Search in sources :

Example 66 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class ClientCredentialsGrantHttpTest method privateKeyJwtAuthenticationMethodES512Fail.

@Parameters({ "redirectUris", "clientJwksUri", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void privateKeyJwtAuthenticationMethodES512Fail(final String redirectUris, final String clientJwksUri, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("privateKeyJwtAuthenticationMethodES512Fail");
    List<String> scopes = Arrays.asList("clientinfo");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setScope(scopes);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    // 2. Request Client Credentials Grant
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
    tokenRequest.setScope("clientinfo");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setKeyId("ES512SIG_INVALID_KEYID");
    tokenRequest.setAudience(tokenEndpoint);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
    assertNotNull(tokenResponse.getErrorType());
    assertEquals(tokenResponse.getErrorType(), TokenErrorResponseType.INVALID_CLIENT);
    assertNotNull(tokenResponse.getErrorDescription());
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 67 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class ClientCredentialsGrantHttpTest method clientSecretJwtAuthenticationMethodHS256.

@Parameters({ "redirectUris", "sectorIdentifierUri" })
@Test
public void clientSecretJwtAuthenticationMethodHS256(final String redirectUris, final String sectorIdentifierUri) throws Exception {
    showTitle("clientSecretJwtAuthenticationMethodHS256");
    List<String> scopes = Arrays.asList("clientinfo");
    List<GrantType> grantTypes = Arrays.asList(GrantType.CLIENT_CREDENTIALS);
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setScope(scopes);
    registerRequest.setGrantTypes(grantTypes);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request Client Credentials Grant
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider();
    TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
    tokenRequest.setScope("clientinfo");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.HS256);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setAudience(tokenEndpoint);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, false, false);
    assertNotNull(tokenResponse.getScope());
    assertNull(tokenResponse.getRefreshToken());
    String accessToken = tokenResponse.getAccessToken();
    // 3. Request client info
    ClientInfoClient clientInfoClient = new ClientInfoClient(clientInfoEndpoint);
    ClientInfoResponse clientInfoResponse = clientInfoClient.execClientInfo(accessToken);
    showClient(clientInfoClient);
    assertEquals(clientInfoResponse.getStatus(), 200, "Unexpected response code: " + clientInfoResponse.getStatus());
    assertNotNull(clientInfoResponse.getClaim("name"), "Unexpected result: displayName not found");
    assertNotNull(clientInfoResponse.getClaim("inum"), "Unexpected result: inum not found");
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) GrantType(io.jans.as.model.common.GrantType) ClientInfoResponse(io.jans.as.client.ClientInfoResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) ClientInfoClient(io.jans.as.client.ClientInfoClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 68 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class ClientCredentialsGrantHttpTest method clientSecretPostAuthenticationMethodFail2.

@Parameters({ "redirectUris", "sectorIdentifierUri" })
@Test
public void clientSecretPostAuthenticationMethodFail2(final String redirectUris, final String sectorIdentifierUri) throws Exception {
    showTitle("clientSecretPostAuthenticationMethodFail2");
    List<String> scopes = Arrays.asList("clientinfo");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setScope(scopes);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    // 2. Request Client Credentials Grant
    TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
    tokenRequest.setScope("clientinfo");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(null);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
    assertNotNull(tokenResponse.getErrorType());
    assertEquals(tokenResponse.getErrorType(), TokenErrorResponseType.INVALID_CLIENT);
    assertNotNull(tokenResponse.getErrorDescription());
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 69 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class ClientCredentialsGrantHttpTest method clientSecretPostAuthenticationMethodFail1.

@Parameters({ "redirectUris", "sectorIdentifierUri" })
@Test
public void clientSecretPostAuthenticationMethodFail1(final String redirectUris, final String sectorIdentifierUri) throws Exception {
    showTitle("clientSecretPostAuthenticationMethodFail1");
    List<String> scopes = Arrays.asList("clientinfo");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setScope(scopes);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    // 2. Request Client Credentials Grant
    TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
    tokenRequest.setScope("clientinfo");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword("INVALID_CLIENT_SECRET");
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
    assertNotNull(tokenResponse.getErrorType());
    assertEquals(tokenResponse.getErrorType(), TokenErrorResponseType.INVALID_CLIENT);
    assertNotNull(tokenResponse.getErrorDescription());
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 70 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class ClientCredentialsGrantHttpTest method privateKeyJwtAuthenticationMethodRS256.

@Parameters({ "redirectUris", "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void privateKeyJwtAuthenticationMethodRS256(final String redirectUris, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("privateKeyJwtAuthenticationMethodRS256");
    List<String> scopes = Arrays.asList("clientinfo");
    List<GrantType> grantTypes = Arrays.asList(GrantType.CLIENT_CREDENTIALS);
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setScope(scopes);
    registerRequest.setGrantTypes(grantTypes);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    // 2. Request Client Credentials Grant
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
    tokenRequest.setScope("clientinfo");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setKeyId(keyId);
    tokenRequest.setAudience(tokenEndpoint);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, false, false);
    assertNotNull(tokenResponse.getScope());
    assertNull(tokenResponse.getRefreshToken());
    String accessToken = tokenResponse.getAccessToken();
    // 3. Request client info
    ClientInfoClient clientInfoClient = new ClientInfoClient(clientInfoEndpoint);
    ClientInfoResponse clientInfoResponse = clientInfoClient.execClientInfo(accessToken);
    showClient(clientInfoClient);
    assertEquals(clientInfoResponse.getStatus(), 200, "Unexpected response code: " + clientInfoResponse.getStatus());
    assertNotNull(clientInfoResponse.getClaim("name"), "Unexpected result: displayName not found");
    assertNotNull(clientInfoResponse.getClaim("inum"), "Unexpected result: inum not found");
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) GrantType(io.jans.as.model.common.GrantType) ClientInfoResponse(io.jans.as.client.ClientInfoResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) ClientInfoClient(io.jans.as.client.ClientInfoClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

TokenRequest (io.jans.as.client.TokenRequest)287 Parameters (org.testng.annotations.Parameters)266 Test (org.testng.annotations.Test)265 TokenResponse (io.jans.as.client.TokenResponse)241 TokenClient (io.jans.as.client.TokenClient)240 RegisterResponse (io.jans.as.client.RegisterResponse)230 BaseTest (io.jans.as.client.BaseTest)227 RegisterClient (io.jans.as.client.RegisterClient)212 RegisterRequest (io.jans.as.client.RegisterRequest)212 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)170 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)168 ResponseType (io.jans.as.model.common.ResponseType)165 AuthorizationRequest (io.jans.as.client.AuthorizationRequest)154 GrantType (io.jans.as.model.common.GrantType)46 JSONObject (org.json.JSONObject)42 Builder (javax.ws.rs.client.Invocation.Builder)41 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)41 Response (javax.ws.rs.core.Response)41 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)40 JSONException (org.json.JSONException)40