use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.
the class TokenEndpointTest method clientSecretJwtAuthorizationExpired.
@Test
public void clientSecretJwtAuthorizationExpired() throws IOException, JOSEException {
ClientSecretJWT clientSecretJWT = clientSecretJWT("rp-jwt-authentication", "http://localhost:8080/oidc/token", "very-long-long-long-long-long-secret", new Date(new Date().getTime() - 5 * 60 * 1000L));
Map<String, Object> res = doJwtAuthenticationAuthorization(clientSecretJWT);
assertEquals(400, res.get("status"));
assertEquals("invalid_grant", res.get("error"));
assertEquals("Expired claims", res.get("error_description"));
}
use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.
the class TokenEndpointTest method clientSecretJwtAuthorizationInvalidAudience.
@Test
public void clientSecretJwtAuthorizationInvalidAudience() throws IOException, JOSEException {
ClientSecretJWT clientSecretJWT = clientSecretJWT("rp-jwt-authentication", "http://nope", "very-long-long-long-long-long-secret", new Date(new Date().getTime() + 5 * 60 * 1000L));
Map<String, Object> res = doJwtAuthenticationAuthorization(clientSecretJWT);
assertEquals(400, res.get("status"));
assertEquals("invalid_grant", res.get("error"));
assertEquals("Invalid audience", res.get("error_description"));
}
use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.
the class TokenEndpointTest method clientSecretJWT.
private ClientSecretJWT clientSecretJWT(String issuer, String tokenEndPoint, String secret, Date expiration) throws JOSEException {
// Issuer and subject in client JWT assertion must designate the same client identifier
JWTAssertionDetails jwtAssertionDetails = new JWTAssertionDetails(new Issuer(issuer), new Subject(issuer), Audience.create(tokenEndPoint), expiration, null, null, null, null);
SignedJWT signedJWT = JWTAssertionFactory.create(jwtAssertionDetails, JWSAlgorithm.HS256, new Secret(secret));
return new ClientSecretJWT(signedJWT);
}
Aggregations