Example 6 with TokenRequest
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validateInvalidNonce.
@Test
public void validateInvalidNonce() throws AuthorizationException {
mExpectedEx.expect(AuthorizationException.class);
String jwt = TestValues.getJwt(CUSTOM_URL, "invalid", mConfig.getClientId(), "fakeaud");
OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
}
Also used :
TokenRequest(com.okta.oidc.net.request.TokenRequest)
Test(org.junit.Test)
Example 7 with TokenRequest
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validateWithCustomValidatorThatAlwaysThrowsException.
@Test
public void validateWithCustomValidatorThatAlwaysThrowsException() throws AuthorizationException {
mExpectedEx.expect(AuthorizationException.class);
String jwt = TestValues.getJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId(), "fakeaud");
OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
idToken.validate(tokenRequest, oktaIdToken -> {
throw new AuthorizationException("Expected", null);
});
}
Also used :
AuthorizationException(com.okta.oidc.util.AuthorizationException)
TokenRequest(com.okta.oidc.net.request.TokenRequest)
Test(org.junit.Test)
Example 8 with TokenRequest
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class OktaIdTokenTest method validate.
@Test
public void validate() throws AuthorizationException {
String jwt = TestValues.getJwt(CUSTOM_URL, CUSTOM_NONCE, mConfig.getClientId(), "fakeaud");
OktaIdToken idToken = OktaIdToken.parseIdToken(jwt);
String verifier = CodeVerifierUtil.generateRandomCodeVerifier();
TokenRequest tokenRequest = TestValues.getTokenRequest(mConfig, getAuthorizeRequest(mConfig, verifier), getAuthorizeResponse(CUSTOM_STATE, CUSTOM_CODE), mConfiguration);
idToken.validate(tokenRequest, new OktaIdToken.DefaultValidator(System::currentTimeMillis));
assertNotNull(idToken);
assertNotNull(idToken.mHeader);
assertNotNull(idToken.mClaims);
}
Also used :
TokenRequest(com.okta.oidc.net.request.TokenRequest)
Test(org.junit.Test)
Example 9 with TokenRequest
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class SyncWebAuthClientImpl method processSignInResult.
@NonNull
private Result processSignInResult(StateResult result) {
if (result == null) {
return Result.error(new AuthorizationException("Result is empty", new NullPointerException()));
}
switch(result.getStatus()) {
case CANCELED:
return Result.cancel();
case ERROR:
return Result.error(result.getException());
case AUTHORIZED:
mOktaState.setCurrentState(State.TOKEN_EXCHANGE);
TokenResponse response;
try {
WebRequest authorizedRequest = mOktaState.getAuthorizeRequest();
ProviderConfiguration providerConfiguration = mOktaState.getProviderConfiguration();
AuthorizeResponse authResponse = (AuthorizeResponse) result.getAuthorizationResponse();
if (isVerificationFlow((authResponse))) {
return processEmailVerification(authResponse);
}
validateResult(result.getAuthorizationResponse(), authorizedRequest);
TokenRequest request = tokenExchange((AuthorizeResponse) result.getAuthorizationResponse(), providerConfiguration, (AuthorizeRequest) authorizedRequest);
mCurrentRequest.set(new WeakReference<>(request));
response = request.executeRequest(mHttpClient);
mOktaState.save(response);
} catch (OktaRepository.EncryptionException e) {
return Result.error(EncryptionErrors.byEncryptionException(e));
} catch (AuthorizationException e) {
return Result.error(e);
}
return Result.success();
default:
return Result.error(new AuthorizationException("StateResult with invalid status: " + result.getStatus().name(), new IllegalStateException()));
}
}
Also used :
AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse)
TokenResponse(com.okta.oidc.net.response.TokenResponse)
WebRequest(com.okta.oidc.net.request.web.WebRequest)
AuthorizationException(com.okta.oidc.util.AuthorizationException)
OktaRepository(com.okta.oidc.storage.OktaRepository)
TokenRequest(com.okta.oidc.net.request.TokenRequest)
ProviderConfiguration(com.okta.oidc.net.request.ProviderConfiguration)
NonNull(androidx.annotation.NonNull)
Example 10 with TokenRequest
use of com.okta.oidc.net.request.TokenRequest in project okta-oidc-android by okta.
the class SyncAuthClientImpl method signIn.
@WorkerThread
@Override
public Result signIn(String sessionToken, @Nullable AuthenticationPayload payload) {
try {
mCancel.set(false);
ProviderConfiguration providerConfiguration = obtainNewConfiguration();
checkIfCanceled();
mOktaState.setCurrentState(State.SIGN_IN_REQUEST);
NativeAuthorizeRequest request = nativeAuthorizeRequest(sessionToken, providerConfiguration, payload);
mCurrentRequest.set(new WeakReference<>(request));
// Save the nativeAuth request in a AuthRequest because it is needed to verify results.
AuthorizeRequest authRequest = new AuthorizeRequest(request.getParameters());
mOktaState.save(authRequest);
AuthorizeResponse authResponse = request.executeRequest(mHttpClient);
checkIfCanceled();
// This flow should never happen but if it does throw a exception.
if (isVerificationFlow(authResponse)) {
return Result.error(new AuthorizationException("Email verification required. Session: " + authResponse.getSessionHint(), null));
}
validateResult(authResponse, authRequest);
mOktaState.setCurrentState(State.TOKEN_EXCHANGE);
TokenRequest requestToken = tokenExchange(authResponse, providerConfiguration, authRequest);
mCurrentRequest.set(new WeakReference<>(requestToken));
TokenResponse tokenResponse = requestToken.executeRequest(mHttpClient);
mOktaState.save(tokenResponse);
return Result.success();
} catch (AuthorizationException e) {
return Result.error(e);
} catch (IOException e) {
return Result.cancel();
} catch (Exception e) {
return Result.error(new AuthorizationException(OTHER.code, e.getMessage(), e));
} finally {
resetCurrentState();
}
}
Also used :
AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse)
TokenResponse(com.okta.oidc.net.response.TokenResponse)
AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest)
NativeAuthorizeRequest(com.okta.oidc.net.request.NativeAuthorizeRequest)
AuthorizationException(com.okta.oidc.util.AuthorizationException)
TokenRequest(com.okta.oidc.net.request.TokenRequest)
IOException(java.io.IOException)
NativeAuthorizeRequest(com.okta.oidc.net.request.NativeAuthorizeRequest)
IOException(java.io.IOException)
AuthorizationException(com.okta.oidc.util.AuthorizationException)
ProviderConfiguration(com.okta.oidc.net.request.ProviderConfiguration)
WorkerThread(androidx.annotation.WorkerThread)
Aggregations
TokenRequest (com.okta.oidc.net.request.TokenRequest)11
Test (org.junit.Test)9
TokenResponse (com.okta.oidc.net.response.TokenResponse)4
AuthorizeResponse (com.okta.oidc.net.response.web.AuthorizeResponse)4
AuthorizeRequest (com.okta.oidc.net.request.web.AuthorizeRequest)3
AuthorizationException (com.okta.oidc.util.AuthorizationException)3
ProviderConfiguration (com.okta.oidc.net.request.ProviderConfiguration)2
RevokeTokenRequest (com.okta.oidc.net.request.RevokeTokenRequest)2
RecordedRequest (okhttp3.mockwebserver.RecordedRequest)2
NonNull (androidx.annotation.NonNull)1
WorkerThread (androidx.annotation.WorkerThread)1
NativeAuthorizeRequest (com.okta.oidc.net.request.NativeAuthorizeRequest)1
WebRequest (com.okta.oidc.net.request.web.WebRequest)1
OktaRepository (com.okta.oidc.storage.OktaRepository)1
IOException (java.io.IOException)1
