Search in sources :

Example 31 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class TokenEndpointAuthMethodRestrictionHttpTest method tokenEndpointAuthMethodPrivateKeyJwtSigningAlgPS384Fail3.

@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "clientJwksUri", "ES256_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void tokenEndpointAuthMethodPrivateKeyJwtSigningAlgPS384Fail3(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgPS384Fail3");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.PS384);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String registrationAccessToken = registerResponse.getRegistrationAccessToken();
    String registrationClientUri = registerResponse.getRegistrationClientUri();
    // 2. Client read
    RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
    RegisterClient readClient = new RegisterClient(registrationClientUri);
    readClient.setRequest(readClientRequest);
    RegisterResponse readClientResponse = readClient.exec();
    showClient(readClient);
    assertRegisterResponseOk(readClientResponse, 200, false);
    assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
    assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()), AuthenticationMethod.PRIVATE_KEY_JWT.toString());
    assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
    assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()), SignatureAlgorithm.PS384.toString());
    assertRegisterResponseClaimsNotNull(readClientResponse, RESPONSE_TYPES, REDIRECT_URIS.APPLICATION_TYPE, CLIENT_NAME, ID_TOKEN_SIGNED_RESPONSE_ALG, SCOPE);
    // 3. Request authorization
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String state = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, true);
    assertNull(authorizationResponse.getIdToken(), "The id token is not null");
    String authorizationCode = authorizationResponse.getCode();
    // 4. Get Access Token
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setKeyId(keyId);
    tokenRequest.setAudience(tokenEndpoint);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
    assertNotNull(tokenResponse.getErrorType(), "The error type is null");
    assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 32 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class TokenEndpointAuthMethodRestrictionHttpTest method tokenEndpointAuthMethodPrivateKeyJwtSigningAlgPS512Fail4.

@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "clientJwksUri", "ES384_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void tokenEndpointAuthMethodPrivateKeyJwtSigningAlgPS512Fail4(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgPS512Fail4");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.PS512);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String registrationAccessToken = registerResponse.getRegistrationAccessToken();
    String registrationClientUri = registerResponse.getRegistrationClientUri();
    // 2. Client read
    RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
    RegisterClient readClient = new RegisterClient(registrationClientUri);
    readClient.setRequest(readClientRequest);
    RegisterResponse readClientResponse = readClient.exec();
    showClient(readClient);
    assertRegisterResponseOk(readClientResponse, 200, false);
    assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
    assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()), AuthenticationMethod.PRIVATE_KEY_JWT.toString());
    assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
    assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()), SignatureAlgorithm.PS512.toString());
    assertRegisterResponseClaimsNotNull(readClientResponse, RESPONSE_TYPES, REDIRECT_URIS.APPLICATION_TYPE, CLIENT_NAME, ID_TOKEN_SIGNED_RESPONSE_ALG, SCOPE);
    // 3. Request authorization
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String state = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, true);
    assertNull(authorizationResponse.getIdToken(), "The id token is not null");
    String authorizationCode = authorizationResponse.getCode();
    // 4. Get Access Token
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setKeyId(keyId);
    tokenRequest.setAudience(tokenEndpoint);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
    assertNotNull(tokenResponse.getErrorType(), "The error type is null");
    assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 33 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class TokenEndpointAuthMethodRestrictionHttpTest method tokenEndpointAuthMethodPrivateKeyJwtES384.

@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "clientJwksUri", "ES384_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void tokenEndpointAuthMethodPrivateKeyJwtES384(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("tokenEndpointAuthMethodPrivateKeyJwtES384");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String registrationAccessToken = registerResponse.getRegistrationAccessToken();
    String registrationClientUri = registerResponse.getRegistrationClientUri();
    // 2. Client read
    RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
    RegisterClient readClient = new RegisterClient(registrationClientUri);
    readClient.setRequest(readClientRequest);
    RegisterResponse readClientResponse = readClient.exec();
    showClient(readClient);
    assertRegisterResponseOk(readClientResponse, 200, false);
    assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
    assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()), AuthenticationMethod.PRIVATE_KEY_JWT.toString());
    assertRegisterResponseClaimsNotNull(readClientResponse, RESPONSE_TYPES, REDIRECT_URIS.APPLICATION_TYPE, CLIENT_NAME, ID_TOKEN_SIGNED_RESPONSE_ALG, SCOPE);
    // 3. Request authorization
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String state = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, true);
    assertNull(authorizationResponse.getIdToken(), "The id token is not null");
    String authorizationCode = authorizationResponse.getCode();
    // 4. Get Access Token
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setKeyId(keyId);
    tokenRequest.setAudience(tokenEndpoint);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, true);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 34 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class TokenEndpointAuthMethodRestrictionHttpTest method tokenEndpointAuthMethodPrivateKeyJwtPS512.

@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "clientJwksUri", "PS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void tokenEndpointAuthMethodPrivateKeyJwtPS512(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("tokenEndpointAuthMethodPrivateKeyJwtPS512");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String registrationAccessToken = registerResponse.getRegistrationAccessToken();
    String registrationClientUri = registerResponse.getRegistrationClientUri();
    // 2. Client read
    RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
    RegisterClient readClient = new RegisterClient(registrationClientUri);
    readClient.setRequest(readClientRequest);
    RegisterResponse readClientResponse = readClient.exec();
    showClient(readClient);
    assertRegisterResponseOk(readClientResponse, 200, false);
    assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
    assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()), AuthenticationMethod.PRIVATE_KEY_JWT.toString());
    assertRegisterResponseClaimsNotNull(readClientResponse, RESPONSE_TYPES, REDIRECT_URIS.APPLICATION_TYPE, CLIENT_NAME, ID_TOKEN_SIGNED_RESPONSE_ALG, SCOPE);
    // 3. Request authorization
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String state = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, true);
    assertNull(authorizationResponse.getIdToken(), "The id token is not null");
    String authorizationCode = authorizationResponse.getCode();
    // 4. Get Access Token
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.PS512);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setKeyId(keyId);
    tokenRequest.setAudience(tokenEndpoint);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, true);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 35 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class TokenEndpointAuthMethodRestrictionHttpTest method tokenEndpointAuthMethodClientSecretBasicFail1.

/**
 * Fail 1: Call to Token Endpoint with Auth Method <code>client_secret_post</code> should fail.
 */
@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "sectorIdentifierUri" })
@Test
public void tokenEndpointAuthMethodClientSecretBasicFail1(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("tokenEndpointAuthMethodClientSecretBasicFail1");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    String registrationAccessToken = registerResponse.getRegistrationAccessToken();
    String registrationClientUri = registerResponse.getRegistrationClientUri();
    // 2. Client read
    RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
    RegisterClient readClient = new RegisterClient(registrationClientUri);
    readClient.setRequest(readClientRequest);
    RegisterResponse readClientResponse = readClient.exec();
    showClient(readClient);
    assertRegisterResponseOk(readClientResponse, 200, false);
    assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
    assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()), AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
    assertRegisterResponseClaimsNotNull(readClientResponse, RESPONSE_TYPES, REDIRECT_URIS.APPLICATION_TYPE, CLIENT_NAME, ID_TOKEN_SIGNED_RESPONSE_ALG, SCOPE);
    // 3. Request authorization
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String state = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, true);
    assertNull(authorizationResponse.getIdToken(), "The id token is not null");
    String authorizationCode = authorizationResponse.getCode();
    // 4. Get Access Token
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
    assertNotNull(tokenResponse.getErrorType(), "The error type is null");
    assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

TokenRequest (io.jans.as.client.TokenRequest)287 Parameters (org.testng.annotations.Parameters)266 Test (org.testng.annotations.Test)265 TokenResponse (io.jans.as.client.TokenResponse)241 TokenClient (io.jans.as.client.TokenClient)240 RegisterResponse (io.jans.as.client.RegisterResponse)230 BaseTest (io.jans.as.client.BaseTest)227 RegisterClient (io.jans.as.client.RegisterClient)212 RegisterRequest (io.jans.as.client.RegisterRequest)212 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)170 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)168 ResponseType (io.jans.as.model.common.ResponseType)165 AuthorizationRequest (io.jans.as.client.AuthorizationRequest)154 GrantType (io.jans.as.model.common.GrantType)46 JSONObject (org.json.JSONObject)42 Builder (javax.ws.rs.client.Invocation.Builder)41 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)41 Response (javax.ws.rs.core.Response)41 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)40 JSONException (org.json.JSONException)40