiativeDto(org.collectiveone.modules.initiatives.dto.NewInitiativeDto)
GetResult(org.collectiveone.common.dto.GetResult)
NewInitiativeDto(org.collectiveone.modules.initiatives.dto.NewInitiativeDto)
InitiativeDto(org.collectiveone.modules.initiatives.dto.InitiativeDto)
Auth0Exception(com.auth0.exception.Auth0Exception)
TokenHolder(com.auth0.json.auth.TokenHolder)
MvcResult(org.springframework.test.web.servlet.MvcResult)
PostResult(org.collectiveone.common.dto.PostResult)
APIException(com.auth0.exception.APIException)
TypeToken(com.google.common.reflect.TypeToken)
MemberDto(org.collectiveone.modules.initiatives.dto.MemberDto)
AuthAPI(com.auth0.client.auth.AuthAPI)
AppUserDto(org.collectiveone.modules.users.AppUserDto)
Before(org.junit.Before)
Aggregations
AuthAPI (com.auth0.client.auth.AuthAPI)12
HttpOptions (com.auth0.client.HttpOptions)11
Test (org.junit.Test)11
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)8
HttpServletRequest (javax.servlet.http.HttpServletRequest)7
Test (org.junit.jupiter.api.Test)7
LoggingOptions (com.auth0.client.LoggingOptions)4
HttpLoggingInterceptor (okhttp3.logging.HttpLoggingInterceptor)4
ProxyOptions (com.auth0.client.ProxyOptions)3
Proxy (java.net.Proxy)3
okhttp3 (okhttp3)3
UserInfo (com.auth0.json.auth.UserInfo)2
AuthRequest (com.auth0.net.AuthRequest)2
Request (com.auth0.net.Request)2
RecordedRequest (okhttp3.mockwebserver.RecordedRequest)2
Before (org.junit.Before)2
MockServer (com.auth0.client.MockServer)1
APIException (com.auth0.exception.APIException)1
Auth0Exception (com.auth0.exception.Auth0Exception)1
TokenHolder (com.auth0.json.auth.TokenHolder)1
