Example 1 with AuthorizeRequest
use of com.okta.oidc.net.request.web.AuthorizeRequest in project okta-oidc-android by okta.
the class SyncWebAuthClientTest method tokenExchangeSuccess.
@Test
public void tokenExchangeSuccess() throws InterruptedException, JSONException, AuthorizationException, OktaRepository.EncryptionException {
String codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier();
String nonce = CodeVerifierUtil.generateRandomState();
AuthorizeRequest request = new AuthorizeRequest.Builder().codeVerifier(codeVerifier).authorizeEndpoint(mProviderConfig.authorization_endpoint).redirectUri(mConfig.getRedirectUri().toString()).scope("openid", "email", "profile").nonce(nonce).create();
mOktaState.save(request);
AuthorizeResponse response = AuthorizeResponse.fromUri(Uri.parse("com.okta.test:/callback?code=CODE&state=CUSTOM_STATE"));
String jws = TestValues.getJwt(mEndPoint.getUrl(), nonce, mConfig.getClientId());
mEndPoint.enqueueTokenSuccess(jws);
TokenRequest tokenRequest = mSyncWebAuth.tokenExchange(response, mOktaState.getProviderConfiguration(), (AuthorizeRequest) mOktaState.getAuthorizeRequest());
TokenResponse tokenResponse = tokenRequest.executeRequest(mHttpClient);
RecordedRequest recordedRequest = mEndPoint.takeRequest();
assertThat(recordedRequest.getPath(), equalTo("/token"));
assertNotNull(tokenResponse);
assertEquals(tokenResponse.getIdToken(), jws);
}
Also used :
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse)
TokenResponse(com.okta.oidc.net.response.TokenResponse)
AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest)
TokenRequest(com.okta.oidc.net.request.TokenRequest)
RevokeTokenRequest(com.okta.oidc.net.request.RevokeTokenRequest)
Test(org.junit.Test)
Example 2 with AuthorizeRequest
use of com.okta.oidc.net.request.web.AuthorizeRequest in project okta-oidc-android by okta.
the class SyncWebAuthClientTest method tokenExchangeFailure.
@Test
public void tokenExchangeFailure() throws InterruptedException, JSONException, AuthorizationException, OktaRepository.EncryptionException {
mExpectedEx.expect(AuthorizationException.class);
String codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier();
String nonce = CodeVerifierUtil.generateRandomState();
AuthorizeRequest request = new AuthorizeRequest.Builder().codeVerifier(codeVerifier).authorizeEndpoint(mProviderConfig.authorization_endpoint).redirectUri(mConfig.getRedirectUri().toString()).scope(SCOPES).nonce(nonce).create();
mOktaState.save(request);
AuthorizeResponse response = AuthorizeResponse.fromUri(Uri.parse("com.okta.test:/callback?code=CODE&state=CUSTOM_STATE"));
mEndPoint.enqueueReturnInvalidClient();
TokenRequest tokenRequest = mSyncWebAuth.tokenExchange(response, mOktaState.getProviderConfiguration(), (AuthorizeRequest) mOktaState.getAuthorizeRequest());
TokenResponse tokenResponse = tokenRequest.executeRequest(mHttpClient);
RecordedRequest recordedRequest = mEndPoint.takeRequest();
assertThat(recordedRequest.getPath(), equalTo("/token"));
assertNull(tokenResponse);
}
Also used :
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse)
TokenResponse(com.okta.oidc.net.response.TokenResponse)
AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest)
TokenRequest(com.okta.oidc.net.request.TokenRequest)
RevokeTokenRequest(com.okta.oidc.net.request.RevokeTokenRequest)
Test(org.junit.Test)
Example 3 with AuthorizeRequest
use of com.okta.oidc.net.request.web.AuthorizeRequest in project okta-oidc-android by okta.
the class OktaStateTest method getAuthorizeRequest.
@Test
public void getAuthorizeRequest() throws OktaRepository.EncryptionException, AuthorizationException {
WebRequest authorizedRequest = TestValues.getAuthorizeRequest(TestValues.getConfigWithUrl(CUSTOM_URL), null);
mOktaState.save(authorizedRequest);
AuthorizeRequest expected = (AuthorizeRequest) mOktaState.getAuthorizeRequest();
assertNotNull(expected);
assertEquals(authorizedRequest.persist(), expected.persist());
}
Also used :
WebRequest(com.okta.oidc.net.request.web.WebRequest)
AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest)
Test(org.junit.Test)
Example 4 with AuthorizeRequest
use of com.okta.oidc.net.request.web.AuthorizeRequest in project okta-oidc-android by okta.
the class SyncAuthClientImpl method signIn.
@WorkerThread
@Override
public Result signIn(String sessionToken, @Nullable AuthenticationPayload payload) {
try {
mCancel.set(false);
ProviderConfiguration providerConfiguration = obtainNewConfiguration();
checkIfCanceled();
mOktaState.setCurrentState(State.SIGN_IN_REQUEST);
NativeAuthorizeRequest request = nativeAuthorizeRequest(sessionToken, providerConfiguration, payload);
mCurrentRequest.set(new WeakReference<>(request));
// Save the nativeAuth request in a AuthRequest because it is needed to verify results.
AuthorizeRequest authRequest = new AuthorizeRequest(request.getParameters());
mOktaState.save(authRequest);
AuthorizeResponse authResponse = request.executeRequest(mHttpClient);
checkIfCanceled();
// This flow should never happen but if it does throw a exception.
if (isVerificationFlow(authResponse)) {
return Result.error(new AuthorizationException("Email verification required. Session: " + authResponse.getSessionHint(), null));
}
validateResult(authResponse, authRequest);
mOktaState.setCurrentState(State.TOKEN_EXCHANGE);
TokenRequest requestToken = tokenExchange(authResponse, providerConfiguration, authRequest);
mCurrentRequest.set(new WeakReference<>(requestToken));
TokenResponse tokenResponse = requestToken.executeRequest(mHttpClient);
mOktaState.save(tokenResponse);
return Result.success();
} catch (AuthorizationException e) {
return Result.error(e);
} catch (IOException e) {
return Result.cancel();
} catch (Exception e) {
return Result.error(new AuthorizationException(OTHER.code, e.getMessage(), e));
} finally {
resetCurrentState();
}
}
Also used :
AuthorizeResponse(com.okta.oidc.net.response.web.AuthorizeResponse)
TokenResponse(com.okta.oidc.net.response.TokenResponse)
AuthorizeRequest(com.okta.oidc.net.request.web.AuthorizeRequest)
NativeAuthorizeRequest(com.okta.oidc.net.request.NativeAuthorizeRequest)
AuthorizationException(com.okta.oidc.util.AuthorizationException)
TokenRequest(com.okta.oidc.net.request.TokenRequest)
IOException(java.io.IOException)
NativeAuthorizeRequest(com.okta.oidc.net.request.NativeAuthorizeRequest)
IOException(java.io.IOException)
AuthorizationException(com.okta.oidc.util.AuthorizationException)
ProviderConfiguration(com.okta.oidc.net.request.ProviderConfiguration)
WorkerThread(androidx.annotation.WorkerThread)
Aggregations
AuthorizeRequest (com.okta.oidc.net.request.web.AuthorizeRequest)4
TokenRequest (com.okta.oidc.net.request.TokenRequest)3
TokenResponse (com.okta.oidc.net.response.TokenResponse)3
AuthorizeResponse (com.okta.oidc.net.response.web.AuthorizeResponse)3
Test (org.junit.Test)3
RevokeTokenRequest (com.okta.oidc.net.request.RevokeTokenRequest)2
RecordedRequest (okhttp3.mockwebserver.RecordedRequest)2
WorkerThread (androidx.annotation.WorkerThread)1
NativeAuthorizeRequest (com.okta.oidc.net.request.NativeAuthorizeRequest)1
ProviderConfiguration (com.okta.oidc.net.request.ProviderConfiguration)1
WebRequest (com.okta.oidc.net.request.web.WebRequest)1
AuthorizationException (com.okta.oidc.util.AuthorizationException)1
IOException (java.io.IOException)1
