Search in sources :

Example 71 with RegisterRequest

use of io.jans.as.client.RegisterRequest in project jans by JanssenProject.

the class SectorIdentifierUrlVerificationHttpTest method requestAuthorizationCodeWithPublicSectorIdentifierType.

public String requestAuthorizationCodeWithPublicSectorIdentifierType(final String redirectUris, final String redirectUri, final String userId, final String userSecret) throws Exception {
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    // 1. Register client with Sector Identifier URL
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.addCustomAttribute("jansTrustedClnt", "true");
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSubjectType(SubjectType.PUBLIC);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization and receive the authorization code.
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String state = UUID.randomUUID().toString();
    String nonce = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);
    authorizationRequest.getPrompts().add(Prompt.NONE);
    AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(authorizationRequest);
    AuthorizationResponse authorizationResponse = authorizeClient.exec();
    showClient(authorizeClient);
    assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
    assertAuthorizationResponse(authorizationResponse, true);
    assertEquals(authorizationResponse.getState(), state);
    String authorizationCode = authorizationResponse.getCode();
    String idToken = authorizationResponse.getIdToken();
    // 3. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertJwtStandarClaimsNotNull(jwt, false);
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
    RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
    assertTrue(rsaSigner.validate(jwt));
    String sub = jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER);
    // 4. Request access token using the authorization code.
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, true);
    String accessToken = tokenResponse.getAccessToken();
    // 5. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertUserInfoBasicMinimumResponseOk(userInfoResponse, 200);
    assertUserInfoPersonalDataNotNull(userInfoResponse);
    return sub;
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) Jwt(io.jans.as.model.jwt.Jwt) UserInfoClient(io.jans.as.client.UserInfoClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) RSASigner(io.jans.as.model.jws.RSASigner) TokenRequest(io.jans.as.client.TokenRequest) UserInfoResponse(io.jans.as.client.UserInfoResponse) AuthorizeClient(io.jans.as.client.AuthorizeClient) TokenClient(io.jans.as.client.TokenClient)

Example 72 with RegisterRequest

use of io.jans.as.client.RegisterRequest in project jans by JanssenProject.

the class SectorIdentifierUrlVerificationHttpTest method requestClientRegistration.

public RegisterResponse requestClientRegistration(final String redirectUris, final String sectorIdentifierUri) {
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    // Register client with Sector Identifier URL
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.addCustomAttribute("jansTrustedClnt", "true");
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSubjectType(SubjectType.PAIRWISE);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    return registerResponse;
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) RegisterClient(io.jans.as.client.RegisterClient) ResponseType(io.jans.as.model.common.ResponseType)

Example 73 with RegisterRequest

use of io.jans.as.client.RegisterRequest in project jans by JanssenProject.

the class SectorIdentifierUrlVerificationHttpTest method sectorIdentifierUrlVerificationFail1.

@Parameters({ "redirectUris" })
@Test
public void sectorIdentifierUrlVerificationFail1(final String redirectUris) throws Exception {
    showTitle("sectorIdentifierUrlVerificationFail1");
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.addCustomAttribute("jansTrustedClnt", "true");
    registerRequest.setSectorIdentifierUri("https://INVALID_SECTOR_IDENTIFIER_URL");
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse response = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseFail(response);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) RegisterClient(io.jans.as.client.RegisterClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 74 with RegisterRequest

use of io.jans.as.client.RegisterRequest in project jans by JanssenProject.

the class OpenIDRequestObjectHttpTest method requestParameterMethod3.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestParameterMethod3(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("requestParameterMethod3");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider();
    List<String> scopes = Arrays.asList("openid");
    String state = "STATE0";
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
    jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
    jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
    String authJwt = jwtAuthorizationRequest.getEncodedJwt();
    authorizationRequest.setRequest(authJwt);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertNotNull(authorizationResponse.getLocation(), "The location is null");
    assertNotNull(authorizationResponse.getCode(), "The code is null");
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest) RegisterClient(io.jans.as.client.RegisterClient) JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Claim(io.jans.as.client.model.authorize.Claim) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 75 with RegisterRequest

use of io.jans.as.client.RegisterRequest in project jans by JanssenProject.

the class OpenIDRequestObjectHttpTest method requestParameterMethodPS512.

@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "clientJwksUri", "PS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void requestParameterMethodPS512(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("requestParameterMethodPS512");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.PS512);
    registerRequest.addCustomAttribute("jansTrustedClnt", "true");
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse response = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(response, 201, true);
    String clientId = response.getClientId();
    // 2. Request authorization
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String state = UUID.randomUUID().toString();
    AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    request.setState(state);
    request.setAuthUsername(userId);
    request.setAuthPassword(userSecret);
    request.getPrompts().add(Prompt.NONE);
    JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.PS512, cryptoProvider);
    jwtAuthorizationRequest.setKeyId(keyId);
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
    jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
    jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[] { ACR_VALUE })));
    jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
    String authJwt = jwtAuthorizationRequest.getEncodedJwt();
    request.setRequest(authJwt);
    AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(request);
    AuthorizationResponse response1 = authorizeClient.exec();
    showClient(authorizeClient);
    assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
    assertNotNull(response1.getLocation(), "The location is null");
    assertNotNull(response1.getAccessToken(), "The accessToken is null");
    assertNotNull(response1.getTokenType(), "The tokenType is null");
    assertNotNull(response1.getIdToken(), "The idToken is null");
    assertNotNull(response1.getState(), "The state is null");
    String accessToken = response1.getAccessToken();
    // 3. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertUserInfoBasicMinimumResponseOk(response3, 200);
    assertUserInfoPersonalDataNotNull(response3);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest) UserInfoClient(io.jans.as.client.UserInfoClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) RegisterClient(io.jans.as.client.RegisterClient) JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest) UserInfoResponse(io.jans.as.client.UserInfoResponse) AuthorizeClient(io.jans.as.client.AuthorizeClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Claim(io.jans.as.client.model.authorize.Claim) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

RegisterRequest (io.jans.as.client.RegisterRequest)850 Test (org.testng.annotations.Test)816 Parameters (org.testng.annotations.Parameters)802 RegisterResponse (io.jans.as.client.RegisterResponse)755 RegisterClient (io.jans.as.client.RegisterClient)750 BaseTest (io.jans.as.client.BaseTest)724 ResponseType (io.jans.as.model.common.ResponseType)539 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)498 AuthorizationRequest (io.jans.as.client.AuthorizationRequest)481 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)315 TokenClient (io.jans.as.client.TokenClient)223 TokenResponse (io.jans.as.client.TokenResponse)223 TokenRequest (io.jans.as.client.TokenRequest)212 AuthorizeClient (io.jans.as.client.AuthorizeClient)197 UserInfoResponse (io.jans.as.client.UserInfoResponse)163 UserInfoClient (io.jans.as.client.UserInfoClient)162 JwtAuthorizationRequest (io.jans.as.client.model.authorize.JwtAuthorizationRequest)162 Jwt (io.jans.as.model.jwt.Jwt)156 BackchannelAuthenticationClient (io.jans.as.client.BackchannelAuthenticationClient)105 BackchannelAuthenticationRequest (io.jans.as.client.BackchannelAuthenticationRequest)105