Example 1 with ClientSecretJWT
use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.
the class TokenEndpointTest method clientSecretJwtAuthorizationExpired.
@Test
public void clientSecretJwtAuthorizationExpired() throws IOException, JOSEException {
ClientSecretJWT clientSecretJWT = clientSecretJWT("rp-jwt-authentication", "http://localhost:8080/oidc/token", "very-long-long-long-long-long-secret", new Date(new Date().getTime() - 5 * 60 * 1000L));
Map<String, Object> res = doJwtAuthenticationAuthorization(clientSecretJWT);
assertEquals(400, res.get("status"));
assertEquals("invalid_grant", res.get("error"));
assertEquals("Expired claims", res.get("error_description"));
}
Also used :
ClientSecretJWT(com.nimbusds.oauth2.sdk.auth.ClientSecretJWT)
AbstractIntegrationTest(oidc.AbstractIntegrationTest)
Test(org.junit.Test)
SignedJWTTest(oidc.secure.SignedJWTTest)
Example 2 with ClientSecretJWT
use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.
the class TokenEndpointTest method clientSecretJwtAuthorizationInvalidAudience.
@Test
public void clientSecretJwtAuthorizationInvalidAudience() throws IOException, JOSEException {
ClientSecretJWT clientSecretJWT = clientSecretJWT("rp-jwt-authentication", "http://nope", "very-long-long-long-long-long-secret", new Date(new Date().getTime() + 5 * 60 * 1000L));
Map<String, Object> res = doJwtAuthenticationAuthorization(clientSecretJWT);
assertEquals(400, res.get("status"));
assertEquals("invalid_grant", res.get("error"));
assertEquals("Invalid audience", res.get("error_description"));
}
Also used :
ClientSecretJWT(com.nimbusds.oauth2.sdk.auth.ClientSecretJWT)
AbstractIntegrationTest(oidc.AbstractIntegrationTest)
Test(org.junit.Test)
SignedJWTTest(oidc.secure.SignedJWTTest)
Example 3 with ClientSecretJWT
use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.
the class TokenEndpointTest method clientSecretJWT.
private ClientSecretJWT clientSecretJWT(String issuer, String tokenEndPoint, String secret, Date expiration) throws JOSEException {
// Issuer and subject in client JWT assertion must designate the same client identifier
JWTAssertionDetails jwtAssertionDetails = new JWTAssertionDetails(new Issuer(issuer), new Subject(issuer), Audience.create(tokenEndPoint), expiration, null, null, null, null);
SignedJWT signedJWT = JWTAssertionFactory.create(jwtAssertionDetails, JWSAlgorithm.HS256, new Secret(secret));
return new ClientSecretJWT(signedJWT);
}
Also used :
Secret(com.nimbusds.oauth2.sdk.auth.Secret)
Issuer(com.nimbusds.oauth2.sdk.id.Issuer)
ClientSecretJWT(com.nimbusds.oauth2.sdk.auth.ClientSecretJWT)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWTAssertionDetails(com.nimbusds.oauth2.sdk.assertions.jwt.JWTAssertionDetails)
Subject(com.nimbusds.oauth2.sdk.id.Subject)
Aggregations
ClientSecretJWT (com.nimbusds.oauth2.sdk.auth.ClientSecretJWT)3
AbstractIntegrationTest (oidc.AbstractIntegrationTest)2
SignedJWTTest (oidc.secure.SignedJWTTest)2
Test (org.junit.Test)2
SignedJWT (com.nimbusds.jwt.SignedJWT)1
JWTAssertionDetails (com.nimbusds.oauth2.sdk.assertions.jwt.JWTAssertionDetails)1
Secret (com.nimbusds.oauth2.sdk.auth.Secret)1
Issuer (com.nimbusds.oauth2.sdk.id.Issuer)1
Subject (com.nimbusds.oauth2.sdk.id.Subject)1
