Example 51 with BackchannelAuthenticationRequest
use of io.jans.as.client.BackchannelAuthenticationRequest in project jans by JanssenProject.
the class CibaPollModeJwtAuthRequestTests method processCibaAuthorizationEndpointFailCall.
/**
* Process a Ciba call to the OP using JWT Request object and validate HTTP status and error type.
*
* @param jwtRequest JWT in plain String.
* @param clientId Client identifier.
* @param clientSecret Client secret.
* @param httpStatus Param used to validate response from the server.
* @param errorType Error used to validate error response from the server.
*/
private void processCibaAuthorizationEndpointFailCall(String jwtRequest, String clientId, String clientSecret, int httpStatus, BackchannelAuthenticationErrorResponseType errorType) {
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setRequest(jwtRequest);
backchannelAuthenticationRequest.setClientId(clientId);
backchannelAuthenticationRequest.setAuthUsername(clientId);
backchannelAuthenticationRequest.setAuthPassword(clientSecret);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertBackchannelAuthenticationFail(backchannelAuthenticationResponse, httpStatus, errorType);
assertNull(backchannelAuthenticationResponse.getAuthReqId());
assertNull(backchannelAuthenticationResponse.getExpiresIn());
assertNull(backchannelAuthenticationResponse.getInterval());
}
Also used :
BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse)
BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient)
BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest)
Example 52 with BackchannelAuthenticationRequest
use of io.jans.as.client.BackchannelAuthenticationRequest in project jans by JanssenProject.
the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushIdTokenHintES384.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "ES384_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintES384")
public void backchannelTokenDeliveryModePushIdTokenHintES384(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
showTitle("backchannelTokenDeliveryModePushIdTokenHintES384");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.ES384);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.ES384, BackchannelTokenDeliveryMode.PUSH, true);
String clientId = registerResponse.getClientId();
// 2. Authentication Request
AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
backchannelAuthenticationRequest.setIdTokenHint(idTokenHintES384);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.ES384);
backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
backchannelAuthenticationRequest.setKeyId(keyId);
backchannelAuthenticationRequest.setAudience(tokenEndpoint);
backchannelAuthenticationRequest.setAuthUsername(clientId);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
RegisterResponse(io.jans.as.client.RegisterResponse)
BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse)
RegisterClient(io.jans.as.client.RegisterClient)
BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient)
BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest)
AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 53 with BackchannelAuthenticationRequest
use of io.jans.as.client.BackchannelAuthenticationRequest in project jans by JanssenProject.
the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushIdTokenHintPS512.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "PS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintPS512")
public void backchannelTokenDeliveryModePushIdTokenHintPS512(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
showTitle("backchannelTokenDeliveryModePushIdTokenHintPS512");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.PS512);
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.PS512);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.PS512, BackchannelTokenDeliveryMode.PUSH, true);
String clientId = registerResponse.getClientId();
// 2. Authentication Request
AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
backchannelAuthenticationRequest.setIdTokenHint(idTokenHintPS512);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.PS512);
backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
backchannelAuthenticationRequest.setKeyId(keyId);
backchannelAuthenticationRequest.setAudience(tokenEndpoint);
backchannelAuthenticationRequest.setAuthUsername(clientId);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
RegisterResponse(io.jans.as.client.RegisterResponse)
BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse)
RegisterClient(io.jans.as.client.RegisterClient)
BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient)
BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest)
AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 54 with BackchannelAuthenticationRequest
use of io.jans.as.client.BackchannelAuthenticationRequest in project jans by JanssenProject.
the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushLoginHint2.
@Parameters({ "backchannelClientNotificationEndpoint", "backchannelUserCode", "userEmail" })
@Test
public void backchannelTokenDeliveryModePushLoginHint2(final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String userEmail) {
showTitle("backchannelTokenDeliveryModePushLoginHint2");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PUSH, true);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Authentication Request
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
backchannelAuthenticationRequest.setLoginHint(userEmail);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthUsername(clientId);
backchannelAuthenticationRequest.setAuthPassword(clientSecret);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
RegisterResponse(io.jans.as.client.RegisterResponse)
BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse)
RegisterClient(io.jans.as.client.RegisterClient)
BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient)
BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 55 with BackchannelAuthenticationRequest
use of io.jans.as.client.BackchannelAuthenticationRequest in project jans by JanssenProject.
the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushIdTokenHintPS256.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "PS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintPS256")
public void backchannelTokenDeliveryModePushIdTokenHintPS256(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
showTitle("backchannelTokenDeliveryModePushIdTokenHintPS256");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.PS256);
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.PS256);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.PS256, BackchannelTokenDeliveryMode.PUSH, true);
String clientId = registerResponse.getClientId();
// 2. Authentication Request
AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
backchannelAuthenticationRequest.setIdTokenHint(idTokenHintPS256);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.PS256);
backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
backchannelAuthenticationRequest.setKeyId(keyId);
backchannelAuthenticationRequest.setAudience(tokenEndpoint);
backchannelAuthenticationRequest.setAuthUsername(clientId);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
RegisterResponse(io.jans.as.client.RegisterResponse)
BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse)
RegisterClient(io.jans.as.client.RegisterClient)
BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient)
BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest)
AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Aggregations
BackchannelAuthenticationClient (io.jans.as.client.BackchannelAuthenticationClient)111
BackchannelAuthenticationRequest (io.jans.as.client.BackchannelAuthenticationRequest)111
BackchannelAuthenticationResponse (io.jans.as.client.BackchannelAuthenticationResponse)111
BaseTest (io.jans.as.client.BaseTest)105
RegisterClient (io.jans.as.client.RegisterClient)105
RegisterRequest (io.jans.as.client.RegisterRequest)105
RegisterResponse (io.jans.as.client.RegisterResponse)105
Parameters (org.testng.annotations.Parameters)105
Test (org.testng.annotations.Test)105
AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)27
TokenClient (io.jans.as.client.TokenClient)4
TokenRequest (io.jans.as.client.TokenRequest)4
TokenResponse (io.jans.as.client.TokenResponse)4
UserInfoClient (io.jans.as.client.UserInfoClient)2
UserInfoResponse (io.jans.as.client.UserInfoResponse)2
RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)2
RSASigner (io.jans.as.model.jws.RSASigner)2
Jwt (io.jans.as.model.jwt.Jwt)2
