use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.
the class DeviceAuthzRequestRegistrationTest method deviceAuthzHappyFlowPublicClient.
/**
* Verifies normal flow with different scopes, AS should generate user_code, device_code and other data.
* It uses normal none authentication method, therefore no client authentication is required.
*/
@Test
public void deviceAuthzHappyFlowPublicClient() {
showTitle("deviceAuthzHappyFlowPublicClient");
// Register client
RegisterResponse registerResponse = registerClientForDeviceAuthz(AuthenticationMethod.NONE, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
String clientId = registerResponse.getClientId();
// 1. OpenId, profile, address and email scopes
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
DeviceAuthzRequest authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthenticationMethod(AuthenticationMethod.NONE);
DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
DeviceAuthzResponse response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateSuccessfulResponse(response);
// 2. Only openid scope
scopes = Collections.singletonList("openid");
authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthUsername(clientId);
authorizationRequest.setAuthPassword(registerResponse.getClientSecret());
deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateSuccessfulResponse(response);
}
use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.
the class DeviceAuthzRequestRegistrationTest method deviceAuthzGrantTypeDoesntSupported.
/**
* Tests that the device authz request is rejected, since client doesnt support that grant type.
*/
@Parameters({ "redirectUris", "sectorIdentifierUri" })
@Test
public void deviceAuthzGrantTypeDoesntSupported(final String redirectUris, final String sectorIdentifierUri) {
showTitle("deviceAuthzGrantTypeDoesntSupported");
// Register client
RegisterResponse registerResponse = registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.AUTHORIZATION_CODE), redirectUris, sectorIdentifierUri, registrationEndpoint);
String clientId = registerResponse.getClientId();
// Device authz request registration
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
DeviceAuthzRequest authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthUsername(clientId);
authorizationRequest.setAuthPassword(registerResponse.getClientSecret());
DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
DeviceAuthzResponse response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateErrorResponse(response, 400, DeviceAuthzErrorResponseType.INVALID_GRANT);
}
use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.
the class DeviceAuthzRequestRegistrationTest method deviceAuthzHappyFlow.
/**
* Verifies normal flow with different scopes, AS should generate user_code, device_code and other data.
* It uses normal client_secret_basic authentication method.
*/
@Test
public void deviceAuthzHappyFlow() {
showTitle("deviceAuthzHappyFlow");
// Register client
RegisterResponse registerResponse = registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
String clientId = registerResponse.getClientId();
// 1. OpenId, profile, address and email scopes
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
DeviceAuthzRequest authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthUsername(clientId);
authorizationRequest.setAuthPassword(registerResponse.getClientSecret());
DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
DeviceAuthzResponse response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateSuccessfulResponse(response);
// 2. Only openid scope
scopes = Collections.singletonList("openid");
authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthUsername(clientId);
authorizationRequest.setAuthPassword(registerResponse.getClientSecret());
deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateSuccessfulResponse(response);
}
use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.
the class DeviceAuthzRequestRegistrationTest method deviceAuthzPublicClientAndAuthSent.
/**
* Client that doesnt require authn accept device authz requests even client sends authn data.
*/
@Test
public void deviceAuthzPublicClientAndAuthSent() {
showTitle("deviceAuthzPublicClientAndAuthSent");
// Register client
RegisterResponse registerResponse = registerClientForDeviceAuthz(AuthenticationMethod.NONE, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
String clientId = registerResponse.getClientId();
// Device authz request
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
DeviceAuthzRequest authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthUsername(clientId);
authorizationRequest.setAuthPassword(registerResponse.getClientSecret());
DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
DeviceAuthzResponse response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateSuccessfulResponse(response);
}
use of io.jans.as.client.DeviceAuthzRequest in project jans by JanssenProject.
the class DeviceAuthzRequestRegistrationTest method deviceAuthzNoPublicClientHoweverIncorrectAuthSent.
/**
* AS should authenticate client requests, however these tests are trying to pass device authz requests with
* wrong client authn data.
*/
@Test
public void deviceAuthzNoPublicClientHoweverIncorrectAuthSent() {
showTitle("deviceAuthzNoPublicClientHoweverIncorrectAuthSent");
// Register client
RegisterResponse registerResponse = registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
String clientId = registerResponse.getClientId();
// 1. No authentication data sent
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
DeviceAuthzRequest authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthenticationMethod(AuthenticationMethod.NONE);
DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
DeviceAuthzResponse response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateErrorResponse(response, 401, DeviceAuthzErrorResponseType.INVALID_CLIENT);
// 2. Invalid authentication
scopes = Arrays.asList("openid", "profile", "address", "email");
authorizationRequest = new DeviceAuthzRequest(clientId, scopes);
authorizationRequest.setAuthUsername(clientId);
authorizationRequest.setAuthPassword("invalid-client-id-" + System.currentTimeMillis());
deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
deviceAuthzClient.setRequest(authorizationRequest);
response = deviceAuthzClient.exec();
showClient(deviceAuthzClient);
validateErrorResponse(response, 401, DeviceAuthzErrorResponseType.INVALID_CLIENT);
}
Aggregations