Examples with TokenResponse io.jans.as.client.TokenResponse used on opensource projects

Search in sources :

Example 96 with TokenResponse

use of io.jans.as.client.TokenResponse in project jans by JanssenProject.

the class ValidateIdTokenHashesTest method validateIdTokenHashes.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void validateIdTokenHashes(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("authorizationCodeFlow");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.TOKEN, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setScope(scopes);
    registerRequest.setSubjectType(SubjectType.PAIRWISE);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization and receive the authorization code.
    String nonce = UUID.randomUUID().toString();
    String stateParam = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(stateParam);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, true);
    assertEquals(authorizationResponse.getState(), stateParam);
    String scope = authorizationResponse.getScope();
    String authorizationCode = authorizationResponse.getCode();
    String accessToken = authorizationResponse.getAccessToken();
    String idToken = authorizationResponse.getIdToken();
    String state = authorizationResponse.getState();
    // 3. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertIdToken(jwt);
    RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
    assertTrue(rsaSigner.validate(jwt));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
    assertTrue(rsaSigner.validateAuthorizationCode(authorizationCode, jwt));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
    assertTrue(rsaSigner.validateAccessToken(accessToken, jwt));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.STATE_HASH));
    assertTrue(rsaSigner.validateState(state, jwt));
    // 4. Request access token using the authorization code.
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
    tokenClient1.setRequest(tokenRequest);
    TokenResponse tokenResponse1 = tokenClient1.exec();
    showClient(tokenClient1);
    assertTokenResponseOk(tokenResponse1, true, false);
    String refreshToken = tokenResponse1.getRefreshToken();
    String idToken2 = tokenResponse1.getIdToken();
    String accessToken2 = tokenResponse1.getAccessToken();
    // 5. Validate id_token
    Jwt jwt2 = Jwt.parse(idToken2);
    assertIdToken(jwt2);
    RSAPublicKey publicKey2 = JwkClient.getRSAPublicKey(jwksUri, jwt2.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner2 = new RSASigner(SignatureAlgorithm.RS256, publicKey2);
    assertTrue(rsaSigner2.validate(jwt2));
    assertNotNull(jwt2.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
    assertTrue(rsaSigner2.validateAccessToken(accessToken2, jwt2));
    assertNull(jwt2.getClaims().getClaimAsString(JwtClaimName.STATE_HASH));
    // 6. Request new access token using the refresh token.
    TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
    TokenResponse tokenResponse2 = tokenClient2.execRefreshToken(scope, refreshToken, clientId, clientSecret);
    showClient(tokenClient2);
    assertTokenResponseOk(tokenResponse2, true, false);
    assertNotNull(tokenResponse2.getScope(), "The scope is null");
    String accessToken3 = tokenResponse2.getAccessToken();
    // 7. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken3);
    showClient(userInfoClient);
    assertUserInfoBasicMinimumResponseOk(userInfoResponse, 200);
    assertUserInfoPersonalDataNotNull(userInfoResponse);
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.BIRTHDATE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.GENDER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.MIDDLE_NAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.NICKNAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PREFERRED_USERNAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PROFILE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.WEBSITE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL_VERIFIED));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.USER_NAME));
    assertNull(userInfoResponse.getClaim("org_name"));
    assertNull(userInfoResponse.getClaim("work_phone"));
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) Jwt(io.jans.as.model.jwt.Jwt) UserInfoClient(io.jans.as.client.UserInfoClient) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) TokenResponse(io.jans.as.client.TokenResponse) RegisterClient(io.jans.as.client.RegisterClient) RSASigner(io.jans.as.model.jws.RSASigner) TokenRequest(io.jans.as.client.TokenRequest) UserInfoResponse(io.jans.as.client.UserInfoResponse) TokenClient(io.jans.as.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 97 with TokenResponse

use of io.jans.as.client.TokenResponse in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method deviceAuthzFlowAccessDenied.

/**
 * Device authorization with access denied.
 */
@Parameters({ "userId", "userSecret" })
@Test
public void deviceAuthzFlowAccessDenied(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlowAccessDenied");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    AuthorizationResponse authorizationResponse = processDeviceAuthzDenyAccess(userId, userSecret, response.getUserCode(), currentDriver, false, pageConfig);
    validateErrorResponse(authorizationResponse, AuthorizeErrorResponseType.ACCESS_DENIED);
    // 4. Token request
    TokenResponse tokenResponse = processTokens(clientId, clientSecret, response.getDeviceCode());
    assertNotNull(tokenResponse.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse.getErrorType(), TokenErrorResponseType.ACCESS_DENIED, "Unexpected error");
}
Also used : WebDriver(org.openqa.selenium.WebDriver) DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) PageConfig(io.jans.as.client.page.PageConfig) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 98 with TokenResponse

use of io.jans.as.client.TokenResponse in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method checkSlowDownOrPendingState.

/**
 * Verifies that token endpoint should return slow down or authorization pending states when token is in process.
 */
@Test
public void checkSlowDownOrPendingState() throws Exception {
    showTitle("checkSlowDownOrPendingState");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    byte count = 3;
    while (count > 0) {
        TokenResponse tokenResponse = processTokens(clientId, clientSecret, response.getDeviceCode());
        assertNotNull(tokenResponse.getErrorType(), "Error expected, however no error was found");
        assertNotNull(tokenResponse.getErrorDescription(), "Error description expected, however no error was found");
        assertTrue(tokenResponse.getErrorType() == TokenErrorResponseType.AUTHORIZATION_PENDING || tokenResponse.getErrorType() == TokenErrorResponseType.SLOW_DOWN, "Unexpected error");
        Thread.sleep(200);
        count--;
    }
}
Also used : DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 99 with TokenResponse

use of io.jans.as.client.TokenResponse in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method processNewTokenWithRefreshToken.

private TokenResponse processNewTokenWithRefreshToken(String scopes, String refreshToken, String clientId, String clientSecret) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
    TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
    tokenClient2.setExecutor(clientEngine(true));
    TokenResponse tokenResponse2 = tokenClient2.execRefreshToken(scopes, refreshToken, clientId, clientSecret);
    showClient(tokenClient2);
    assertTokenResponseOk(tokenResponse2, true, false);
    assertNotNull(tokenResponse2.getScope(), "The scope is null");
    return tokenResponse2;
}
Also used : TokenResponse(io.jans.as.client.TokenResponse) TokenClient(io.jans.as.client.TokenClient)

Example 100 with TokenResponse

use of io.jans.as.client.TokenResponse in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method deviceAuthzFlowWithCompleteVerificationUri.

/**
 * Process a complete device authorization flow using verification_uri_complete
 */
@Parameters({ "userId", "userSecret" })
@Test
public void deviceAuthzFlowWithCompleteVerificationUri(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlow");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    processDeviceAuthzPutUserCodeAndPressContinue(response.getUserCode(), currentDriver, true, pageConfig);
    AuthorizationResponse authorizationResponse = processAuthorization(userId, userSecret, currentDriver);
    stopWebDriver(false, currentDriver);
    assertSuccessAuthzResponse(authorizationResponse);
    // 4. Token request
    TokenResponse tokenResponse1 = processTokens(clientId, clientSecret, response.getDeviceCode());
    validateTokenSuccessfulResponse(tokenResponse1);
    String refreshToken = tokenResponse1.getRefreshToken();
    String idToken = tokenResponse1.getIdToken();
    // 5. Validate id_token
    verifyIdToken(idToken);
    // 6. Request new access token using the refresh token.
    TokenResponse tokenResponse2 = processNewTokenWithRefreshToken(StringUtils.implode(scopes, " "), refreshToken, clientId, clientSecret);
    validateTokenSuccessfulResponse(tokenResponse2);
    String accessToken = tokenResponse2.getAccessToken();
    // 7. Request user info
    processUserInfo(accessToken);
}
Also used : WebDriver(org.openqa.selenium.WebDriver) DeviceAuthzClient(io.jans.as.client.DeviceAuthzClient) RegisterResponse(io.jans.as.client.RegisterResponse) DeviceAuthzRequest(io.jans.as.client.DeviceAuthzRequest) TokenResponse(io.jans.as.client.TokenResponse) PageConfig(io.jans.as.client.page.PageConfig) DeviceAuthzResponse(io.jans.as.client.DeviceAuthzResponse) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

TokenResponse (io.jans.as.client.TokenResponse)280 TokenClient (io.jans.as.client.TokenClient)263 Parameters (org.testng.annotations.Parameters)259 Test (org.testng.annotations.Test)254 BaseTest (io.jans.as.client.BaseTest)253 RegisterResponse (io.jans.as.client.RegisterResponse)245 TokenRequest (io.jans.as.client.TokenRequest)241 RegisterClient (io.jans.as.client.RegisterClient)223 RegisterRequest (io.jans.as.client.RegisterRequest)223 ResponseType (io.jans.as.model.common.ResponseType)185 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)178 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)160 AuthorizationRequest (io.jans.as.client.AuthorizationRequest)159 GrantType (io.jans.as.model.common.GrantType)53 UserInfoResponse (io.jans.as.client.UserInfoResponse)37 UserInfoClient (io.jans.as.client.UserInfoClient)36 Jwt (io.jans.as.model.jwt.Jwt)30 RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)24 RSASigner (io.jans.as.model.jws.RSASigner)24 ClientInfoClient (io.jans.as.client.ClientInfoClient)16
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial