Search in sources :

Example 51 with AuthenticationRequest

use of com.nimbusds.openid.connect.sdk.AuthenticationRequest in project OpenConext-oidcng by OpenConext.

the class JWTRequestTest method doParse.

private void doParse(OpenIDClient client, String keyID) throws Exception {
    SignedJWT signedJWT = signedJWT(client.getClientId(), keyID, client.getRedirectUrls().get(0));
    AuthenticationRequest authenticationRequest = new AuthenticationRequest.Builder(ResponseType.getDefault(), new Scope("openid"), new ClientID(client.getClientId()), new URI("http://localhost:8080")).state(new State("old")).requestObject(signedJWT).build();
    callParse(client, authenticationRequest);
}
Also used : Scope(com.nimbusds.oauth2.sdk.Scope) State(com.nimbusds.oauth2.sdk.id.State) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) SignedJWT(com.nimbusds.jwt.SignedJWT) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) URI(java.net.URI)

Example 52 with AuthenticationRequest

use of com.nimbusds.openid.connect.sdk.AuthenticationRequest in project asgardeo-java-oidc-sdk by asgardeo.

the class OIDCRequestBuilder method buildAuthenticationRequest.

/**
 * Returns {@link io.asgardeo.java.oidc.sdk.request.model.AuthenticationRequest} Authentication request.
 * To build the authentication request, {@link OIDCAgentConfig} should contain:
 * <ul>
 * <li>The client ID
 * <li>The scope
 * <li>The callback URI
 * <li>The authorization endpoint URI
 * </ul>
 *
 * @return Authentication request.
 */
public io.asgardeo.java.oidc.sdk.request.model.AuthenticationRequest buildAuthenticationRequest() {
    ResponseType responseType = new ResponseType(ResponseType.Value.CODE);
    ClientID clientID = oidcAgentConfig.getConsumerKey();
    Scope authScope = oidcAgentConfig.getScope();
    URI callBackURI = oidcAgentConfig.getCallbackUrl();
    URI authorizationEndpoint = oidcAgentConfig.getAuthorizeEndpoint();
    Map<String, String> additionalParamsForAuthzEndpoint = oidcAgentConfig.getAdditionalParamsForAuthorizeEndpoint();
    State state = resolveState();
    Nonce nonce = new Nonce();
    RequestContext requestContext = new RequestContext(state, nonce);
    AuthenticationRequest.Builder authenticationRequestBuilder = new AuthenticationRequest.Builder(responseType, authScope, clientID, callBackURI).state(state).endpointURI(authorizationEndpoint).nonce(nonce);
    // Add additional query params to authentication endpoint and request context.
    if (additionalParamsForAuthzEndpoint != null) {
        additionalParamsForAuthzEndpoint.forEach((key, value) -> {
            authenticationRequestBuilder.customParameter(key, value);
            requestContext.setParameter(key, value);
        });
    }
    // Build authenticationRequest.
    AuthenticationRequest authenticationRequest = authenticationRequestBuilder.build();
    io.asgardeo.java.oidc.sdk.request.model.AuthenticationRequest authRequest = new io.asgardeo.java.oidc.sdk.request.model.AuthenticationRequest(authenticationRequest.toURI(), requestContext);
    return authRequest;
}
Also used : URI(java.net.URI) ResponseType(com.nimbusds.oauth2.sdk.ResponseType) Nonce(com.nimbusds.openid.connect.sdk.Nonce) Scope(com.nimbusds.oauth2.sdk.Scope) State(com.nimbusds.oauth2.sdk.id.State) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) RequestContext(io.asgardeo.java.oidc.sdk.bean.RequestContext) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest)

Example 53 with AuthenticationRequest

use of com.nimbusds.openid.connect.sdk.AuthenticationRequest in project obiba-commons by obiba.

the class OIDCAuthenticationRequestFactory method create.

public AuthenticationRequest create(OIDCConfiguration configuration) {
    OIDCProviderMetadata providerMetadata = configuration.findProviderMetaData();
    // Generate random state string for pairing the response to the request
    State state = new State();
    // Generate nonce
    Nonce nonce = configuration.isUseNonce() ? new Nonce() : null;
    // Specify scope
    Scope scope = Scope.parse(configuration.getScope());
    AuthenticationRequest authenticationRequest = null;
    try {
        authenticationRequest = new AuthenticationRequest(providerMetadata.getAuthorizationEndpointURI(), new ResponseType(ResponseType.Value.CODE), scope, new ClientID(configuration.getClientId()), new URI(callbackURI), state, nonce);
    } catch (URISyntaxException e) {
        throw new OIDCException(e);
    }
    return authenticationRequest;
}
Also used : Nonce(com.nimbusds.openid.connect.sdk.Nonce) Scope(com.nimbusds.oauth2.sdk.Scope) State(com.nimbusds.oauth2.sdk.id.State) OIDCException(org.obiba.oidc.OIDCException) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) OIDCProviderMetadata(com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata) URISyntaxException(java.net.URISyntaxException) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) URI(java.net.URI) ResponseType(com.nimbusds.oauth2.sdk.ResponseType)

Example 54 with AuthenticationRequest

use of com.nimbusds.openid.connect.sdk.AuthenticationRequest in project di-authentication-api by alphagov.

the class StartIntegrationTest method shouldReturn200AndStartResponse.

@Test
void shouldReturn200AndStartResponse() throws IOException {
    String sessionId = redis.createSession();
    Scope scope = new Scope();
    scope.add(OIDCScopeValue.OPENID);
    AuthenticationRequest authRequest = new AuthenticationRequest.Builder(ResponseType.CODE, scope, new ClientID(CLIENT_ID), URI.create("http://localhost/redirect")).nonce(new Nonce()).state(new State()).build();
    redis.createClientSession(CLIENT_SESSION_ID, authRequest.toParameters());
    redis.createSession(sessionId);
    registerClient(KeyPairHelper.GENERATE_RSA_KEY_PAIR());
    Map<String, String> headers = new HashMap<>();
    headers.put("Session-Id", sessionId);
    headers.put("Client-Session-Id", CLIENT_SESSION_ID);
    headers.put("X-API-Key", FRONTEND_API_KEY);
    var response = makeRequest(Optional.empty(), headers, Map.of());
    assertThat(response, hasStatus(200));
    StartResponse startResponse = objectMapper.readValue(response.getBody(), StartResponse.class);
    assertThat(startResponse.getUser().isIdentityRequired(), equalTo(false));
    assertThat(startResponse.getUser().isConsentRequired(), equalTo(true));
    assertThat(startResponse.getUser().isUpliftRequired(), equalTo(false));
    assertThat(startResponse.getClient().getClientName(), equalTo(TEST_CLIENT_NAME));
    assertThat(startResponse.getClient().getServiceType(), equalTo("MANDATORY"));
    assertThat(startResponse.getClient().getCookieConsentShared(), equalTo(false));
    assertThat(startResponse.getClient().getScopes(), equalTo(scope.toStringList()));
    assertThat(startResponse.getUser().getCookieConsent(), equalTo(null));
    assertThat(startResponse.getUser().getGaCrossDomainTrackingId(), equalTo(null));
    assertEventTypesReceived(auditTopic, List.of(START_INFO_FOUND));
}
Also used : Nonce(com.nimbusds.openid.connect.sdk.Nonce) Scope(com.nimbusds.oauth2.sdk.Scope) HashMap(java.util.HashMap) State(com.nimbusds.oauth2.sdk.id.State) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) StartResponse(uk.gov.di.authentication.frontendapi.entity.StartResponse) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) Test(org.junit.jupiter.api.Test) ApiGatewayHandlerIntegrationTest(uk.gov.di.authentication.sharedtest.basetest.ApiGatewayHandlerIntegrationTest)

Example 55 with AuthenticationRequest

use of com.nimbusds.openid.connect.sdk.AuthenticationRequest in project di-authentication-api by alphagov.

the class AuthCodeHandlerTest method generateValidSessionAndAuthRequest.

private AuthenticationRequest generateValidSessionAndAuthRequest(CredentialTrustLevel requestedLevel) {
    ResponseType responseType = new ResponseType(ResponseType.Value.CODE);
    Scope scope = new Scope();
    Nonce nonce = new Nonce();
    scope.add(OIDCScopeValue.OPENID);
    AuthenticationRequest authRequest = new AuthenticationRequest.Builder(responseType, scope, CLIENT_ID, REDIRECT_URI).state(new State()).nonce(nonce).build();
    generateValidSession(authRequest.toParameters(), requestedLevel);
    return authRequest;
}
Also used : Nonce(com.nimbusds.openid.connect.sdk.Nonce) Scope(com.nimbusds.oauth2.sdk.Scope) State(com.nimbusds.oauth2.sdk.id.State) AuthenticationRequest(com.nimbusds.openid.connect.sdk.AuthenticationRequest) ResponseType(com.nimbusds.oauth2.sdk.ResponseType)

Aggregations

AuthenticationRequest (com.nimbusds.openid.connect.sdk.AuthenticationRequest)73 Scope (com.nimbusds.oauth2.sdk.Scope)44 ResponseType (com.nimbusds.oauth2.sdk.ResponseType)34 State (com.nimbusds.oauth2.sdk.id.State)29 Nonce (com.nimbusds.openid.connect.sdk.Nonce)27 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)24 Test (org.junit.jupiter.api.Test)19 ErrorObject (com.nimbusds.oauth2.sdk.ErrorObject)16 URI (java.net.URI)16 ParseException (com.nimbusds.oauth2.sdk.ParseException)12 ClientSession (uk.gov.di.authentication.shared.entity.ClientSession)12 AuthorizationCode (com.nimbusds.oauth2.sdk.AuthorizationCode)11 VectorOfTrust (uk.gov.di.authentication.shared.entity.VectorOfTrust)10 AuthenticationSuccessResponse (com.nimbusds.openid.connect.sdk.AuthenticationSuccessResponse)8 APIGatewayProxyResponseEvent (com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent)7 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)7 MethodSource (org.junit.jupiter.params.provider.MethodSource)6 SignedJWT (com.nimbusds.jwt.SignedJWT)5 OIDCClaimsRequest (com.nimbusds.openid.connect.sdk.OIDCClaimsRequest)5 HashMap (java.util.HashMap)5