Examples with PairClientIDAuthMethod com.forgerock.openbanking.aspsp.as.service.PairClientIDAuthMethod used on opensource projects

Example 1 with PairClientIDAuthMethod

use of com.forgerock.openbanking.aspsp.as.service.PairClientIDAuthMethod in project openbanking-aspsp by OpenBankingToolkit.

the class AccessTokenApiControllerTest method getClientIDAuthMethod.

private PairClientIDAuthMethod getClientIDAuthMethod(TokenEndpointAuthMethods clientIdAuthMethod) {
    PairClientIDAuthMethod pairClientIDAuthMethod = new PairClientIDAuthMethod();
    pairClientIDAuthMethod.setAuthMethod(clientIdAuthMethod);
    return pairClientIDAuthMethod;
}

Example 2 with PairClientIDAuthMethod

use of com.forgerock.openbanking.aspsp.as.service.PairClientIDAuthMethod in project openbanking-aspsp by OpenBankingToolkit.

the class AccessTokenApiControllerTest method failsWhenNoClientCredentials_getAccessToken.

@Test
public void failsWhenNoClientCredentials_getAccessToken() throws OBErrorResponseException {
    // Given
    MultiValueMap<String, String> params = getParamsMap(CLIENT_CREDENTIAL);
    PairClientIDAuthMethod pairClientIDAuthMethod = getClientIDAuthMethod(TokenEndpointAuthMethods.PRIVATE_KEY_JWT);
    given(matlsRequestVerificationService.verifyMATLSMatchesRequest(params, authorization, principal)).willReturn(pairClientIDAuthMethod);
    // When
    OBErrorResponseException e = catchThrowableOfType(() -> this.accessTokenApiController.getAccessToken(params, authorization, principal, request), OBErrorResponseException.class);
    // Then
    assertThat(e).isNotNull();
    assertThat(e.getStatus()).isEqualTo(HttpStatus.UNAUTHORIZED);
    assertThat(e.getCategory()).isEqualTo(OBRIErrorResponseCategory.ACCESS_TOKEN);
}

Example 3 with PairClientIDAuthMethod

use of com.forgerock.openbanking.aspsp.as.service.PairClientIDAuthMethod in project openbanking-aspsp by OpenBankingToolkit.

the class AccessTokenApiControllerTest method failsWhenAMReturnsError_getAccessToken.

@Test
public void failsWhenAMReturnsError_getAccessToken() throws OBErrorResponseException {
    // Given
    MultiValueMap<String, String> params = getParamsMap(CLIENT_CREDENTIAL);
    PairClientIDAuthMethod pairClientIDAuthMethod = getClientIDAuthMethod(CLIENT_SECRET_BASIC);
    given(matlsRequestVerificationService.verifyMATLSMatchesRequest(params, this.authorization, this.principal)).willReturn(pairClientIDAuthMethod);
    ResponseEntity<String> responseEntity = new ResponseEntity<>(this.amErrorResponse, httpHeaders, HttpStatus.BAD_REQUEST);
    given(amGateway.toAM(request, httpHeaders, parameterizedTypeRef, params)).willReturn(responseEntity);
    // When
    OBErrorResponseException e = catchThrowableOfType(() -> this.accessTokenApiController.getAccessToken(params, authorization, principal, request), OBErrorResponseException.class);
    // Then
    assertThat(e).isNotNull();
    assertThat(e.getStatus()).isEqualTo(HttpStatus.UNAUTHORIZED);
    assertThat(e.getCategory()).isEqualTo(OBRIErrorResponseCategory.ACCESS_TOKEN);
}

Example 4 with PairClientIDAuthMethod

use of com.forgerock.openbanking.aspsp.as.service.PairClientIDAuthMethod in project openbanking-aspsp by OpenBankingToolkit.

the class AccessTokenApiControllerTest method successWithClientCredentials_getAccessToken.

@Test
public void successWithClientCredentials_getAccessToken() throws OBErrorResponseException, OBErrorException, AccessTokenReWriteException {
    // Given
    MultiValueMap<String, String> params = getParamsMap(CLIENT_CREDENTIAL);
    PairClientIDAuthMethod clientIDAndAuthMethod = getClientIDAuthMethod(CLIENT_SECRET_BASIC);
    given(matlsRequestVerificationService.verifyMATLSMatchesRequest(params, this.authorization, this.principal)).willReturn(clientIDAndAuthMethod);
    ResponseEntity<Object> responseEntity = new ResponseEntity<>(null, this.httpHeaders, HttpStatus.FOUND);
    given(amGateway.toAM(request, httpHeaders, parameterizedTypeRef, params)).willReturn(responseEntity);
    ResponseEntity<Object> modifiedResponseEntity = new ResponseEntity<>(null, this.httpHeaders, HttpStatus.OK);
    given(jwtOverridingService.rewriteAccessTokenResponseIdToken(responseEntity)).willReturn(modifiedResponseEntity);
    // When
    ResponseEntity result = this.accessTokenApiController.getAccessToken(params, this.authorization, principal, this.request);
    // Then
    assertThat(result).isNotNull();
    assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
}

Example 5 with PairClientIDAuthMethod

use of com.forgerock.openbanking.aspsp.as.service.PairClientIDAuthMethod in project openbanking-aspsp by OpenBankingToolkit.

the class AccessTokenApiControllerTest method successWithHeadlessAuth_getAccessToken.

@Test
public void successWithHeadlessAuth_getAccessToken() throws OBErrorResponseException, OBErrorException, AccessTokenReWriteException {
    // Given
    MultiValueMap<String, String> params = getParamsMap(GrantType.HEADLESS_AUTH);
    PairClientIDAuthMethod pairClientIDAuthMethod = getClientIDAuthMethod(CLIENT_SECRET_BASIC);
    given(matlsRequestVerificationService.verifyMATLSMatchesRequest(params, authorization, principal)).willReturn(pairClientIDAuthMethod);
    ResponseEntity<AccessTokenResponse> responseEntity = new ResponseEntity<>(null, httpHeaders, HttpStatus.FOUND);
    given(headLessAccessTokenService.getAccessToken(amGateway, pairClientIDAuthMethod, params, request)).willReturn(responseEntity);
    ResponseEntity<Object> modifiedResponseEntity = new ResponseEntity<>(null, httpHeaders, HttpStatus.OK);
    given(jwtOverridingService.rewriteAccessTokenResponseIdToken(responseEntity)).willReturn(modifiedResponseEntity);
    // When
    ResponseEntity result = this.accessTokenApiController.getAccessToken(params, authorization, principal, request);
    // Then
    assertThat(result).isNotNull();
    assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
}