Search in sources :

Example 1 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class SyncWebAuthClientTest method tokenExchangeSuccess.

@Test
public void tokenExchangeSuccess() throws InterruptedException, JSONException, AuthorizationException, OktaRepository.EncryptionException {
    String codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier();
    String nonce = CodeVerifierUtil.generateRandomState();
    AuthorizeRequest request = new AuthorizeRequest.Builder().codeVerifier(codeVerifier).authorizeEndpoint(mProviderConfig.authorization_endpoint).redirectUri(mConfig.getRedirectUri().toString()).scope("openid", "email", "profile").nonce(nonce).create();
    mOktaState.save(request);
    AuthorizeResponse response = AuthorizeResponse.fromUri(Uri.parse("com.okta.test:/callback?code=CODE&state=CUSTOM_STATE"));
    String jws = TestValues.getJwt(mEndPoint.getUrl(), nonce, mConfig.getClientId());
    mEndPoint.enqueueTokenSuccess(jws);
    TokenRequest tokenRequest = mSyncWebAuth.tokenExchange(response, mOktaState.getProviderConfiguration(), (AuthorizeRequest) mOktaState.getAuthorizeRequest());
    TokenResponse tokenResponse = tokenRequest.executeRequest(mHttpClient);
    RecordedRequest recordedRequest = mEndPoint.takeRequest();
    assertThat(recordedRequest.getPath(), equalTo("/token"));
    assertNotNull(tokenResponse);
    assertEquals(tokenResponse.getIdToken(), jws);
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse) TokenResponse(com.okta.oidc.net.response.TokenResponse) AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest) TokenRequest(com.okta.oidc.net.request.TokenRequest) RevokeTokenRequest(com.okta.oidc.net.request.RevokeTokenRequest) Test(org.junit.Test)

Example 2 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class SyncWebAuthClientTest method tokenExchangeFailure.

@Test
public void tokenExchangeFailure() throws InterruptedException, JSONException, AuthorizationException, OktaRepository.EncryptionException {
    mExpectedEx.expect(AuthorizationException.class);
    String codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier();
    String nonce = CodeVerifierUtil.generateRandomState();
    AuthorizeRequest request = new AuthorizeRequest.Builder().codeVerifier(codeVerifier).authorizeEndpoint(mProviderConfig.authorization_endpoint).redirectUri(mConfig.getRedirectUri().toString()).scope(SCOPES).nonce(nonce).create();
    mOktaState.save(request);
    AuthorizeResponse response = AuthorizeResponse.fromUri(Uri.parse("com.okta.test:/callback?code=CODE&state=CUSTOM_STATE"));
    mEndPoint.enqueueReturnInvalidClient();
    TokenRequest tokenRequest = mSyncWebAuth.tokenExchange(response, mOktaState.getProviderConfiguration(), (AuthorizeRequest) mOktaState.getAuthorizeRequest());
    TokenResponse tokenResponse = tokenRequest.executeRequest(mHttpClient);
    RecordedRequest recordedRequest = mEndPoint.takeRequest();
    assertThat(recordedRequest.getPath(), equalTo("/token"));
    assertNull(tokenResponse);
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse) TokenResponse(com.okta.oidc.net.response.TokenResponse) AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest) TokenRequest(com.okta.oidc.net.request.TokenRequest) RevokeTokenRequest(com.okta.oidc.net.request.RevokeTokenRequest) Test(org.junit.Test)

Example 3 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class OktaIdTokenTest method validateExpiredTokenWithEmptyValidator.

@Test
public void validateExpiredTokenWithEmptyValidator() throws AuthorizationException {
    String jws = TestValues.getExpiredJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId());
    OktaIdToken idToken = OktaIdToken.parseIdToken(jws);
    String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
    TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse("state", "code"), mConfiguration);
    OktaIdToken.Validator validator = mock(OktaIdToken.Validator.class);
    idToken.validate(tokenRequest, validator);
    verify(validator).validate(idToken);
}
Also used : TokenRequest(com.okta.oidc.net.request.TokenRequest) Test(org.junit.Test)

Example 4 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class OktaIdTokenTest method validateExpiredToken.

@Test
public void validateExpiredToken() throws AuthorizationException {
    mExpectedEx.expect(AuthorizationException.class);
    String jws = TestValues.getExpiredJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId());
    OktaIdToken idToken = OktaIdToken.parseIdToken(jws);
    String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
    TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse("state", "code"), mConfiguration);
    idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
}
Also used : TokenRequest(com.okta.oidc.net.request.TokenRequest) Test(org.junit.Test)

Example 5 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class OktaIdTokenTest method validateIssuedAtTimeout.

@Test
public void validateIssuedAtTimeout() throws AuthorizationException {
    mExpectedEx.expect(AuthorizationException.class);
    String jws = TestValues.getJwtIssuedAtTimeout(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId());
    OktaIdToken idToken = OktaIdToken.parseIdToken(jws);
    String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
    TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse("state", "code"), mConfiguration);
    idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
}
Also used : TokenRequest(com.okta.oidc.net.request.TokenRequest) Test(org.junit.Test)

Aggregations

TokenRequest (com.okta.oidc.net.request.TokenRequest)11 Test (org.junit.Test)9 TokenResponse (com.okta.oidc.net.response.TokenResponse)4 AuthorizeResponse (com.okta.oidc.net.response.web.AuthorizeResponse)4 AuthorizeRequest (com.okta.oidc.net.request.web.AuthorizeRequest)3 AuthorizationException (com.okta.oidc.util.AuthorizationException)3 ProviderConfiguration (com.okta.oidc.net.request.ProviderConfiguration)2 RevokeTokenRequest (com.okta.oidc.net.request.RevokeTokenRequest)2 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)2 NonNull (androidx.annotation.NonNull)1 WorkerThread (androidx.annotation.WorkerThread)1 NativeAuthorizeRequest (com.okta.oidc.net.request.NativeAuthorizeRequest)1 WebRequest (com.okta.oidc.net.request.web.WebRequest)1 OktaRepository (com.okta.oidc.storage.OktaRepository)1 IOException (java.io.IOException)1