use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validateInvalidNonce.
@Test
public void validateInvalidNonce() throws AuthorizationException {
mExpectedEx.expect(AuthorizationException.class);
String jwt = TestValues.getJwt(CUSTOM_URL, "invalid", mConfig.getClientId(), "fakeaud");
OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validateWithCustomValidatorThatAlwaysThrowsException.
@Test
public void validateWithCustomValidatorThatAlwaysThrowsException() throws AuthorizationException {
mExpectedEx.expect(AuthorizationException.class);
String jwt = TestValues.getJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId(), "fakeaud");
OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
idToken.validate(tokenRequest, oktaIdToken -> {
throw new AuthorizationException("Expected", null);
});
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validate.
@Test
public void validate() throws AuthorizationException {
String jwt = TestValues.getJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId(), "fakeaud");
OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
assertNotNull(idToken);
assertNotNull(idToken.mHeader);
assertNotNull(idToken.mClaims);
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class SyncWebAuthClientImpl method processSignInResult.
@NonNull
private Result processSignInResult(StateResult result) {
if (result == null) {
return Result.error(new AuthorizationException("Result is empty", new NullPointerException()));
}
switch(result.getStatus()) {
case CANCELED:
return Result.cancel();
case ERROR:
return Result.error(result.getException());
case AUTHORIZED:
mOktaState.setCurrentState(State.TOKEN_EXCHANGE);
TokenResponse response;
try {
WebRequest authorizedRequest = mOktaState.getAuthorizeRequest();
ProviderConfiguration providerConfiguration = mOktaState.getProviderConfiguration();
AuthorizeResponse authResponse = (AuthorizeResponse) result.getAuthorizationResponse();
if (isVerificationFlow((authResponse))) {
return processEmailVerification(authResponse);
}
validateResult(result.getAuthorizationResponse(), authorizedRequest);
TokenRequest request = tokenExchange((AuthorizeResponse) result.getAuthorizationResponse(), providerConfiguration, (AuthorizeRequest) authorizedRequest);
mCurrentRequest.set(new WeakReference<>(request));
response = request.executeRequest(mHttpClient);
mOktaState.save(response);
} catch (OktaRepository.EncryptionException e) {
return Result.error(EncryptionErrors.byEncryptionException(e));
} catch (AuthorizationException e) {
return Result.error(e);
}
return Result.success();
default:
return Result.error(new AuthorizationException("StateResult with invalid status: " + result.getStatus().name(), new IllegalStateException()));
}
}
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class SyncAuthClientImpl method signIn.
@WorkerThread
@Override
public Result signIn(String sessionToken, @Nullable AuthenticationPayload payload) {
try {
mCancel.set(false);
ProviderConfiguration providerConfiguration = obtainNewConfiguration();
checkIfCanceled();
mOktaState.setCurrentState(State.SIGN_IN_REQUEST);
NativeAuthorizeRequest request = nativeAuthorizeRequest(sessionToken, providerConfiguration, payload);
mCurrentRequest.set(new WeakReference<>(request));
// Save the nativeAuth request in a AuthRequest because it is needed to verify results.
AuthorizeRequest authRequest = new AuthorizeRequest(request.getParameters());
mOktaState.save(authRequest);
AuthorizeResponse authResponse = request.executeRequest(mHttpClient);
checkIfCanceled();
// This flow should never happen but if it does throw a exception.
if (isVerificationFlow(authResponse)) {
return Result.error(new AuthorizationException("Email verification required. Session: " + authResponse.getSessionHint(), null));
}
validateResult(authResponse, authRequest);
mOktaState.setCurrentState(State.TOKEN_EXCHANGE);
TokenRequest requestToken = tokenExchange(authResponse, providerConfiguration, authRequest);
mCurrentRequest.set(new WeakReference<>(requestToken));
TokenResponse tokenResponse = requestToken.executeRequest(mHttpClient);
mOktaState.save(tokenResponse);
return Result.success();
} catch (AuthorizationException e) {
return Result.error(e);
} catch (IOException e) {
return Result.cancel();
} catch (Exception e) {
return Result.error(new AuthorizationException(OTHER.code, e.getMessage(), e));
} finally {
resetCurrentState();
}
}
Aggregations