Search in sources :

Example 31 with BackchannelAuthenticationClient

use of io.jans.as.client.BackchannelAuthenticationClient in project jans by JanssenProject.

the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintRS256.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintRS256")
public void backchannelTokenDeliveryModePingIdTokenHintRS256(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
    showTitle("backchannelTokenDeliveryModePingIdTokenHintRS256");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS256);
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PING, true);
    String clientId = registerResponse.getClientId();
    // 2. Authentication Request
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintRS256);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.RS256);
    backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
    backchannelAuthenticationRequest.setKeyId(keyId);
    backchannelAuthenticationRequest.setAudience(tokenEndpoint);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 32 with BackchannelAuthenticationClient

use of io.jans.as.client.BackchannelAuthenticationClient in project jans by JanssenProject.

the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintAlgRSA15EncA128CBCPLUSHS256.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode" })
@Test(dependsOnMethods = "idTokenHintAlgRSA15EncA128CBCPLUSHS256")
public void backchannelTokenDeliveryModePingIdTokenHintAlgRSA15EncA128CBCPLUSHS256(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode) {
    showTitle("backchannelTokenDeliveryModePingIdTokenHintAlgRSA15EncA128CBCPLUSHS256");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PING, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Authentication Request
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintAlgRSA15EncA128CBCPLUSHS256);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 33 with BackchannelAuthenticationClient

use of io.jans.as.client.BackchannelAuthenticationClient in project jans by JanssenProject.

the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintAlgRSA15EncA256CBCPLUSHS512.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode" })
@Test(dependsOnMethods = "idTokenHintAlgRSA15EncA256CBCPLUSHS512")
public void backchannelTokenDeliveryModePingIdTokenHintAlgRSA15EncA256CBCPLUSHS512(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode) {
    showTitle("backchannelTokenDeliveryModePingIdTokenHintAlgRSA15EncA256CBCPLUSHS512");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PING, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Authentication Request
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintAlgRSA15EncA256CBCPLUSHS512);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 34 with BackchannelAuthenticationClient

use of io.jans.as.client.BackchannelAuthenticationClient in project jans by JanssenProject.

the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintRS384.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "RS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintRS384")
public void backchannelTokenDeliveryModePingIdTokenHintRS384(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
    showTitle("backchannelTokenDeliveryModePingIdTokenHintRS384");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS384);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS384, BackchannelTokenDeliveryMode.PING, true);
    String clientId = registerResponse.getClientId();
    // 2. Authentication Request
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintRS384);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.RS384);
    backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
    backchannelAuthenticationRequest.setKeyId(keyId);
    backchannelAuthenticationRequest.setAudience(tokenEndpoint);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 35 with BackchannelAuthenticationClient

use of io.jans.as.client.BackchannelAuthenticationClient in project jans by JanssenProject.

the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintAlgA128KWEncA128GCM.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode" })
@Test(dependsOnMethods = "idTokenHintAlgA128KWEncA128GCM")
public void backchannelTokenDeliveryModePingIdTokenHintAlgA128KWEncA128GCM(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode) {
    showTitle("backchannelTokenDeliveryModePingIdTokenHintAlgA128KWEncA128GCM");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PING, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Authentication Request
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintAlgA128KWEncA128GCM);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

BackchannelAuthenticationClient (io.jans.as.client.BackchannelAuthenticationClient)111 BackchannelAuthenticationRequest (io.jans.as.client.BackchannelAuthenticationRequest)111 BackchannelAuthenticationResponse (io.jans.as.client.BackchannelAuthenticationResponse)111 BaseTest (io.jans.as.client.BaseTest)105 RegisterClient (io.jans.as.client.RegisterClient)105 RegisterRequest (io.jans.as.client.RegisterRequest)105 RegisterResponse (io.jans.as.client.RegisterResponse)105 Parameters (org.testng.annotations.Parameters)105 Test (org.testng.annotations.Test)105 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)27 TokenClient (io.jans.as.client.TokenClient)4 TokenRequest (io.jans.as.client.TokenRequest)4 TokenResponse (io.jans.as.client.TokenResponse)4 UserInfoClient (io.jans.as.client.UserInfoClient)2 UserInfoResponse (io.jans.as.client.UserInfoResponse)2 RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)2 RSASigner (io.jans.as.model.jws.RSASigner)2 Jwt (io.jans.as.model.jwt.Jwt)2