Examples with BackchannelAuthenticationResponse io.jans.as.client.BackchannelAuthenticationResponse used on opensource projects

Search in sources :

Example 46 with BackchannelAuthenticationResponse

use of io.jans.as.client.BackchannelAuthenticationResponse in project jans by JanssenProject.

the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushIdTokenHintPS384.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "PS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintPS384")
public void backchannelTokenDeliveryModePushIdTokenHintPS384(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
    showTitle("backchannelTokenDeliveryModePushIdTokenHintPS384");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.PS384);
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.PS384);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.PS384, BackchannelTokenDeliveryMode.PUSH, true);
    String clientId = registerResponse.getClientId();
    // 2. Authentication Request
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintPS384);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.PS384);
    backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
    backchannelAuthenticationRequest.setKeyId(keyId);
    backchannelAuthenticationRequest.setAudience(tokenEndpoint);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 47 with BackchannelAuthenticationResponse

use of io.jans.as.client.BackchannelAuthenticationResponse in project jans by JanssenProject.

the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushLoginHintTokenRS256.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode" })
@Test(dependsOnMethods = "loginHintTokenRS256")
public void backchannelTokenDeliveryModePushLoginHintTokenRS256(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode) {
    showTitle("backchannelTokenDeliveryModePushLoginHintTokenRS256");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PUSH, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Authentication Request
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setLoginHintToken(loginHintTokenRS256);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 48 with BackchannelAuthenticationResponse

use of io.jans.as.client.BackchannelAuthenticationResponse in project jans by JanssenProject.

the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushIdTokenHintRS384.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "RS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintRS384")
public void backchannelTokenDeliveryModePushIdTokenHintRS384(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
    showTitle("backchannelTokenDeliveryModePushIdTokenHintRS384");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS384);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS384, BackchannelTokenDeliveryMode.PUSH, true);
    String clientId = registerResponse.getClientId();
    // 2. Authentication Request
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintRS384);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.RS384);
    backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
    backchannelAuthenticationRequest.setKeyId(keyId);
    backchannelAuthenticationRequest.setAudience(tokenEndpoint);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 49 with BackchannelAuthenticationResponse

use of io.jans.as.client.BackchannelAuthenticationResponse in project jans by JanssenProject.

the class BackchannelAuthenticationPushMode method backchannelTokenDeliveryModePushIdTokenHintES512.

@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintES512")
public void backchannelTokenDeliveryModePushIdTokenHintES512(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
    showTitle("backchannelTokenDeliveryModePushIdTokenHintES512");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES512);
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PUSH);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.ES512);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.ES512, BackchannelTokenDeliveryMode.PUSH, true);
    String clientId = registerResponse.getClientId();
    // 2. Authentication Request
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Collections.singletonList("openid"));
    backchannelAuthenticationRequest.setIdTokenHint(idTokenHintES512);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.ES512);
    backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
    backchannelAuthenticationRequest.setKeyId(keyId);
    backchannelAuthenticationRequest.setAudience(tokenEndpoint);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, false);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 50 with BackchannelAuthenticationResponse

use of io.jans.as.client.BackchannelAuthenticationResponse in project jans by JanssenProject.

the class BackchannelAuthenticationExpiredRequestsTests method backchannelTokenDeliveryModePingExpiredRequest.

/**
 * Test ping flow when a request expires, response from the server should be expired_token and 400 status.
 */
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "userId" })
@Test
public void backchannelTokenDeliveryModePingExpiredRequest(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String userId) throws InterruptedException {
    showTitle("backchannelTokenDeliveryModePingExpiredRequest");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PING, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Authentication Request
    String bindingMessage = RandomStringUtils.randomAlphanumeric(6);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Arrays.asList("openid", "profile", "email", "address", "phone"));
    backchannelAuthenticationRequest.setLoginHint(userId);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1);
    backchannelAuthenticationRequest.setAcrValues(Arrays.asList("auth_ldap_server", "basic"));
    backchannelAuthenticationRequest.setBindingMessage(bindingMessage);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
    // 3. Request token - expected expiration error
    TokenResponse tokenResponse;
    int pollCount = 0;
    do {
        Thread.sleep(3500);
        TokenRequest tokenRequest = new TokenRequest(GrantType.CIBA);
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        tokenRequest.setAuthReqId(backchannelAuthenticationResponse.getAuthReqId());
        TokenClient tokenClient = new TokenClient(tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        tokenResponse = tokenClient.exec();
        showClient(tokenClient);
        pollCount++;
    } while (pollCount < 5 && tokenResponse.getStatus() == 400 && tokenResponse.getErrorType() == TokenErrorResponseType.AUTHORIZATION_PENDING);
    assertTokenResponseFail(tokenResponse, 400, TokenErrorResponseType.EXPIRED_TOKEN);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) TokenRequest(io.jans.as.client.TokenRequest) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

BackchannelAuthenticationClient (io.jans.as.client.BackchannelAuthenticationClient)111 BackchannelAuthenticationRequest (io.jans.as.client.BackchannelAuthenticationRequest)111 BackchannelAuthenticationResponse (io.jans.as.client.BackchannelAuthenticationResponse)111 BaseTest (io.jans.as.client.BaseTest)105 RegisterClient (io.jans.as.client.RegisterClient)105 RegisterRequest (io.jans.as.client.RegisterRequest)105 RegisterResponse (io.jans.as.client.RegisterResponse)105 Parameters (org.testng.annotations.Parameters)105 Test (org.testng.annotations.Test)105 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)27 TokenClient (io.jans.as.client.TokenClient)4 TokenRequest (io.jans.as.client.TokenRequest)4 TokenResponse (io.jans.as.client.TokenResponse)4 UserInfoClient (io.jans.as.client.UserInfoClient)2 UserInfoResponse (io.jans.as.client.UserInfoResponse)2 RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)2 RSASigner (io.jans.as.model.jws.RSASigner)2 Jwt (io.jans.as.model.jwt.Jwt)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial