Examples with Client com.auth0.json.mgmt.client.Client used on opensource projects

Search in sources :

Example 51 with Client

use of com.auth0.json.mgmt.client.Client in project auth0-java-mvc-common by auth0.

the class RequestProcessorTest method shouldBuildAuthorizeUrl.

@Test
public void shouldBuildAuthorizeUrl() {
    AuthAPI client = new AuthAPI("me.auth0.com", "clientId", "clientSecret");
    SignatureVerifier signatureVerifier = mock(SignatureVerifier.class);
    IdTokenVerifier.Options verifyOptions = new IdTokenVerifier.Options("issuer", "audience", signatureVerifier);
    RequestProcessor handler = new RequestProcessor.Builder(client, "code", verifyOptions).build();
    HttpServletRequest request = new MockHttpServletRequest();
    AuthorizeUrl builder = handler.buildAuthorizeUrl(request, response, "https://redirect.uri/here", "state", "nonce");
    String authorizeUrl = builder.build();
    assertThat(authorizeUrl, is(notNullValue()));
    assertThat(authorizeUrl, CoreMatchers.startsWith("https://me.auth0.com/authorize?"));
    assertThat(authorizeUrl, containsString("client_id=clientId"));
    assertThat(authorizeUrl, containsString("redirect_uri=https://redirect.uri/here"));
    assertThat(authorizeUrl, containsString("response_type=code"));
    assertThat(authorizeUrl, containsString("scope=openid"));
    assertThat(authorizeUrl, containsString("state=state"));
    assertThat(authorizeUrl, not(containsString("max_age=")));
    assertThat(authorizeUrl, not(containsString("nonce=nonce")));
    assertThat(authorizeUrl, not(containsString("response_mode=form_post")));
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AuthAPI(com.auth0.client.auth.AuthAPI) Test(org.junit.jupiter.api.Test)

Example 52 with Client

use of com.auth0.json.mgmt.client.Client in project auth0-java-mvc-common by auth0.

the class RequestProcessorTest method shouldThrowOnProcessIfCodeRequestFailsToExecuteCodeExchange.

@Test
public void shouldThrowOnProcessIfCodeRequestFailsToExecuteCodeExchange() throws Exception {
    Map<String, Object> params = new HashMap<>();
    params.put("code", "abc123");
    params.put("state", "1234");
    MockHttpServletRequest request = getRequest(params);
    request.setCookies(new Cookie("com.auth0.state", "1234"));
    TokenRequest codeExchangeRequest = mock(TokenRequest.class);
    when(codeExchangeRequest.execute()).thenThrow(Auth0Exception.class);
    when(client.exchangeCode("abc123", "https://me.auth0.com:80/callback")).thenReturn(codeExchangeRequest);
    RequestProcessor handler = new RequestProcessor.Builder(client, "code", verifyOptions).withIdTokenVerifier(tokenVerifier).build();
    IdentityVerificationException e = assertThrows(IdentityVerificationException.class, () -> handler.process(request, response));
    assertThat(e, IdentityVerificationExceptionMatcher.hasCode("a0.api_error"));
    assertEquals("An error occurred while exchanging the authorization code.", e.getMessage());
}
Also used : Cookie(javax.servlet.http.Cookie) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TokenRequest(com.auth0.net.TokenRequest) Test(org.junit.jupiter.api.Test)

Example 53 with Client

use of com.auth0.json.mgmt.client.Client in project auth0-java-mvc-common by auth0.

the class RequestProcessorTest method shouldBuildAuthorizeUrlWithNonceAndFormPostIfResponseTypeIsIdToken.

@Test
public void shouldBuildAuthorizeUrlWithNonceAndFormPostIfResponseTypeIsIdToken() {
    AuthAPI client = new AuthAPI("me.auth0.com", "clientId", "clientSecret");
    RequestProcessor handler = new RequestProcessor.Builder(client, "id_token", verifyOptions).build();
    HttpServletRequest request = new MockHttpServletRequest();
    AuthorizeUrl builder = handler.buildAuthorizeUrl(request, response, "https://redirect.uri/here", "state", "nonce");
    String authorizeUrl = builder.build();
    assertThat(authorizeUrl, is(notNullValue()));
    assertThat(authorizeUrl, CoreMatchers.startsWith("https://me.auth0.com/authorize?"));
    assertThat(authorizeUrl, containsString("client_id=clientId"));
    assertThat(authorizeUrl, containsString("redirect_uri=https://redirect.uri/here"));
    assertThat(authorizeUrl, containsString("response_type=id_token"));
    assertThat(authorizeUrl, containsString("scope=openid"));
    assertThat(authorizeUrl, containsString("state=state"));
    assertThat(authorizeUrl, containsString("nonce=nonce"));
    assertThat(authorizeUrl, containsString("response_mode=form_post"));
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) AuthAPI(com.auth0.client.auth.AuthAPI) Test(org.junit.jupiter.api.Test)

Example 54 with Client

use of com.auth0.json.mgmt.client.Client in project GCAuth-OAuth by Xtao-Team.

the class VerifyHandler method handle.

public static void handle(Request req, Response res) {
    VerifyJson request = req.body(VerifyJson.class);
    LoginResultJson responseData = new LoginResultJson();
    DecodedJWT jwt = parse.deToken(request.access_token);
    Account account = null;
    if (jwt != null) {
        account = Authentication.getAccountByOneTimeToken(jwt.getClaim("token").asString());
    }
    // Login
    if (account == null) {
        Grasscutter.getLogger().info("[GCAuth] Client " + req.ip() + " failed to log in");
        responseData.retcode = -201;
        responseData.message = "Token is invalid";
        res.send(responseData);
        return;
    }
    // Account was found, log the player in
    responseData.message = "OK";
    responseData.data.account.uid = account.getId();
    responseData.data.account.token = account.generateSessionKey();
    responseData.data.account.email = account.getEmail();
    responseData.data.account.twitter_name = account.getUsername();
    Grasscutter.getLogger().info(String.format("[GCAuth] Client %s logged in as %s", req.ip(), responseData.data.account.uid));
    res.send(responseData);
}
Also used : LoginResultJson(emu.grasscutter.server.http.objects.LoginResultJson) Account(emu.grasscutter.game.Account) VerifyJson(com.xtaolabs.gcauth_oauth.json.VerifyJson) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 55 with Client

use of com.auth0.json.mgmt.client.Client in project commons by mosip.

the class TokenHandlerUtil method isValidBearerToken.

/**
 * Validates the token offline based on the Oauth2 standards.
 *
 * @param accessToken
 *            - Bearer token
 * @param issuerUrl
 *            - issuer URL to be read from the properties,
 * @param clientId
 *            - client Id to be read from the properties
 * @return Boolean
 */
public static boolean isValidBearerToken(String accessToken, String issuerUrl, String clientId) {
    try {
        DecodedJWT decodedJWT = decodedTokens.get(accessToken);
        if (decodedJWT == null) {
            decodedJWT = JWT.decode(accessToken);
            decodedTokens.put(accessToken, decodedJWT);
        }
        Map<String, Claim> claims = decodedJWT.getClaims();
        LocalDateTime expiryTime = DateUtils.convertUTCToLocalDateTime(DateUtils.getUTCTimeFromDate(decodedJWT.getExpiresAt()));
        if (!decodedJWT.getIssuer().equals(issuerUrl)) {
            return false;
        } else if (!DateUtils.before(DateUtils.getUTCCurrentDateTime(), expiryTime)) {
            return false;
        } else if (!claims.get("clientId").asString().equals(clientId)) {
            return false;
        } else {
            return true;
        }
    } catch (JWTDecodeException e) {
        LOGGER.error("JWT DECODE EXCEPTION ::".concat(e.getMessage()).concat(ExceptionUtils.getStackTrace(e)));
        return false;
    } catch (Exception e) {
        LOGGER.error(e.getMessage().concat(ExceptionUtils.getStackTrace(e)));
        return false;
    }
}
Also used : LocalDateTime(java.time.LocalDateTime) JWTDecodeException(com.auth0.jwt.exceptions.JWTDecodeException) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim) JWTDecodeException(com.auth0.jwt.exceptions.JWTDecodeException)

Aggregations

IOException (java.io.IOException)36 APIException (com.auth0.exception.APIException)27 Auth0Exception (com.auth0.exception.Auth0Exception)27 RateLimitException (com.auth0.exception.RateLimitException)27 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)26 List (java.util.List)25 Test (org.junit.Test)25 VoidRequest (com.auth0.net.VoidRequest)24 TokenHolder (com.auth0.json.auth.TokenHolder)22 JsonParseException (com.fasterxml.jackson.core.JsonParseException)19 JsonMappingException (com.fasterxml.jackson.databind.JsonMappingException)19 ExpectedException (org.junit.rules.ExpectedException)19 RecordedMultipartRequest (com.auth0.net.multipart.RecordedMultipartRequest)16 Test (org.junit.jupiter.api.Test)14 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)14 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)13 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)9 AuthAPI (com.auth0.client.auth.AuthAPI)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 OkHttpClient (okhttp3.OkHttpClient)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial