Search in sources :

Example 1 with SessionContext

use of io.asgardeo.java.oidc.sdk.bean.SessionContext in project asgardeo-java-oidc-sdk by asgardeo.

the class OIDCRequestBuilderTest method setUp.

@BeforeMethod
public void setUp() throws URISyntaxException, ParseException {
    ClientID clientID = new ClientID("sampleClientId");
    Scope scope = new Scope("sampleScope1", "openid");
    URI callbackURI = new URI("http://test/sampleCallbackURL");
    URI authorizationEndpoint = new URI("http://test/sampleAuthzEP");
    URI logoutEP = new URI("http://test/sampleLogoutEP");
    URI redirectionURI = new URI("http://test/sampleRedirectionURL");
    JWT idToken = JWTParser.parse("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwia" + "WF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c");
    oidcAgentConfig = mock(OIDCAgentConfig.class);
    sessionContext = mock(SessionContext.class);
    when(oidcAgentConfig.getConsumerKey()).thenReturn(clientID);
    when(oidcAgentConfig.getScope()).thenReturn(scope);
    when(oidcAgentConfig.getCallbackUrl()).thenReturn(callbackURI);
    when(oidcAgentConfig.getAuthorizeEndpoint()).thenReturn(authorizationEndpoint);
    when(oidcAgentConfig.getLogoutEndpoint()).thenReturn(logoutEP);
    when(oidcAgentConfig.getPostLogoutRedirectURI()).thenReturn(redirectionURI);
    when(sessionContext.getIdToken()).thenReturn(idToken.getParsedString());
}
Also used : Scope(com.nimbusds.oauth2.sdk.Scope) JWT(com.nimbusds.jwt.JWT) OIDCAgentConfig(io.asgardeo.java.oidc.sdk.config.model.OIDCAgentConfig) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) SessionContext(io.asgardeo.java.oidc.sdk.bean.SessionContext) URI(java.net.URI) BeforeMethod(org.testng.annotations.BeforeMethod)

Example 2 with SessionContext

use of io.asgardeo.java.oidc.sdk.bean.SessionContext in project asgardeo-java-oidc-sdk by asgardeo.

the class DefaultOIDCManagerTest method setUp.

@BeforeMethod
public void setUp() throws Exception {
    mockServer = ClientAndServer.startClientAndServer(9441);
    Issuer issuer = new Issuer("issuer");
    ClientID clientID = new ClientID("sampleClientId");
    Secret clientSecret = new Secret("sampleClientSecret");
    URI callbackURI = new URI("http://localhost:9441/sampleCallbackURL");
    URI tokenEPURI = new URI("http://localhost:9441/sampleTokenEP");
    URI jwksURI = new URI("http://localhost:9441/jwksEP");
    URI logoutEP = new URI("http://test/sampleLogoutEP");
    Scope scope = new Scope("sampleScope1", "openid");
    JWT idToken = JWTParser.parse("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwia" + "WF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c");
    request = mock(HttpServletRequest.class);
    response = mock(HttpServletResponse.class);
    requestResolver = mock(OIDCRequestResolver.class);
    sessionContext = mock(SessionContext.class);
    oidcAgentConfig.setConsumerKey(clientID);
    oidcAgentConfig.setConsumerSecret(clientSecret);
    oidcAgentConfig.setCallbackUrl(callbackURI);
    oidcAgentConfig.setTokenEndpoint(tokenEPURI);
    oidcAgentConfig.setLogoutEndpoint(logoutEP);
    oidcAgentConfig.setScope(scope);
    oidcAgentConfig.setIssuer(issuer);
    oidcAgentConfig.setJwksEndpoint(jwksURI);
    when(sessionContext.getIdToken()).thenReturn(idToken.getParsedString());
    IDTokenClaimsSet claimsSet = mock(IDTokenClaimsSet.class);
    IDTokenValidator idTokenValidator = mock(IDTokenValidator.class);
    com.nimbusds.openid.connect.sdk.validators.IDTokenValidator validator = mock(com.nimbusds.openid.connect.sdk.validators.IDTokenValidator.class);
    PowerMockito.whenNew(IDTokenValidator.class).withAnyArguments().thenReturn(idTokenValidator);
    PowerMockito.whenNew(com.nimbusds.openid.connect.sdk.validators.IDTokenValidator.class).withAnyArguments().thenReturn(validator);
    when(validator.validate(any(JWT.class), any(Nonce.class))).thenReturn(claimsSet);
    Mockito.when(idTokenValidator.validate(any(Nonce.class))).thenReturn(claimsSet);
    Mockito.when(claimsSet.getSubject()).thenReturn(new Subject("alex@carbon.super"));
}
Also used : Issuer(com.nimbusds.oauth2.sdk.id.Issuer) JWT(com.nimbusds.jwt.JWT) HttpServletResponse(javax.servlet.http.HttpServletResponse) IDTokenClaimsSet(com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet) URI(java.net.URI) Subject(com.nimbusds.oauth2.sdk.id.Subject) Secret(com.nimbusds.oauth2.sdk.auth.Secret) HttpServletRequest(javax.servlet.http.HttpServletRequest) Nonce(com.nimbusds.openid.connect.sdk.Nonce) Scope(com.nimbusds.oauth2.sdk.Scope) ClientID(com.nimbusds.oauth2.sdk.id.ClientID) OIDCRequestResolver(io.asgardeo.java.oidc.sdk.request.OIDCRequestResolver) SessionContext(io.asgardeo.java.oidc.sdk.bean.SessionContext) IDTokenValidator(io.asgardeo.java.oidc.sdk.validators.IDTokenValidator) BeforeMethod(org.testng.annotations.BeforeMethod)

Example 3 with SessionContext

use of io.asgardeo.java.oidc.sdk.bean.SessionContext in project asgardeo-java-oidc-sdk by asgardeo.

the class HTTPSessionBasedOIDCProcessorTest method testHandleOIDCCallback.

@Test
public void testHandleOIDCCallback() throws SSOAgentException {
    SessionContext sessionContext = new SessionContext();
    RequestContext requestContext = new RequestContext();
    HttpSession session = mock(HttpSession.class);
    mockedOIDCManagerFactory = mockStatic(DefaultOIDCManagerFactory.class);
    when(DefaultOIDCManagerFactory.createOIDCManager(oidcAgentConfig)).thenReturn(defaultOIDCManager);
    when(request.getSession()).thenReturn(session);
    when(request.getSession(false)).thenReturn(session);
    when(session.getAttribute(SSOAgentConstants.REQUEST_CONTEXT)).thenReturn(requestContext);
    when(defaultOIDCManager.handleOIDCCallback(request, response, requestContext)).thenReturn(sessionContext);
    HTTPSessionBasedOIDCProcessor provider = new HTTPSessionBasedOIDCProcessor(oidcAgentConfig);
    provider.handleOIDCCallback(request, response);
    verify(session).setAttribute(SSOAgentConstants.SESSION_CONTEXT, sessionContext);
}
Also used : HttpSession(javax.servlet.http.HttpSession) SessionContext(io.asgardeo.java.oidc.sdk.bean.SessionContext) RequestContext(io.asgardeo.java.oidc.sdk.bean.RequestContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 4 with SessionContext

use of io.asgardeo.java.oidc.sdk.bean.SessionContext in project asgardeo-java-oidc-sdk by asgardeo.

the class HTTPSessionBasedOIDCProcessorTest method testLogout.

@Test
public void testLogout() throws SSOAgentException {
    RequestContext requestContext = new RequestContext();
    SessionContext sessionContext = new SessionContext();
    HttpSession session = mock(HttpSession.class);
    mockedOIDCManagerFactory = mockStatic(DefaultOIDCManagerFactory.class);
    when(DefaultOIDCManagerFactory.createOIDCManager(oidcAgentConfig)).thenReturn(defaultOIDCManager);
    when(request.getSession()).thenReturn(session);
    when(request.getSession(false)).thenReturn(session);
    when(session.getAttribute(SSOAgentConstants.SESSION_CONTEXT)).thenReturn(sessionContext);
    when(defaultOIDCManager.logout(sessionContext, response)).thenReturn(requestContext);
    HTTPSessionBasedOIDCProcessor provider = new HTTPSessionBasedOIDCProcessor(oidcAgentConfig);
    provider.logout(request, response);
    verify(session).setAttribute(SSOAgentConstants.REQUEST_CONTEXT, requestContext);
}
Also used : HttpSession(javax.servlet.http.HttpSession) SessionContext(io.asgardeo.java.oidc.sdk.bean.SessionContext) RequestContext(io.asgardeo.java.oidc.sdk.bean.RequestContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 5 with SessionContext

use of io.asgardeo.java.oidc.sdk.bean.SessionContext in project asgardeo-java-oidc-sdk by asgardeo.

the class DefaultOIDCManager method handleOIDCCallback.

/**
 * {@inheritDoc}
 */
@Override
public SessionContext handleOIDCCallback(HttpServletRequest request, HttpServletResponse response, RequestContext requestContext) throws SSOAgentException {
    OIDCRequestResolver requestResolver = new OIDCRequestResolver(request, oidcAgentConfig);
    SessionContext sessionContext = new SessionContext();
    Nonce nonce = requestContext.getNonce();
    try {
        if (requestResolver.isAuthorizationCodeResponse()) {
            // Auth code is received.
            logger.log(Level.TRACE, "Handling the OIDC Authorization response.");
            boolean isAuthenticated = handleAuthentication(request, sessionContext, nonce);
            if (isAuthenticated) {
                logger.log(Level.TRACE, "Authentication successful. Redirecting to the target page.");
                return sessionContext;
            }
        } else if (requestResolver.isError()) {
            // Error occurred.
            if (StringUtils.isNotEmpty(request.getParameter(SSOAgentConstants.ERROR_DESCRIPTION))) {
                logger.log(Level.ERROR, "Authentication unsuccessful. Error description: " + request.getParameter(SSOAgentConstants.ERROR_DESCRIPTION));
                throw new SSOAgentServerException(request.getParameter(SSOAgentConstants.ERROR_DESCRIPTION), SSOAgentConstants.ErrorMessages.AUTHENTICATION_FAILED.getCode());
            }
        } else {
            // Successful logout.
            sessionContext.getAdditionalParams().put(SSOAgentConstants.IS_LOGOUT, true);
            return sessionContext;
        }
        logger.log(Level.ERROR, "Authentication unsuccessful. Clearing the active session and redirecting.");
        throw new SSOAgentServerException(SSOAgentConstants.ErrorMessages.AUTHENTICATION_FAILED.getMessage(), SSOAgentConstants.ErrorMessages.AUTHENTICATION_FAILED.getCode());
    } catch (SSOAgentServerException e) {
        throw new SSOAgentException(e.getMessage(), e.getErrorCode());
    }
}
Also used : Nonce(com.nimbusds.openid.connect.sdk.Nonce) SSOAgentException(io.asgardeo.java.oidc.sdk.exception.SSOAgentException) OIDCRequestResolver(io.asgardeo.java.oidc.sdk.request.OIDCRequestResolver) SessionContext(io.asgardeo.java.oidc.sdk.bean.SessionContext) SSOAgentServerException(io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException)

Aggregations

SessionContext (io.asgardeo.java.oidc.sdk.bean.SessionContext)8 RequestContext (io.asgardeo.java.oidc.sdk.bean.RequestContext)5 HttpSession (javax.servlet.http.HttpSession)5 JWT (com.nimbusds.jwt.JWT)3 Nonce (com.nimbusds.openid.connect.sdk.Nonce)3 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)3 Test (org.testng.annotations.Test)3 Scope (com.nimbusds.oauth2.sdk.Scope)2 ClientID (com.nimbusds.oauth2.sdk.id.ClientID)2 SSOAgentServerException (io.asgardeo.java.oidc.sdk.exception.SSOAgentServerException)2 OIDCRequestResolver (io.asgardeo.java.oidc.sdk.request.OIDCRequestResolver)2 URI (java.net.URI)2 BeforeMethod (org.testng.annotations.BeforeMethod)2 AccessTokenResponse (com.nimbusds.oauth2.sdk.AccessTokenResponse)1 AuthorizationCode (com.nimbusds.oauth2.sdk.AuthorizationCode)1 AuthorizationResponse (com.nimbusds.oauth2.sdk.AuthorizationResponse)1 AuthorizationSuccessResponse (com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse)1 TokenResponse (com.nimbusds.oauth2.sdk.TokenResponse)1 Secret (com.nimbusds.oauth2.sdk.auth.Secret)1 HTTPRequest (com.nimbusds.oauth2.sdk.http.HTTPRequest)1