Search in sources :

Example 6 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class OktaIdTokenTest method validateInvalidNonce.

@Test
public void validateInvalidNonce() throws AuthorizationException {
    mExpectedEx.expect(AuthorizationException.class);
    String jwt = TestValues.getJwt(CUSTOM_URL, "invalid", mConfig.getClientId(), "fakeaud");
    OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
    String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
    TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
    idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
}
Also used : TokenRequest(com.okta.oidc.net.request.TokenRequest) Test(org.junit.Test)

Example 7 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class OktaIdTokenTest method validateWithCustomValidatorThatAlwaysThrowsException.

@Test
public void validateWithCustomValidatorThatAlwaysThrowsException() throws AuthorizationException {
    mExpectedEx.expect(AuthorizationException.class);
    String jwt = TestValues.getJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId(), "fakeaud");
    OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
    String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
    TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
    idToken.validate(tokenRequest, oktaIdToken -> {
        throw new AuthorizationException("Expected", null);
    });
}
Also used : AuthorizationException(com.okta.oidc.util.AuthorizationException) TokenRequest(com.okta.oidc.net.request.TokenRequest) Test(org.junit.Test)

Example 8 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class OktaIdTokenTest method validate.

@Test
public void validate() throws AuthorizationException {
    String jwt = TestValues.getJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId(), "fakeaud");
    OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
    String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
    TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
    idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
    assertNotNull(idToken);
    assertNotNull(idToken.mHeader);
    assertNotNull(idToken.mClaims);
}
Also used : TokenRequest(com.okta.oidc.net.request.TokenRequest) Test(org.junit.Test)

Example 9 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class SyncWebAuthClientImpl method processSignInResult.

@NonNull
private Result processSignInResult(StateResult result) {
    if (result == null) {
        return Result.error(new AuthorizationException("Result is empty", new NullPointerException()));
    }
    switch(result.getStatus()) {
        case CANCELED:
            return Result.cancel();
        case ERROR:
            return Result.error(result.getException());
        case AUTHORIZED:
            mOktaState.setCurrentState(State.TOKEN_EXCHANGE);
            TokenResponse response;
            try {
                WebRequest authorizedRequest = mOktaState.getAuthorizeRequest();
                ProviderConfiguration providerConfiguration = mOktaState.getProviderConfiguration();
                AuthorizeResponse authResponse = (AuthorizeResponse) result.getAuthorizationResponse();
                if (isVerificationFlow((authResponse))) {
                    return processEmailVerification(authResponse);
                }
                validateResult(result.getAuthorizationResponse(), authorizedRequest);
                TokenRequest request = tokenExchange((AuthorizeResponse) result.getAuthorizationResponse(), providerConfiguration, (AuthorizeRequest) authorizedRequest);
                mCurrentRequest.set(new WeakReference<>(request));
                response = request.executeRequest(mHttpClient);
                mOktaState.save(response);
            } catch (OktaRepository.EncryptionException e) {
                return Result.error(EncryptionErrors.byEncryptionException(e));
            } catch (AuthorizationException e) {
                return Result.error(e);
            }
            return Result.success();
        default:
            return Result.error(new AuthorizationException("StateResult with invalid status: " + result.getStatus().name(), new IllegalStateException()));
    }
}
Also used : AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse) TokenResponse(com.okta.oidc.net.response.TokenResponse) WebRequest(com.okta.oidc.net.request.web.WebRequest) AuthorizationException(com.okta.oidc.util.AuthorizationException) OktaRepository(com.okta.oidc.storage.OktaRepository) TokenRequest(com.okta.oidc.net.request.TokenRequest) ProviderConfiguration(com.okta.oidc.net.request.ProviderConfiguration) NonNull(androidx.annotation.NonNull)

Example 10 with TokenRequest

use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.

the class SyncAuthClientImpl method signIn.

@WorkerThread
@Override
public Result signIn(String sessionToken, @Nullable AuthenticationPayload payload) {
    try {
        mCancel.set(false);
        ProviderConfiguration providerConfiguration = obtainNewConfiguration();
        checkIfCanceled();
        mOktaState.setCurrentState(State.SIGN_IN_REQUEST);
        NativeAuthorizeRequest request = nativeAuthorizeRequest(sessionToken, providerConfiguration, payload);
        mCurrentRequest.set(new WeakReference<>(request));
        // Save the nativeAuth request in a AuthRequest because it is needed to verify results.
        AuthorizeRequest authRequest = new AuthorizeRequest(request.getParameters());
        mOktaState.save(authRequest);
        AuthorizeResponse authResponse = request.executeRequest(mHttpClient);
        checkIfCanceled();
        // This flow should never happen but if it does throw a exception.
        if (isVerificationFlow(authResponse)) {
            return Result.error(new AuthorizationException("Email verification required. Session: " + authResponse.getSessionHint(), null));
        }
        validateResult(authResponse, authRequest);
        mOktaState.setCurrentState(State.TOKEN_EXCHANGE);
        TokenRequest requestToken = tokenExchange(authResponse, providerConfiguration, authRequest);
        mCurrentRequest.set(new WeakReference<>(requestToken));
        TokenResponse tokenResponse = requestToken.executeRequest(mHttpClient);
        mOktaState.save(tokenResponse);
        return Result.success();
    } catch (AuthorizationException e) {
        return Result.error(e);
    } catch (IOException e) {
        return Result.cancel();
    } catch (Exception e) {
        return Result.error(new AuthorizationException(OTHER.code, e.getMessage(), e));
    } finally {
        resetCurrentState();
    }
}
Also used : AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse) TokenResponse(com.okta.oidc.net.response.TokenResponse) AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest) NativeAuthorizeRequest(com.okta.oidc.net.request.NativeAuthorizeRequest) AuthorizationException(com.okta.oidc.util.AuthorizationException) TokenRequest(com.okta.oidc.net.request.TokenRequest) IOException(java.io.IOException) NativeAuthorizeRequest(com.okta.oidc.net.request.NativeAuthorizeRequest) IOException(java.io.IOException) AuthorizationException(com.okta.oidc.util.AuthorizationException) ProviderConfiguration(com.okta.oidc.net.request.ProviderConfiguration) WorkerThread(androidx.annotation.WorkerThread)

Aggregations

TokenRequest (com.okta.oidc.net.request.TokenRequest)11 Test (org.junit.Test)9 TokenResponse (com.okta.oidc.net.response.TokenResponse)4 AuthorizeResponse (com.okta.oidc.net.response.web.AuthorizeResponse)4 AuthorizeRequest (com.okta.oidc.net.request.web.AuthorizeRequest)3 AuthorizationException (com.okta.oidc.util.AuthorizationException)3 ProviderConfiguration (com.okta.oidc.net.request.ProviderConfiguration)2 RevokeTokenRequest (com.okta.oidc.net.request.RevokeTokenRequest)2 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)2 NonNull (androidx.annotation.NonNull)1 WorkerThread (androidx.annotation.WorkerThread)1 NativeAuthorizeRequest (com.okta.oidc.net.request.NativeAuthorizeRequest)1 WebRequest (com.okta.oidc.net.request.web.WebRequest)1 OktaRepository (com.okta.oidc.storage.OktaRepository)1 IOException (java.io.IOException)1