Search in sources :

Example 21 with Consumer

use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.

the class JAXRSOAuth2Test method testConfidentialClientIdAndSecret.

@Test
public void testConfidentialClientIdAndSecret() throws Exception {
    String address = "https://localhost:" + port + "/oauth2/token";
    WebClient wc = createWebClient(address);
    ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer("fred", "password"), new CustomGrant(), false);
    assertNotNull(at.getTokenKey());
}
Also used : Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Example 22 with Consumer

use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.

the class OIDCFlowTest method testAuthorizationCodeFlowRefreshToken.

@org.junit.Test
public void testAuthorizationCodeFlowRefreshToken() throws Exception {
    String address = "https://localhost:" + port + "/services/";
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "alice", "security", null);
    // Save the Cookie for the second request...
    WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    // Get Authorization Code
    String code = OAuth2TestUtils.getAuthorizationCode(client, String.join(" ", OidcUtils.getOpenIdScope(), OAuthConstants.REFRESH_TOKEN_SCOPE), "consumer-id-oidc");
    assertNotNull(code);
    // Now get the access token
    client = WebClient.create(address, "consumer-id-oidc", "this-is-a-secret", null);
    ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code, "consumer-id-oidc", null);
    assertNotNull(accessToken.getTokenKey());
    assertTrue(accessToken.getApprovedScope().contains("openid"));
    IdToken idToken = getIdToken(accessToken, address + "keys/", "consumer-id-oidc");
    assertNotNull(idToken);
    Long issuedAt = idToken.getIssuedAt();
    TimeUnit.SECONDS.sleep(1L);
    accessToken = OAuthClientUtils.refreshAccessToken(client, new Consumer("consumer-id-oidc"), accessToken);
    idToken = getIdToken(accessToken, address + "keys/", "consumer-id-oidc");
    assertNotEquals(issuedAt, idToken.getIssuedAt());
}
Also used : IdToken(org.apache.cxf.rs.security.oidc.common.IdToken) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 23 with Consumer

use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.

the class JAXRSOAuth2TlsTest method doTestTwoWayTLSClientIdBoundJwt.

private void doTestTwoWayTLSClientIdBoundJwt(String clientId) throws Exception {
    String atServiceAddress = "https://localhost:" + PORT + "/oauth2Jwt/token";
    WebClient wc = createOAuth2WebClient(atServiceAddress);
    ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer(clientId), new CustomGrant());
    assertNotNull(at.getTokenKey());
    JwsJwtCompactConsumer c = new JwsJwtCompactConsumer(at.getTokenKey());
    JwtClaims claims = JwtUtils.jsonToClaims(c.getDecodedJwsPayload());
    Map<String, Object> cnfs = claims.getMapProperty(JwtConstants.CLAIM_CONFIRMATION);
    assertNotNull(cnfs);
    assertNotNull(cnfs.get(JoseConstants.HEADER_X509_THUMBPRINT_SHA256));
    String protectedRsAddress = "https://localhost:" + PORT + "/rsJwt/bookstore/books/123";
    WebClient wcRs = createRsWebClient(protectedRsAddress, at, "client.xml");
    Book book = wcRs.get(Book.class);
    assertEquals(123L, book.getId());
    String protectedRsAddress2 = "https://localhost:" + PORT + "/rsJwt2/bookstore/books/123";
    WebClient wcRs2 = createRsWebClient(protectedRsAddress2, at, "client.xml");
    book = wcRs2.get(Book.class);
    assertEquals(123L, book.getId());
    String unprotectedRsAddress = "https://localhost:" + PORT + "/rsUnprotected/bookstore/books/123";
    WebClient wcRsDiffClientCert = createRsWebClient(unprotectedRsAddress, at, "client2.xml");
    // Unprotected resource
    book = wcRsDiffClientCert.get(Book.class);
    assertEquals(123L, book.getId());
    // Protected resource, access token was created with Morpit.jks key, RS is accessed with
    // Bethal.jks key, thus 401 is expected
    wcRsDiffClientCert = createRsWebClient(protectedRsAddress, at, "client2.xml");
    assertEquals(401, wcRsDiffClientCert.get().getStatus());
    wcRsDiffClientCert = createRsWebClient(protectedRsAddress2, at, "client2.xml");
    assertEquals(401, wcRsDiffClientCert.get().getStatus());
}
Also used : JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) Book(org.apache.cxf.systest.jaxrs.security.Book) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 24 with Consumer

use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.

the class JAXRSOAuth2TlsTest method testTwoWayTLSClientUnbound.

@Test
public void testTwoWayTLSClientUnbound() throws Exception {
    String address = "https://localhost:" + PORT + "/oauth2/token";
    WebClient wc = createOAuth2WebClient(address);
    try {
        OAuthClientUtils.getAccessToken(wc, new Consumer("unbound"), new CustomGrant());
        fail("exception_expected");
    } catch (OAuthServiceException ex) {
        assertEquals("invalid_client", ex.getError().getError());
    }
}
Also used : JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Example 25 with Consumer

use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.

the class JAXRSOAuth2TlsTest method testTwoWayTLSClientIdBound.

@Test
public void testTwoWayTLSClientIdBound() throws Exception {
    String atServiceAddress = "https://localhost:" + PORT + "/oauth2/token";
    WebClient wc = createOAuth2WebClient(atServiceAddress);
    ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer("bound"), new CustomGrant());
    assertNotNull(at.getTokenKey());
}
Also used : JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient) Test(org.junit.Test)

Aggregations

Consumer (org.apache.cxf.rs.security.oauth2.client.Consumer)19 WebClient (org.apache.cxf.jaxrs.client.WebClient)17 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)12 AMQPMessage (com.swiftmq.amqp.v100.messaging.AMQPMessage)9 AMQPString (com.swiftmq.amqp.v100.types.AMQPString)9 Test (org.junit.Test)9 AMQPContext (com.swiftmq.amqp.AMQPContext)7 AmqpValue (com.swiftmq.amqp.v100.generated.messaging.message_format.AmqpValue)7 JSSESocketFactory (com.swiftmq.net.JSSESocketFactory)6 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)6 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)4 TxnIdIF (com.swiftmq.amqp.v100.generated.transactions.coordination.TxnIdIF)3 IOException (java.io.IOException)3 HashMap (java.util.HashMap)3 RefreshTokenGrant (org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrant)3 AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)2 BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)2 TypelessAccessToken (com.nimbusds.oauth2.sdk.token.TypelessAccessToken)2 Connection (com.swiftmq.amqp.v100.client.Connection)2 InvalidStateException (com.swiftmq.amqp.v100.client.InvalidStateException)2