Search in sources :

Example 1 with DeviceAuthzRequest

use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method deviceAuthzFlowAccessDenied.

/**
 * Device authorization with access denied.
 */
@Parameters({ "userId", "userSecret" })
@Test
public void deviceAuthzFlowAccessDenied(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlowAccessDenied");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    AuthorizationResponse authorizationResponse = processDeviceAuthzDenyAccess(userId, userSecret, response.getUserCode(), currentDriver, false, pageConfig);
    validateErrorResponse(authorizationResponse, AuthorizeErrorResponseType.ACCESS_DENIED);
    // 4. Token request
    TokenResponse tokenResponse = processTokens(clientId, clientSecret, response.getDeviceCode());
    assertNotNull(tokenResponse.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse.getErrorType(), TokenErrorResponseType.ACCESS_DENIED, "Unexpected error");
}
Also used : WebDriver(org.openqa.selenium.WebDriver) DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) PageConfig(io.jans.as.client.page.PageConfig) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 2 with DeviceAuthzRequest

use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method checkSlowDownOrPendingState.

/**
 * Verifies that token endpoint should return slow down or authorization pending states when token is in process.
 */
@Test
public void checkSlowDownOrPendingState() throws Exception {
    showTitle("checkSlowDownOrPendingState");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    byte count = 3;
    while (count > 0) {
        TokenResponse tokenResponse = processTokens(clientId, clientSecret, response.getDeviceCode());
        assertNotNull(tokenResponse.getErrorType(), "Error expected, however no error was found");
        assertNotNull(tokenResponse.getErrorDescription(), "Error description expected, however no error was found");
        assertTrue(tokenResponse.getErrorType() == TokenErrorResponseType.AUTHORIZATION_PENDING || tokenResponse.getErrorType() == TokenErrorResponseType.SLOW_DOWN, "Unexpected error");
        Thread.sleep(200);
        count--;
    }
}
Also used : DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 3 with DeviceAuthzRequest

use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method deviceAuthzFlowWithCompleteVerificationUri.

/**
 * Process a complete device authorization flow using verification_uri_complete
 */
@Parameters({ "userId", "userSecret" })
@Test
public void deviceAuthzFlowWithCompleteVerificationUri(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlow");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    processDeviceAuthzPutUserCodeAndPressContinue(response.getUserCode(), currentDriver, true, pageConfig);
    AuthorizationResponse authorizationResponse = processAuthorization(userId, userSecret, currentDriver);
    stopWebDriver(false, currentDriver);
    assertSuccessAuthzResponse(authorizationResponse);
    // 4. Token request
    TokenResponse tokenResponse1 = processTokens(clientId, clientSecret, response.getDeviceCode());
    validateTokenSuccessfulResponse(tokenResponse1);
    String refreshToken = tokenResponse1.getRefreshToken();
    String idToken = tokenResponse1.getIdToken();
    // 5. Validate id_token
    verifyIdToken(idToken);
    // 6. Request new access token using the refresh token.
    TokenResponse tokenResponse2 = processNewTokenWithRefreshToken(StringUtils.implode(scopes, " "), refreshToken, clientId, clientSecret);
    validateTokenSuccessfulResponse(tokenResponse2);
    String accessToken = tokenResponse2.getAccessToken();
    // 7. Request user info
    processUserInfo(accessToken);
}
Also used : WebDriver(org.openqa.selenium.WebDriver) DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) PageConfig(io.jans.as.client.page.PageConfig) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 4 with DeviceAuthzRequest

use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method attemptDifferentFailedValuesToTokenEndpoint.

/**
 * Attempts to get token with a wrong device_code, after that it attempts to get token twice,
 * second one should be rejected.
 */
@Parameters({ "userId", "userSecret" })
@Test
public void attemptDifferentFailedValuesToTokenEndpoint(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlow");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    processDeviceAuthzPutUserCodeAndPressContinue(response.getUserCode(), currentDriver, false, pageConfig);
    AuthorizationResponse authorizationResponse = processAuthorization(userId, userSecret, currentDriver);
    stopWebDriver(false, currentDriver);
    assertSuccessAuthzResponse(authorizationResponse);
    // 4. Token request with a wrong device code
    String wrongDeviceCode = "WRONG" + response.getDeviceCode();
    TokenResponse tokenResponse1 = processTokens(clientId, clientSecret, wrongDeviceCode);
    assertNotNull(tokenResponse1.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse1.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse1.getErrorType(), TokenErrorResponseType.EXPIRED_TOKEN, "Unexpected error");
    // 5. Token request with a right device code value
    tokenResponse1 = processTokens(clientId, clientSecret, response.getDeviceCode());
    validateTokenSuccessfulResponse(tokenResponse1);
    // 6. Try to get token again, however this should be rejected by the server
    tokenResponse1 = processTokens(clientId, clientSecret, response.getDeviceCode());
    assertNotNull(tokenResponse1.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse1.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse1.getErrorType(), TokenErrorResponseType.EXPIRED_TOKEN, "Unexpected error");
}
Also used : WebDriver(org.openqa.selenium.WebDriver) DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) PageConfig(io.jans.as.client.page.PageConfig) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 5 with DeviceAuthzRequest

use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method deviceAuthzFlowAccessDeniedWithCompleteVerificationUri.

/**
 * Device authorization with access denied and using complete verification uri.
 */
@Parameters({ "userId", "userSecret" })
@Test
public void deviceAuthzFlowAccessDeniedWithCompleteVerificationUri(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlowAccessDenied");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    AuthorizationResponse authorizationResponse = processDeviceAuthzDenyAccess(userId, userSecret, response.getUserCode(), currentDriver, true, pageConfig);
    validateErrorResponse(authorizationResponse, AuthorizeErrorResponseType.ACCESS_DENIED);
    // 4. Token request
    TokenResponse tokenResponse = processTokens(clientId, clientSecret, response.getDeviceCode());
    assertNotNull(tokenResponse.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse.getErrorType(), TokenErrorResponseType.ACCESS_DENIED, "Unexpected error");
}
Also used : WebDriver(org.openqa.selenium.WebDriver) DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) PageConfig(io.jans.as.client.page.PageConfig) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

BaseTest (io.jans.as.client.BaseTest)11 DeviceAuthzClient (io.jans.as.client.DeviceAuthzClient)11 DeviceAuthzRequest (io.jans.as.client.DeviceAuthzRequest)11 DeviceAuthzResponse (io.jans.as.client.DeviceAuthzResponse)11 RegisterResponse (io.jans.as.client.RegisterResponse)11 Test (org.testng.annotations.Test)11 TokenResponse (io.jans.as.client.TokenResponse)6 Parameters (org.testng.annotations.Parameters)6 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)5 PageConfig (io.jans.as.client.page.PageConfig)5 WebDriver (org.openqa.selenium.WebDriver)5