Search in sources :

Example 1 with ImplicitResponse

use of io.gravitee.am.gateway.handler.oauth2.service.response.ImplicitResponse in project gravitee-access-management by gravitee-io.

the class ImplicitFlow method prepareResponse.

@Override
protected Single<AuthorizationResponse> prepareResponse(AuthorizationRequest authorizationRequest, Client client, User endUser) {
    OAuth2Request oAuth2Request = authorizationRequest.createOAuth2Request();
    oAuth2Request.setGrantType(GrantType.IMPLICIT);
    oAuth2Request.setSupportRefreshToken(false);
    oAuth2Request.setSubject(endUser.getId());
    oAuth2Request.getContext().put(Claims.s_hash, authorizationRequest.getState());
    if (io.gravitee.am.common.oidc.ResponseType.ID_TOKEN.equals(authorizationRequest.getResponseType())) {
        return idTokenService.create(oAuth2Request, client, endUser).map(idToken -> {
            IDTokenResponse response = new IDTokenResponse();
            response.setRedirectUri(authorizationRequest.getRedirectUri());
            response.setIdToken(idToken);
            response.setState(authorizationRequest.getState());
            return response;
        });
    } else {
        return tokenService.create(oAuth2Request, client, endUser).map(accessToken -> {
            ImplicitResponse response = new ImplicitResponse();
            response.setRedirectUri(authorizationRequest.getRedirectUri());
            response.setAccessToken(accessToken);
            response.setState(authorizationRequest.getState());
            return response;
        });
    }
}
Also used : OAuth2Request(io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request) ImplicitResponse(io.gravitee.am.gateway.handler.oauth2.service.response.ImplicitResponse) IDTokenResponse(io.gravitee.am.gateway.handler.oauth2.service.response.IDTokenResponse)

Example 2 with ImplicitResponse

use of io.gravitee.am.gateway.handler.oauth2.service.response.ImplicitResponse in project gravitee-access-management by gravitee-io.

the class AuthorizationEndpointTest method shouldInvokeAuthorizationEndpoint_implicitFlow.

private void shouldInvokeAuthorizationEndpoint_implicitFlow(String responseType, String expectedCallback, Token accessToken, String idToken) throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setScopeSettings(Collections.singletonList(new ApplicationScopeSettings("read")));
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));
    client.setAuthorizedGrantTypes(Arrays.asList(GrantType.IMPLICIT));
    client.setResponseTypes(Arrays.asList(responseType));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setApproved(true);
    authorizationRequest.setResponseType(responseType);
    authorizationRequest.setRedirectUri("http://localhost:9999/callback");
    AuthorizationResponse authorizationResponse = null;
    if (accessToken != null) {
        authorizationResponse = new ImplicitResponse();
        ((ImplicitResponse) authorizationResponse).setAccessToken(accessToken);
    }
    if (idToken != null) {
        authorizationResponse = new IDTokenResponse();
        ((IDTokenResponse) authorizationResponse).setIdToken(idToken);
    }
    authorizationResponse.setRedirectUri(authorizationRequest.getRedirectUri());
    router.route().order(-1).handler(routingContext -> {
        routingContext.setUser(new User(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(new io.gravitee.am.model.User())));
        routingContext.next();
    });
    when(clientSyncService.findByClientId("client-id")).thenReturn(Maybe.just(client));
    when(flow.run(any(), any(), any())).thenReturn(Single.just(authorizationResponse));
    testRequest(HttpMethod.GET, "/oauth/authorize?response_type=" + responseType.replaceAll("\\s", "%20") + "&client_id=client-id&nonce=123&redirect_uri=http://localhost:9999/callback", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertEquals("http://localhost:9999/callback#" + expectedCallback, location);
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : AuthorizationRequest(io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest) User(io.vertx.reactivex.ext.auth.User) ApplicationScopeSettings(io.gravitee.am.model.application.ApplicationScopeSettings) Client(io.gravitee.am.model.oidc.Client)

Example 3 with ImplicitResponse

use of io.gravitee.am.gateway.handler.oauth2.service.response.ImplicitResponse in project gravitee-access-management by gravitee-io.

the class AuthorizationEndpointTest method shouldInvokeAuthorizationEndpoint_noClientResponseType.

@Test
public void shouldInvokeAuthorizationEndpoint_noClientResponseType() throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setResponseTypes(null);
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setApproved(true);
    authorizationRequest.setResponseType(ResponseType.TOKEN);
    authorizationRequest.setRedirectUri("http://localhost:9999/callback");
    Token accessToken = new AccessToken("token");
    AuthorizationResponse authorizationResponse = new ImplicitResponse();
    authorizationResponse.setRedirectUri(authorizationRequest.getRedirectUri());
    ((ImplicitResponse) authorizationResponse).setAccessToken(accessToken);
    router.route().order(-1).handler(routingContext -> {
        routingContext.setUser(new User(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(new io.gravitee.am.model.User())));
        routingContext.next();
    });
    when(clientSyncService.findByClientId("client-id")).thenReturn(Maybe.just(client));
    testRequest(HttpMethod.GET, "/oauth/authorize?response_type=token&client_id=client-id&nonce=123&redirect_uri=http://localhost:9999/callback", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertEquals("http://localhost:9999/callback#error=unauthorized_client&error_description=Client+should+have+response_type.", location);
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : AuthorizationRequest(io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest) User(io.vertx.reactivex.ext.auth.User) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Token(io.gravitee.am.gateway.handler.oauth2.service.token.Token) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 4 with ImplicitResponse

use of io.gravitee.am.gateway.handler.oauth2.service.response.ImplicitResponse in project gravitee-access-management by gravitee-io.

the class AuthorizationEndpointTest method shouldInvokeAuthorizationEndpoint_responseTypeToken.

@Test
public void shouldInvokeAuthorizationEndpoint_responseTypeToken() throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));
    client.setAuthorizedGrantTypes(Arrays.asList(GrantType.IMPLICIT));
    client.setResponseTypes(Arrays.asList(ResponseType.TOKEN));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setApproved(true);
    authorizationRequest.setResponseType(ResponseType.TOKEN);
    authorizationRequest.setRedirectUri("http://localhost:9999/callback");
    Token accessToken = new AccessToken("token");
    AuthorizationResponse authorizationResponse = new ImplicitResponse();
    authorizationResponse.setRedirectUri(authorizationRequest.getRedirectUri());
    ((ImplicitResponse) authorizationResponse).setAccessToken(accessToken);
    router.route().order(-1).handler(routingContext -> {
        routingContext.setUser(new User(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(new io.gravitee.am.model.User())));
        routingContext.next();
    });
    when(clientSyncService.findByClientId("client-id")).thenReturn(Maybe.just(client));
    when(flow.run(any(), any(), any())).thenReturn(Single.just(authorizationResponse));
    testRequest(HttpMethod.GET, "/oauth/authorize?response_type=token&client_id=client-id&nonce=123&redirect_uri=http://localhost:9999/callback", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertEquals("http://localhost:9999/callback#access_token=token&token_type=bearer&expires_in=0", location);
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : AuthorizationRequest(io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest) User(io.vertx.reactivex.ext.auth.User) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Token(io.gravitee.am.gateway.handler.oauth2.service.token.Token) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Example 5 with ImplicitResponse

use of io.gravitee.am.gateway.handler.oauth2.service.response.ImplicitResponse in project gravitee-access-management by gravitee-io.

the class AuthorizationEndpointTest method shouldInvokeAuthorizationEndpoint_missingClientResponseType.

@Test
public void shouldInvokeAuthorizationEndpoint_missingClientResponseType() throws Exception {
    final Client client = new Client();
    client.setId("client-id");
    client.setClientId("client-id");
    client.setResponseTypes(Arrays.asList(io.gravitee.am.common.oidc.ResponseType.ID_TOKEN));
    client.setRedirectUris(Collections.singletonList("http://localhost:9999/callback"));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setApproved(true);
    authorizationRequest.setResponseType(ResponseType.TOKEN);
    authorizationRequest.setRedirectUri("http://localhost:9999/callback");
    Token accessToken = new AccessToken("token");
    AuthorizationResponse authorizationResponse = new ImplicitResponse();
    authorizationResponse.setRedirectUri(authorizationRequest.getRedirectUri());
    ((ImplicitResponse) authorizationResponse).setAccessToken(accessToken);
    router.route().order(-1).handler(routingContext -> {
        routingContext.setUser(new User(new io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User(new io.gravitee.am.model.User())));
        routingContext.next();
    });
    when(clientSyncService.findByClientId("client-id")).thenReturn(Maybe.just(client));
    testRequest(HttpMethod.GET, "/oauth/authorize?response_type=token&client_id=client-id&nonce=123&redirect_uri=http://localhost:9999/callback", null, resp -> {
        String location = resp.headers().get("location");
        assertNotNull(location);
        assertEquals("http://localhost:9999/callback#error=unauthorized_client&error_description=Client+should+have+all+requested+response_type", location);
    }, HttpStatusCode.FOUND_302, "Found", null);
}
Also used : AuthorizationRequest(io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest) User(io.vertx.reactivex.ext.auth.User) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Token(io.gravitee.am.gateway.handler.oauth2.service.token.Token) AccessToken(io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken) Client(io.gravitee.am.model.oidc.Client) Test(org.junit.Test)

Aggregations

AuthorizationRequest (io.gravitee.am.gateway.handler.oauth2.service.request.AuthorizationRequest)4 Client (io.gravitee.am.model.oidc.Client)4 User (io.vertx.reactivex.ext.auth.User)4 Token (io.gravitee.am.gateway.handler.oauth2.service.token.Token)3 AccessToken (io.gravitee.am.gateway.handler.oauth2.service.token.impl.AccessToken)3 Test (org.junit.Test)3 OAuth2Request (io.gravitee.am.gateway.handler.oauth2.service.request.OAuth2Request)1 IDTokenResponse (io.gravitee.am.gateway.handler.oauth2.service.response.IDTokenResponse)1 ImplicitResponse (io.gravitee.am.gateway.handler.oauth2.service.response.ImplicitResponse)1 ApplicationScopeSettings (io.gravitee.am.model.application.ApplicationScopeSettings)1