Example 21 with Consumer
use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.
the class JAXRSOAuth2Test method testConfidentialClientIdAndSecret.
@Test
public void testConfidentialClientIdAndSecret() throws Exception {
String address = "https://localhost:" + port + "/oauth2/token";
WebClient wc = createWebClient(address);
ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer("fred", "password"), new CustomGrant(), false);
assertNotNull(at.getTokenKey());
}
Also used :
Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Test(org.junit.Test)
Example 22 with Consumer
use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.
the class OIDCFlowTest method testAuthorizationCodeFlowRefreshToken.
@org.junit.Test
public void testAuthorizationCodeFlowRefreshToken() throws Exception {
String address = "https://localhost:" + port + "/services/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "alice", "security", null);
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
String code = OAuth2TestUtils.getAuthorizationCode(client, String.join(" ", OidcUtils.getOpenIdScope(), OAuthConstants.REFRESH_TOKEN_SCOPE), "consumer-id-oidc");
assertNotNull(code);
// Now get the access token
client = WebClient.create(address, "consumer-id-oidc", "this-is-a-secret", null);
ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code, "consumer-id-oidc", null);
assertNotNull(accessToken.getTokenKey());
assertTrue(accessToken.getApprovedScope().contains("openid"));
IdToken idToken = getIdToken(accessToken, address + "keys/", "consumer-id-oidc");
assertNotNull(idToken);
Long issuedAt = idToken.getIssuedAt();
TimeUnit.SECONDS.sleep(1L);
accessToken = OAuthClientUtils.refreshAccessToken(client, new Consumer("consumer-id-oidc"), accessToken);
idToken = getIdToken(accessToken, address + "keys/", "consumer-id-oidc");
assertNotEquals(issuedAt, idToken.getIssuedAt());
}
Also used :
IdToken(org.apache.cxf.rs.security.oidc.common.IdToken)
JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)
Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Example 23 with Consumer
use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.
the class JAXRSOAuth2TlsTest method doTestTwoWayTLSClientIdBoundJwt.
private void doTestTwoWayTLSClientIdBoundJwt(String clientId) throws Exception {
String atServiceAddress = "https://localhost:" + PORT + "/oauth2Jwt/token";
WebClient wc = createOAuth2WebClient(atServiceAddress);
ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer(clientId), new CustomGrant());
assertNotNull(at.getTokenKey());
JwsJwtCompactConsumer c = new JwsJwtCompactConsumer(at.getTokenKey());
JwtClaims claims = JwtUtils.jsonToClaims(c.getDecodedJwsPayload());
Map<String, Object> cnfs = claims.getMapProperty(JwtConstants.CLAIM_CONFIRMATION);
assertNotNull(cnfs);
assertNotNull(cnfs.get(JoseConstants.HEADER_X509_THUMBPRINT_SHA256));
String protectedRsAddress = "https://localhost:" + PORT + "/rsJwt/bookstore/books/123";
WebClient wcRs = createRsWebClient(protectedRsAddress, at, "client.xml");
Book book = wcRs.get(Book.class);
assertEquals(123L, book.getId());
String protectedRsAddress2 = "https://localhost:" + PORT + "/rsJwt2/bookstore/books/123";
WebClient wcRs2 = createRsWebClient(protectedRsAddress2, at, "client.xml");
book = wcRs2.get(Book.class);
assertEquals(123L, book.getId());
String unprotectedRsAddress = "https://localhost:" + PORT + "/rsUnprotected/bookstore/books/123";
WebClient wcRsDiffClientCert = createRsWebClient(unprotectedRsAddress, at, "client2.xml");
// Unprotected resource
book = wcRsDiffClientCert.get(Book.class);
assertEquals(123L, book.getId());
// Protected resource, access token was created with Morpit.jks key, RS is accessed with
// Bethal.jks key, thus 401 is expected
wcRsDiffClientCert = createRsWebClient(protectedRsAddress, at, "client2.xml");
assertEquals(401, wcRsDiffClientCert.get().getStatus());
wcRsDiffClientCert = createRsWebClient(protectedRsAddress2, at, "client2.xml");
assertEquals(401, wcRsDiffClientCert.get().getStatus());
}
Also used :
JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)
Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer)
JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims)
Book(org.apache.cxf.systest.jaxrs.security.Book)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Example 24 with Consumer
use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.
the class JAXRSOAuth2TlsTest method testTwoWayTLSClientUnbound.
@Test
public void testTwoWayTLSClientUnbound() throws Exception {
String address = "https://localhost:" + PORT + "/oauth2/token";
WebClient wc = createOAuth2WebClient(address);
try {
OAuthClientUtils.getAccessToken(wc, new Consumer("unbound"), new CustomGrant());
fail("exception_expected");
} catch (OAuthServiceException ex) {
assertEquals("invalid_client", ex.getError().getError());
}
}
Also used :
JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)
Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer)
OAuthServiceException(org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Test(org.junit.Test)
Example 25 with Consumer
use of com.swiftmq.amqp.v100.client.Consumer in project cxf by apache.
the class JAXRSOAuth2TlsTest method testTwoWayTLSClientIdBound.
@Test
public void testTwoWayTLSClientIdBound() throws Exception {
String atServiceAddress = "https://localhost:" + PORT + "/oauth2/token";
WebClient wc = createOAuth2WebClient(atServiceAddress);
ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer("bound"), new CustomGrant());
assertNotNull(at.getTokenKey());
}
Also used :
JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)
Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer)
ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Test(org.junit.Test)
Aggregations
Consumer (org.apache.cxf.rs.security.oauth2.client.Consumer)19
WebClient (org.apache.cxf.jaxrs.client.WebClient)17
ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)12
AMQPMessage (com.swiftmq.amqp.v100.messaging.AMQPMessage)9
AMQPString (com.swiftmq.amqp.v100.types.AMQPString)9
Test (org.junit.Test)9
AMQPContext (com.swiftmq.amqp.AMQPContext)7
AmqpValue (com.swiftmq.amqp.v100.generated.messaging.message_format.AmqpValue)7
JSSESocketFactory (com.swiftmq.net.JSSESocketFactory)6
JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)6
OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)4
TxnIdIF (com.swiftmq.amqp.v100.generated.transactions.coordination.TxnIdIF)3
IOException (java.io.IOException)3
HashMap (java.util.HashMap)3
RefreshTokenGrant (org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrant)3
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)2
BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)2
TypelessAccessToken (com.nimbusds.oauth2.sdk.token.TypelessAccessToken)2
Connection (com.swiftmq.amqp.v100.client.Connection)2
InvalidStateException (com.swiftmq.amqp.v100.client.InvalidStateException)2
