Search in sources :

Example 1 with ClientSecretJWT

use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.

the class TokenEndpointTest method clientSecretJwtAuthorizationExpired.

@Test
public void clientSecretJwtAuthorizationExpired() throws IOException, JOSEException {
    ClientSecretJWT clientSecretJWT = clientSecretJWT("rp-jwt-authentication", "http://localhost:8080/oidc/token", "very-long-long-long-long-long-secret", new Date(new Date().getTime() - 5 * 60 * 1000L));
    Map<String, Object> res = doJwtAuthenticationAuthorization(clientSecretJWT);
    assertEquals(400, res.get("status"));
    assertEquals("invalid_grant", res.get("error"));
    assertEquals("Expired claims", res.get("error_description"));
}
Also used : ClientSecretJWT(com.nimbusds.oauth2.sdk.auth.ClientSecretJWT) AbstractIntegrationTest(oidc.AbstractIntegrationTest) Test(org.junit.Test) SignedJWTTest(oidc.secure.SignedJWTTest)

Example 2 with ClientSecretJWT

use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.

the class TokenEndpointTest method clientSecretJwtAuthorizationInvalidAudience.

@Test
public void clientSecretJwtAuthorizationInvalidAudience() throws IOException, JOSEException {
    ClientSecretJWT clientSecretJWT = clientSecretJWT("rp-jwt-authentication", "http://nope", "very-long-long-long-long-long-secret", new Date(new Date().getTime() + 5 * 60 * 1000L));
    Map<String, Object> res = doJwtAuthenticationAuthorization(clientSecretJWT);
    assertEquals(400, res.get("status"));
    assertEquals("invalid_grant", res.get("error"));
    assertEquals("Invalid audience", res.get("error_description"));
}
Also used : ClientSecretJWT(com.nimbusds.oauth2.sdk.auth.ClientSecretJWT) AbstractIntegrationTest(oidc.AbstractIntegrationTest) Test(org.junit.Test) SignedJWTTest(oidc.secure.SignedJWTTest)

Example 3 with ClientSecretJWT

use of com.nimbusds.oauth2.sdk.auth.ClientSecretJWT in project OpenConext-oidcng by OpenConext.

the class TokenEndpointTest method clientSecretJWT.

private ClientSecretJWT clientSecretJWT(String issuer, String tokenEndPoint, String secret, Date expiration) throws JOSEException {
    // Issuer and subject in client JWT assertion must designate the same client identifier
    JWTAssertionDetails jwtAssertionDetails = new JWTAssertionDetails(new Issuer(issuer), new Subject(issuer), Audience.create(tokenEndPoint), expiration, null, null, null, null);
    SignedJWT signedJWT = JWTAssertionFactory.create(jwtAssertionDetails, JWSAlgorithm.HS256, new Secret(secret));
    return new ClientSecretJWT(signedJWT);
}
Also used : Secret(com.nimbusds.oauth2.sdk.auth.Secret) Issuer(com.nimbusds.oauth2.sdk.id.Issuer) ClientSecretJWT(com.nimbusds.oauth2.sdk.auth.ClientSecretJWT) SignedJWT(com.nimbusds.jwt.SignedJWT) JWTAssertionDetails(com.nimbusds.oauth2.sdk.assertions.jwt.JWTAssertionDetails) Subject(com.nimbusds.oauth2.sdk.id.Subject)

Aggregations

ClientSecretJWT (com.nimbusds.oauth2.sdk.auth.ClientSecretJWT)3 AbstractIntegrationTest (oidc.AbstractIntegrationTest)2 SignedJWTTest (oidc.secure.SignedJWTTest)2 Test (org.junit.Test)2 SignedJWT (com.nimbusds.jwt.SignedJWT)1 JWTAssertionDetails (com.nimbusds.oauth2.sdk.assertions.jwt.JWTAssertionDetails)1 Secret (com.nimbusds.oauth2.sdk.auth.Secret)1 Issuer (com.nimbusds.oauth2.sdk.id.Issuer)1 Subject (com.nimbusds.oauth2.sdk.id.Subject)1