Examples with TokenRequest io.jans.as.client.TokenRequest used on opensource projects

Search in sources :

Example 41 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class AuthorizationCodeFlowHttpTest method authorizationCodeDynamicScopeFlow.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void authorizationCodeDynamicScopeFlow(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("authorizationCodeDynamicScopeFlow");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "user_name", "org_name", "work_phone");
    // 1. Register client
    RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization and receive the authorization code.
    String nonce = UUID.randomUUID().toString();
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
    String idToken = authorizationResponse.getIdToken();
    String authorizationCode = authorizationResponse.getCode();
    // 3. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertJwtStandarClaimsNotNull(jwt, false);
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.OX_OPENID_CONNECT_VERSION));
    // 4. Request access token
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, true, false);
    String accessToken = tokenResponse.getAccessToken();
    // 5. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
    assertNotNull(userInfoResponse.getClaim("user_name"));
    assertNotNull(userInfoResponse.getClaim("org_name"));
    assertNotNull(userInfoResponse.getClaim("work_phone"));
}
Also used : RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) Jwt(io.jans.as.model.jwt.Jwt) TokenRequest(io.jans.as.client.TokenRequest) UserInfoResponse(io.jans.as.client.UserInfoResponse) TokenClient(io.jans.as.client.TokenClient) UserInfoClient(io.jans.as.client.UserInfoClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 42 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class AuthorizationCodeFlowHttpTest method authorizationCodeFlowNegativeTest.

/**
 * Test for the complete Authorization Code Flow.
 * Register just the openid scope.
 * Request authorization with scopes openid, profile, address, email, phone, user_name.
 * Expected result is just prompt the user to authorize openid scope.
 */
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void authorizationCodeFlowNegativeTest(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("authorizationCodeFlowNegativeTest");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> registerScopes = Arrays.asList("openid");
    // 1. Register client
    RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, registerScopes, sectorIdentifierUri);
    assertTrue(registerResponse.getClaims().containsKey(SCOPE.toString()));
    assertNotNull(registerResponse.getClaims().get(SCOPE.toString()));
    assertEquals(registerResponse.getClaims().get(SCOPE.toString()), "openid");
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization and receive the authorization code.
    String nonce = UUID.randomUUID().toString();
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
    assertEquals(authorizationResponse.getScope(), "openid");
    String scope = authorizationResponse.getScope();
    String authorizationCode = authorizationResponse.getCode();
    String idToken = authorizationResponse.getIdToken();
    // 3. Request access token using the authorization code.
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
    tokenClient1.setRequest(tokenRequest);
    TokenResponse tokenResponse1 = tokenClient1.exec();
    showClient(tokenClient1);
    assertTokenResponseOk(tokenResponse1, true, false);
    String refreshToken = tokenResponse1.getRefreshToken();
    // 4. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertJwtStandarClaimsNotNull(jwt, false);
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.OX_OPENID_CONNECT_VERSION));
    RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
    assertTrue(rsaSigner.validate(jwt));
    // 5. Request new access token using the refresh token.
    TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
    TokenResponse tokenResponse2 = tokenClient2.execRefreshToken(scope, refreshToken, clientId, clientSecret);
    showClient(tokenClient2);
    assertTokenResponseOk(tokenResponse2, true, false);
    assertNotNull(tokenResponse2.getScope(), "The scope is null");
    assertEquals(tokenResponse2.getScope(), "openid");
    String accessToken = tokenResponse2.getAccessToken();
    // 6. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertUserInfoBasicMinimumResponseOk(userInfoResponse, 200);
    assertNull(userInfoResponse.getClaim(JwtClaimName.NAME));
    assertNull(userInfoResponse.getClaim(JwtClaimName.BIRTHDATE));
    assertNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME));
    assertNull(userInfoResponse.getClaim(JwtClaimName.GENDER));
    assertNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME));
    assertNull(userInfoResponse.getClaim(JwtClaimName.MIDDLE_NAME));
    assertNull(userInfoResponse.getClaim(JwtClaimName.NICKNAME));
    assertNull(userInfoResponse.getClaim(JwtClaimName.PICTURE));
    assertNull(userInfoResponse.getClaim(JwtClaimName.PREFERRED_USERNAME));
    assertNull(userInfoResponse.getClaim(JwtClaimName.PROFILE));
    assertNull(userInfoResponse.getClaim(JwtClaimName.WEBSITE));
    assertNull(userInfoResponse.getClaim(JwtClaimName.EMAIL));
    assertNull(userInfoResponse.getClaim(JwtClaimName.EMAIL_VERIFIED));
    assertNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER));
    assertNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
    assertNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
    assertNull(userInfoResponse.getClaim(JwtClaimName.LOCALE));
    assertNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO));
    assertNull(userInfoResponse.getClaim(JwtClaimName.USER_NAME));
    assertNull(userInfoResponse.getClaim("org_name"));
    assertNull(userInfoResponse.getClaim("work_phone"));
}
Also used : Jwt(io.jans.as.model.jwt.Jwt) UserInfoClient(io.jans.as.client.UserInfoClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) RSASigner(io.jans.as.model.jws.RSASigner) TokenRequest(io.jans.as.client.TokenRequest) UserInfoResponse(io.jans.as.client.UserInfoResponse) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 43 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class AuthorizationCodeFlowHttpTest method authorizationCodeWithNotAllowedScopeFlow.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void authorizationCodeWithNotAllowedScopeFlow(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("authorizationCodeWithNotAllowedScopeFlow");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "user_name");
    // 1. Register client
    RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization and receive the authorization code.
    List<String> authorizationScopes = Arrays.asList("openid", "profile", "address", "email", "user_name", "mobile_phone");
    String nonce = UUID.randomUUID().toString();
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, authorizationScopes, clientId, nonce);
    String idToken = authorizationResponse.getIdToken();
    String authorizationCode = authorizationResponse.getCode();
    // 3. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertIdToken(jwt, JwtClaimName.CODE_HASH);
    // 4. Request access token
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, true, false);
    String accessToken = tokenResponse.getAccessToken();
    // 5. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
    assertNotNull(userInfoResponse.getClaim("user_name"));
    assertNull(userInfoResponse.getClaim("phone_mobile_number"));
}
Also used : RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) Jwt(io.jans.as.model.jwt.Jwt) TokenRequest(io.jans.as.client.TokenRequest) UserInfoResponse(io.jans.as.client.UserInfoResponse) TokenClient(io.jans.as.client.TokenClient) UserInfoClient(io.jans.as.client.UserInfoClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 44 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class AuthorizationCodeFlowHttpTest method retainClaimAuthorizationCodeFlow.

@Parameters({ "userId", "userSecret", "redirectUri" })
@Test(enabled = false)
public // retain claims script has to be enabled and client pre-configured (not avaiable in test suite)
void retainClaimAuthorizationCodeFlow(final String userId, final String userSecret, final String redirectUri) throws Exception {
    showTitle("authorizationCodeFlow");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    String clientId = "0008-525a95a3-5fe1-4ecf-878c-06f438e3f500";
    // registerResponse.getClientSecret();
    String clientSecret = "V9RKUZOtfk92";
    // 2. Request authorization and receive the authorization code.
    String nonce = UUID.randomUUID().toString();
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
    String scope = authorizationResponse.getScope();
    String authorizationCode = authorizationResponse.getCode();
    String idToken = authorizationResponse.getIdToken();
    // 3. Request access token using the authorization code.
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    TokenClient tokenClient1 = newTokenClient(tokenRequest);
    tokenClient1.setRequest(tokenRequest);
    TokenResponse tokenResponse1 = tokenClient1.exec();
    showClient(tokenClient1);
    assertTokenResponseOk(tokenResponse1, true, false);
    String refreshToken = tokenResponse1.getRefreshToken();
    // 4. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertIdToken(jwt, JwtClaimName.CODE_HASH);
    // 5. Request new access token using the refresh token.
    TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
    tokenClient2.setExecutor(clientEngine(true));
    TokenResponse tokenResponse2 = tokenClient2.execRefreshToken(scope, refreshToken, clientId, clientSecret);
    showClient(tokenClient2);
    assertTokenResponseOk(tokenResponse2, true, false);
    assertNotNull(tokenResponse2.getScope(), "The scope is null");
    String accessToken = tokenResponse2.getAccessToken();
    System.out.println("AT2: " + accessToken);
    Jwt at2Jwt = Jwt.parse(accessToken);
    assertNotNull(at2Jwt, "AT2 is null");
    System.out.println("AT2 claims: " + at2Jwt.getClaims().toJsonString());
    assertEquals("value1", at2Jwt.getClaims().getClaimAsString("claim1"));
}
Also used : TokenResponse(io.jans.as.client.TokenResponse) Jwt(io.jans.as.model.jwt.Jwt) TokenRequest(io.jans.as.client.TokenRequest) TokenClient(io.jans.as.client.TokenClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 45 with TokenRequest

use of io.jans.as.client.TokenRequest in project jans by JanssenProject.

the class ObtainAccessTokenLoadTest method obtainAccessToken.

// Think twice before invoking this test ;). Leads to OpenDJ (Berkley DB) failure
// Caused by: LDAPSearchException(resultCode=80 (other), numEntries=0, numReferences=0, errorMessage='Database exception: (JE 4.1.10) JAVA_ERROR: Java Error occurred, recovery may not be possible.')
// http://ox.gluu.org/doku.php?id=oxauth:profiling#obtain_access_token_-_2000_invocations_within_200_concurrent_threads
@Parameters({ "userId", "userSecret", "redirectUris" })
@Test(invocationCount = 1000, threadPoolSize = 100)
public void obtainAccessToken(final String userId, final String userSecret, String redirectUris) throws Exception {
    showTitle("requestClientAssociate1");
    redirectUris = "https://client.example.com/cb";
    final List<ResponseType> responseTypes = new ArrayList<ResponseType>();
    responseTypes.add(ResponseType.CODE);
    responseTypes.add(ResponseType.ID_TOKEN);
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse response = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(response, 201, true);
    final String clientId = response.getClientId();
    final String clientSecret = response.getClientSecret();
    // 1. Request authorization and receive the authorization code.
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    final AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUris, null);
    request.setState("af0ifjsldkj");
    request.setAuthUsername(userId);
    request.setAuthPassword(userSecret);
    request.getPrompts().add(Prompt.NONE);
    final AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(request);
    final AuthorizationResponse response1 = authorizeClient.exec();
    ClientUtils.showClient(authorizeClient);
    final String scope = response1.getScope();
    final String authorizationCode = response1.getCode();
    assertTrue(Util.allNotBlank(authorizationCode));
    // 2. Request access token using the authorization code.
    final TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUris);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    tokenRequest.setScope(scope);
    final TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
    tokenClient1.setRequest(tokenRequest);
    final TokenResponse response2 = tokenClient1.exec();
    ClientUtils.showClient(authorizeClient);
    assertTrue(response2.getStatus() == 200);
    final String patToken = response2.getAccessToken();
    final String patRefreshToken = response2.getRefreshToken();
    assertTrue(Util.allNotBlank(patToken, patRefreshToken));
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) ArrayList(java.util.ArrayList) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) TokenRequest(io.jans.as.client.TokenRequest) AuthorizeClient(io.jans.as.client.AuthorizeClient) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

TokenRequest (io.jans.as.client.TokenRequest)287 Parameters (org.testng.annotations.Parameters)266 Test (org.testng.annotations.Test)265 TokenResponse (io.jans.as.client.TokenResponse)241 TokenClient (io.jans.as.client.TokenClient)240 RegisterResponse (io.jans.as.client.RegisterResponse)230 BaseTest (io.jans.as.client.BaseTest)227 RegisterClient (io.jans.as.client.RegisterClient)212 RegisterRequest (io.jans.as.client.RegisterRequest)212 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)170 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)168 ResponseType (io.jans.as.model.common.ResponseType)165 AuthorizationRequest (io.jans.as.client.AuthorizationRequest)154 GrantType (io.jans.as.model.common.GrantType)46 JSONObject (org.json.JSONObject)42 Builder (javax.ws.rs.client.Invocation.Builder)41 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)41 Response (javax.ws.rs.core.Response)41 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)40 JSONException (org.json.JSONException)40
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial