use of com.auth0.json.mgmt.Scope in project ddf by codice.
the class TestOidc method testCodeFlowLogin.
// --------------------------Code Flow Tests--------------------------//
@Test
public void testCodeFlowLogin() throws Exception {
Map<String, String> initialResponseParams = sendInitialRequest(CODE);
assertThat(initialResponseParams.get(SCOPE), is(DDF_SCOPE));
assertThat(initialResponseParams.get(RESPONSE_TYPE), is(CODE));
assertThat(initialResponseParams.get(CLIENT_ID), is(DDF_CLIENT_ID));
assertTrue(initialResponseParams.containsKey(REDIRECT_URI));
// recommended by spec
assertTrue(initialResponseParams.containsKey(STATE));
// optional but sent in DDF
assertTrue(initialResponseParams.containsKey(RESPONSE_MODE));
// optional but sent in DDF
assertTrue(initialResponseParams.containsKey(NONCE));
// Add token endpoint information to stub server
String basicAuthHeader = "Basic " + java.util.Base64.getEncoder().encodeToString((DDF_CLIENT_ID + ":" + DDF_CLIENT_SECRET).getBytes(StandardCharsets.UTF_8));
String validIdToken = getBaseIdTokenBuilder().withClaim(NONCE, initialResponseParams.get(NONCE)).sign(validAlgorithm);
String validAccessToken = createAccessToken(true);
String tokenEndpointResponse = createTokenEndpointResponse(validIdToken, validAccessToken);
whenHttp(server).match(post(TOKEN_ENDPOINT_PATH), parameter(CODE, TEMPORARY_CODE), parameter("grant_type", "authorization_code"), withHeader(AUTHORIZATION, basicAuthHeader)).then(ok(), contentType(APPLICATION_JSON), bytesContent(tokenEndpointResponse.getBytes()));
// Respond to request after user logged in with the temporary code
Response searchResponse = given().cookie(JSESSIONID, initialResponseParams.get(JSESSIONID)).header(USER_AGENT, BROWSER_USER_AGENT).header(HOST, "localhost:" + HTTPS_PORT.getPort()).header("Origin", URL_START.toString()).param(CODE, TEMPORARY_CODE).param(STATE, initialResponseParams.get(STATE)).redirects().follow(false).expect().statusCode(200).when().post(initialResponseParams.get(REDIRECT_URI));
// Verify that the stub server was hit
List<Call> tokenEndpointCalls = server.getCalls().stream().filter(call -> call.getUrl().equals(URL_START + TOKEN_ENDPOINT_PATH)).collect(Collectors.toList());
assertThat(tokenEndpointCalls.size(), is(1));
// Verify that we're logged in as admin
Map<String, Object> userInfoList = getUserInfo(initialResponseParams.get(JSESSIONID));
assertThat(userInfoList.get("name"), is(ADMIN));
logout(initialResponseParams.get(JSESSIONID));
}
use of com.auth0.json.mgmt.Scope in project auth0-java by auth0.
the class OrganizationsEntity method deleteRoles.
/**
* Delete roles from a member of an organization. A token with {@code delete:organization_member_roles} scope is required.
*
* @param orgId the ID of the organization
* @param userId the ID of the user
* @param roles the roles to delete
* @return a Request to execute
*
* @see <a href="https://auth0.com/docs/api/management/v2#!/Organizations/delete_organization_member_roles">https://auth0.com/docs/api/management/v2#!/Organizations/delete_organization_member_roles</a>
*/
public Request<Void> deleteRoles(String orgId, String userId, Roles roles) {
Asserts.assertNotNull(orgId, "organization ID");
Asserts.assertNotNull(userId, "user ID");
Asserts.assertNotNull(roles, "roles");
String url = baseUrl.newBuilder().addPathSegments(ORGS_PATH).addPathSegment(orgId).addPathSegment("members").addPathSegment(userId).addPathSegment("roles").build().toString();
VoidRequest request = new VoidRequest(client, url, "DELETE");
request.addHeader(AUTHORIZATION_HEADER, "Bearer " + apiToken);
request.setBody(roles);
return request;
}
use of com.auth0.json.mgmt.Scope in project auth0-java by auth0.
the class OrganizationsEntity method delete.
/**
* Delete an organization. A token with {@code delete:organizations} scope is required.
*
* @param orgId the ID of the organization to delete
* @return a Request to execute
*
* @see <a href="https://auth0.com/docs/api/management/v2#!/Organizations/delete_organizations_by_id">https://auth0.com/docs/api/management/v2#!/Organizations/delete_organizations_by_id</a>
*/
public Request<Void> delete(String orgId) {
Asserts.assertNotNull(orgId, "organization ID");
String url = baseUrl.newBuilder().addPathSegments(ORGS_PATH).addPathSegment(orgId).build().toString();
VoidRequest voidRequest = new VoidRequest(client, url, "DELETE");
voidRequest.addHeader(AUTHORIZATION_HEADER, "Bearer " + apiToken);
return voidRequest;
}
use of com.auth0.json.mgmt.Scope in project auth0-java by auth0.
the class OrganizationsEntity method addRoles.
/**
* Add roles for a member of an organization. A token with {@code create:organization_member_roles} scope is required.
*
* @param orgId the ID of the organization
* @param userId the ID of the user
* @param roles the roles to add
* @return a Request to execute
*
* @see <a href="https://auth0.com/docs/api/management/v2#!/Organizations/post_organization_member_roles">https://auth0.com/docs/api/management/v2#!/Organizations/post_organization_member_roles</a>
*/
public Request<Void> addRoles(String orgId, String userId, Roles roles) {
Asserts.assertNotNull(orgId, "organization ID");
Asserts.assertNotNull(userId, "user ID");
Asserts.assertNotNull(roles, "roles");
String url = baseUrl.newBuilder().addPathSegments(ORGS_PATH).addPathSegment(orgId).addPathSegment("members").addPathSegment(userId).addPathSegment("roles").build().toString();
VoidRequest request = new VoidRequest(client, url, "POST");
request.addHeader(AUTHORIZATION_HEADER, "Bearer " + apiToken);
request.setBody(roles);
return request;
}
use of com.auth0.json.mgmt.Scope in project auth0-java by auth0.
the class RolesEntity method delete.
/**
* Delete an existing Role.
* A token with scope delete:roles is needed.
* See https://auth0.com/docs/api/management/v2#!/Roles/delete_roles_by_id
*
* @param roleId The id of the role to delete.
* @return a Request to execute.
*/
public Request<Void> delete(String roleId) {
Asserts.assertNotNull(roleId, "role id");
final String url = baseUrl.newBuilder().addEncodedPathSegments("api/v2/roles").addEncodedPathSegments(roleId).build().toString();
VoidRequest request = new VoidRequest(this.client, url, "DELETE");
request.addHeader("Authorization", "Bearer " + apiToken);
return request;
}
Aggregations