use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class SyncWebAuthClientTest method tokenExchangeSuccess.
@Test
public void tokenExchangeSuccess() throws InterruptedException, JSONException, AuthorizationException, OktaRepository.EncryptionException {
String codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier();
String nonce = CodeVerifierUtil.generateRandomState();
AuthorizeRequest request = new AuthorizeRequest.Builder().codeVerifier(codeVerifier).authorizeEndpoint(mProviderConfig.authorization_endpoint).redirectUri(mConfig.getRedirectUri().toString()).scope("openid", "email", "profile").nonce(nonce).create();
mOktaState.save(request);
AuthorizeResponse response = AuthorizeResponse.fromUri(Uri.parse("com.okta.test:/callback?code=CODE&state=CUSTOM_STATE"));
String jws = TestValues.getJwt(mEndPoint.getUrl(), nonce, mConfig.getClientId());
mEndPoint.enqueueTokenSuccess(jws);
TokenRequest tokenRequest = mSyncWebAuth.tokenExchange(response, mOktaState.getProviderConfiguration(), (AuthorizeRequest) mOktaState.getAuthorizeRequest());
TokenResponse tokenResponse = tokenRequest.executeRequest(mHttpClient);
RecordedRequest recordedRequest = mEndPoint.takeRequest();
assertThat(recordedRequest.getPath(), equalTo("/token"));
assertNotNull(tokenResponse);
assertEquals(tokenResponse.getIdToken(), jws);
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class SyncWebAuthClientTest method tokenExchangeFailure.
@Test
public void tokenExchangeFailure() throws InterruptedException, JSONException, AuthorizationException, OktaRepository.EncryptionException {
mExpectedEx.expect(AuthorizationException.class);
String codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier();
String nonce = CodeVerifierUtil.generateRandomState();
AuthorizeRequest request = new AuthorizeRequest.Builder().codeVerifier(codeVerifier).authorizeEndpoint(mProviderConfig.authorization_endpoint).redirectUri(mConfig.getRedirectUri().toString()).scope(SCOPES).nonce(nonce).create();
mOktaState.save(request);
AuthorizeResponse response = AuthorizeResponse.fromUri(Uri.parse("com.okta.test:/callback?code=CODE&state=CUSTOM_STATE"));
mEndPoint.enqueueReturnInvalidClient();
TokenRequest tokenRequest = mSyncWebAuth.tokenExchange(response, mOktaState.getProviderConfiguration(), (AuthorizeRequest) mOktaState.getAuthorizeRequest());
TokenResponse tokenResponse = tokenRequest.executeRequest(mHttpClient);
RecordedRequest recordedRequest = mEndPoint.takeRequest();
assertThat(recordedRequest.getPath(), equalTo("/token"));
assertNull(tokenResponse);
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validateExpiredTokenWithEmptyValidator.
@Test
public void validateExpiredTokenWithEmptyValidator() throws AuthorizationException {
String jws = TestValues.getExpiredJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId());
OktaIdToken idToken = OktaIdToken.parseIdToken(jws);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse("state", "code"), mConfiguration);
OktaIdToken.Validator validator = mock(OktaIdToken.Validator.class);
idToken.validate(tokenRequest, validator);
verify(validator).validate(idToken);
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validateExpiredToken.
@Test
public void validateExpiredToken() throws AuthorizationException {
mExpectedEx.expect(AuthorizationException.class);
String jws = TestValues.getExpiredJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId());
OktaIdToken idToken = OktaIdToken.parseIdToken(jws);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse("state", "code"), mConfiguration);
idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validateIssuedAtTimeout.
@Test
public void validateIssuedAtTimeout() throws AuthorizationException {
mExpectedEx.expect(AuthorizationException.class);
String jws = TestValues.getJwtIssuedAtTimeout(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId());
OktaIdToken idToken = OktaIdToken.parseIdToken(jws);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse("state", "code"), mConfiguration);
idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
}
Aggregations