Examples with TokenClient io.jans.as.client.TokenClient used on opensource projects

Search in sources :

Example 1 with TokenClient

use of io.jans.as.client.TokenClient in project jans by JanssenProject.

the class BackchannelAuthenticationPollMode method requestBackchannelAuthentication.

public String requestBackchannelAuthentication(final String userId, final String clientId, final String clientSecret, final String backchannelUserCode) throws Exception {
    // Authentication Request
    String bindingMessage = RandomStringUtils.randomAlphanumeric(6);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Arrays.asList("openid", "profile", "email", "address", "phone"));
    backchannelAuthenticationRequest.setLoginHint(userId);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1200);
    backchannelAuthenticationRequest.setAcrValues(Arrays.asList("auth_ldap_server", "basic"));
    backchannelAuthenticationRequest.setBindingMessage(bindingMessage);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
    String authReqId = backchannelAuthenticationResponse.getAuthReqId();
    // Token Request Using CIBA Grant Type
    TokenResponse tokenResponse = null;
    int pollCount = 0;
    do {
        Thread.sleep(5000);
        TokenRequest tokenRequest = new TokenRequest(GrantType.CIBA);
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        tokenRequest.setAuthReqId(authReqId);
        TokenClient tokenClient = new TokenClient(tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        tokenResponse = tokenClient.exec();
        showClient(tokenClient);
        pollCount++;
    } while (tokenResponse.getStatus() == 400 && pollCount < 5);
    assertTokenResponseOk(tokenResponse, false);
    String accessToken = tokenResponse.getAccessToken();
    String idToken = tokenResponse.getIdToken();
    // Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertUserInfoBasicResponseOk(userInfoResponse, 200);
    assertUserInfoPersonalDataNotNull(userInfoResponse);
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.WEBSITE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.BIRTHDATE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL_VERIFIED));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.GENDER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PROFILE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PREFERRED_USERNAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.MIDDLE_NAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.UPDATED_AT));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.NICKNAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER));
    // Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertNotNull(jwt);
    assertJwtStandarClaimsNotNull(jwt, true);
    RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
    assertTrue(rsaSigner.validate(jwt));
    String sub = jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER);
    return sub;
}
Also used : Jwt(io.jans.as.model.jwt.Jwt) UserInfoClient(io.jans.as.client.UserInfoClient) TokenResponse(io.jans.as.client.TokenResponse) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) RSASigner(io.jans.as.model.jws.RSASigner) TokenRequest(io.jans.as.client.TokenRequest) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) UserInfoResponse(io.jans.as.client.UserInfoResponse) TokenClient(io.jans.as.client.TokenClient)

Example 2 with TokenClient

use of io.jans.as.client.TokenClient in project jans by JanssenProject.

the class BackchannelAuthenticationExpiredRequestsTests method backchannelTokenDeliveryModePollExpiredRequest.

/**
 * Test poll flow when a request expires, response from the server should be expired_token and 400 status.
 */
@Parameters({ "clientJwksUri", "backchannelUserCode", "userId" })
@Test
public void backchannelTokenDeliveryModePollExpiredRequest(final String clientJwksUri, final String backchannelUserCode, final String userId) throws InterruptedException {
    showTitle("backchannelTokenDeliveryModePollExpiredRequest");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.POLL);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.POLL, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Authentication Request
    String bindingMessage = RandomStringUtils.randomAlphanumeric(6);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Arrays.asList("openid", "profile", "email", "address", "phone"));
    backchannelAuthenticationRequest.setLoginHint(userId);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1);
    backchannelAuthenticationRequest.setAcrValues(Arrays.asList("auth_ldap_server", "basic"));
    backchannelAuthenticationRequest.setBindingMessage(bindingMessage);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
    // 3. Request token - expected expiration error
    TokenResponse tokenResponse;
    int pollCount = 0;
    do {
        Thread.sleep(3500);
        TokenRequest tokenRequest = new TokenRequest(GrantType.CIBA);
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        tokenRequest.setAuthReqId(backchannelAuthenticationResponse.getAuthReqId());
        TokenClient tokenClient = new TokenClient(tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        tokenResponse = tokenClient.exec();
        showClient(tokenClient);
        pollCount++;
    } while (pollCount < 5 && tokenResponse.getStatus() == 400 && tokenResponse.getErrorType() == TokenErrorResponseType.AUTHORIZATION_PENDING);
    assertTokenResponseFail(tokenResponse, 400, TokenErrorResponseType.EXPIRED_TOKEN);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) TokenRequest(io.jans.as.client.TokenRequest) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 3 with TokenClient

use of io.jans.as.client.TokenClient in project jans by JanssenProject.

the class UmaClient method request.

@SuppressWarnings("java:S1874")
public static Token request(final String tokenUrl, final String umaClientId, final String umaClientSecret, UmaScopeType scopeType, ClientHttpEngine engine, String... scopeArray) {
    StringBuilder scope = new StringBuilder(scopeType.getValue());
    if (scopeArray != null && scopeArray.length > 0) {
        for (String s : scopeArray) {
            scope.append(" ").append(s);
        }
    }
    TokenClient tokenClient = new TokenClient(tokenUrl);
    if (engine != null) {
        tokenClient.setExecutor(engine);
    }
    TokenResponse response = tokenClient.execClientCredentialsGrant(scope.toString(), umaClientId, umaClientSecret);
    if (response.getStatus() == 200) {
        final String patToken = response.getAccessToken();
        final Integer expiresIn = response.getExpiresIn();
        if (Util.allNotBlank(patToken)) {
            return new Token(null, null, patToken, scopeType.getValue(), expiresIn);
        }
    }
    return null;
}
Also used : TokenResponse(io.jans.as.client.TokenResponse) Token(io.jans.as.model.uma.wrapper.Token) TokenClient(io.jans.as.client.TokenClient)

Example 4 with TokenClient

use of io.jans.as.client.TokenClient in project jans by JanssenProject.

the class UmaClient method request.

public static Token request(final String tokenUrl, final TokenRequest tokenRequest) {
    if (tokenRequest.getGrantType() != GrantType.CLIENT_CREDENTIALS) {
        return null;
    }
    TokenClient tokenClient = new TokenClient(tokenUrl);
    tokenClient.setRequest(tokenRequest);
    TokenResponse response = tokenClient.exec();
    if (response.getStatus() == 200) {
        final String patToken = response.getAccessToken();
        final Integer expiresIn = response.getExpiresIn();
        if (Util.allNotBlank(patToken)) {
            return new Token(null, null, patToken, response.getScope(), expiresIn);
        }
    }
    return null;
}
Also used : TokenResponse(io.jans.as.client.TokenResponse) Token(io.jans.as.model.uma.wrapper.Token) TokenClient(io.jans.as.client.TokenClient)

Example 5 with TokenClient

use of io.jans.as.client.TokenClient in project jans by JanssenProject.

the class BackchannelAuthenticationExpiredRequestsTests method backchannelTokenDeliveryModePingExpiredRequest.

/**
 * Test ping flow when a request expires, response from the server should be expired_token and 400 status.
 */
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "userId" })
@Test
public void backchannelTokenDeliveryModePingExpiredRequest(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String userId) throws InterruptedException {
    showTitle("backchannelTokenDeliveryModePingExpiredRequest");
    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", null);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setGrantTypes(Collections.singletonList(GrantType.CIBA));
    registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
    registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
    registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
    registerRequest.setBackchannelUserCodeParameter(true);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    assertRegisterResponseClaimsBackChannel(registerResponse, AsymmetricSignatureAlgorithm.RS256, BackchannelTokenDeliveryMode.PING, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Authentication Request
    String bindingMessage = RandomStringUtils.randomAlphanumeric(6);
    String clientNotificationToken = UUID.randomUUID().toString();
    BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
    backchannelAuthenticationRequest.setScope(Arrays.asList("openid", "profile", "email", "address", "phone"));
    backchannelAuthenticationRequest.setLoginHint(userId);
    backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
    backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
    backchannelAuthenticationRequest.setRequestedExpiry(1);
    backchannelAuthenticationRequest.setAcrValues(Arrays.asList("auth_ldap_server", "basic"));
    backchannelAuthenticationRequest.setBindingMessage(bindingMessage);
    backchannelAuthenticationRequest.setAuthUsername(clientId);
    backchannelAuthenticationRequest.setAuthPassword(clientSecret);
    BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
    backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
    BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
    showClient(backchannelAuthenticationClient);
    assertBackchannelAuthentication(backchannelAuthenticationResponse, true);
    // 3. Request token - expected expiration error
    TokenResponse tokenResponse;
    int pollCount = 0;
    do {
        Thread.sleep(3500);
        TokenRequest tokenRequest = new TokenRequest(GrantType.CIBA);
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        tokenRequest.setAuthReqId(backchannelAuthenticationResponse.getAuthReqId());
        TokenClient tokenClient = new TokenClient(tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        tokenResponse = tokenClient.exec();
        showClient(tokenClient);
        pollCount++;
    } while (pollCount < 5 && tokenResponse.getStatus() == 400 && tokenResponse.getErrorType() == TokenErrorResponseType.AUTHORIZATION_PENDING);
    assertTokenResponseFail(tokenResponse, 400, TokenErrorResponseType.EXPIRED_TOKEN);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) BackchannelAuthenticationResponse(io.jans.as.client.BackchannelAuthenticationResponse) RegisterClient(io.jans.as.client.RegisterClient) BackchannelAuthenticationClient(io.jans.as.client.BackchannelAuthenticationClient) TokenRequest(io.jans.as.client.TokenRequest) BackchannelAuthenticationRequest(io.jans.as.client.BackchannelAuthenticationRequest) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

TokenClient (io.jans.as.client.TokenClient)263 TokenResponse (io.jans.as.client.TokenResponse)263 Parameters (org.testng.annotations.Parameters)245 TokenRequest (io.jans.as.client.TokenRequest)240 RegisterResponse (io.jans.as.client.RegisterResponse)239 Test (org.testng.annotations.Test)239 BaseTest (io.jans.as.client.BaseTest)238 RegisterClient (io.jans.as.client.RegisterClient)223 RegisterRequest (io.jans.as.client.RegisterRequest)223 ResponseType (io.jans.as.model.common.ResponseType)176 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)173 AuthorizationRequest (io.jans.as.client.AuthorizationRequest)159 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)151 GrantType (io.jans.as.model.common.GrantType)53 UserInfoResponse (io.jans.as.client.UserInfoResponse)37 UserInfoClient (io.jans.as.client.UserInfoClient)36 Jwt (io.jans.as.model.jwt.Jwt)30 RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)24 RSASigner (io.jans.as.model.jws.RSASigner)24 ClientInfoClient (io.jans.as.client.ClientInfoClient)16
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial