Example 6 with TokenRevocationRequest
use of io.jans.as.client.TokenRevocationRequest in project jans by JanssenProject.
the class TokenRevocationTest method requestTokenRevocationFail3.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestTokenRevocationFail3(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) {
showTitle("requestTokenRevocationFail3");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization and receive the authorization code.
String nonce = UUID.randomUUID().toString();
AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
String authorizationCode = authorizationResponse.getCode();
// 3. Request access token using the authorization code.
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertTokenResponseOk(tokenResponse, true, false);
String refreshToken = tokenResponse.getRefreshToken();
// 4. Request token revocation without required parameter token
TokenRevocationRequest tokenRevocationRequest = new TokenRevocationRequest();
tokenRevocationRequest.setToken(null);
tokenRevocationRequest.setAuthUsername(clientId);
tokenRevocationRequest.setAuthPassword(clientSecret);
TokenRevocationClient tokenRevocationClient = new TokenRevocationClient(tokenRevocationEndpoint);
tokenRevocationClient.setRequest(tokenRevocationRequest);
TokenRevocationResponse tokenRevocationResponse = tokenRevocationClient.exec();
showClient(tokenRevocationClient);
assertEquals(tokenRevocationResponse.getStatus(), 400, "Unexpected response code: " + tokenRevocationResponse.getStatus());
assertNotNull(tokenRevocationResponse.getEntity(), "The entity is null");
assertNotNull(tokenRevocationResponse.getErrorType(), "The error type is null");
assertNotNull(tokenRevocationResponse.getErrorDescription(), "The error description is null");
}
Also used :
RegisterResponse(io.jans.as.client.RegisterResponse)
TokenResponse(io.jans.as.client.TokenResponse)
TokenRequest(io.jans.as.client.TokenRequest)
TokenRevocationRequest(io.jans.as.client.TokenRevocationRequest)
TokenRevocationClient(io.jans.as.client.TokenRevocationClient)
TokenClient(io.jans.as.client.TokenClient)
TokenRevocationResponse(io.jans.as.client.TokenRevocationResponse)
ResponseType(io.jans.as.model.common.ResponseType)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 7 with TokenRevocationRequest
use of io.jans.as.client.TokenRevocationRequest in project jans by JanssenProject.
the class TokenRevocationTest method requestTokenRevocation2.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestTokenRevocation2(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("requestTokenRevocation2");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization and receive the authorization code.
String nonce = UUID.randomUUID().toString();
AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
String scope = authorizationResponse.getScope();
String authorizationCode = authorizationResponse.getCode();
String idToken = authorizationResponse.getIdToken();
// 3. Request access token using the authorization code.
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
tokenClient1.setRequest(tokenRequest);
TokenResponse tokenResponse1 = tokenClient1.exec();
showClient(tokenClient1);
assertTokenResponseOk(tokenResponse1, true, false);
String accessToken = tokenResponse1.getAccessToken();
String refreshToken = tokenResponse1.getRefreshToken();
// 4. Validate id_token
Jwt jwt = Jwt.parse(idToken);
assertJwtStandarClaimsNotNull(jwt, false);
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.OX_OPENID_CONNECT_VERSION));
RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
assertTrue(rsaSigner.validate(jwt));
// 6. Request user info
UserInfoClient userInfoClient1 = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse1 = userInfoClient1.execUserInfo(accessToken);
showClient(userInfoClient1);
assertUserInfoBasicMinimumResponseOk(userInfoResponse1, 200);
assertUserInfoPersonalDataNotNull(userInfoResponse1);
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.BIRTHDATE));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.GENDER));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.MIDDLE_NAME));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.NICKNAME));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PREFERRED_USERNAME));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PROFILE));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.WEBSITE));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.EMAIL_VERIFIED));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PHONE_NUMBER));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.ADDRESS));
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.USER_NAME));
assertNull(userInfoResponse1.getClaim("org_name"));
assertNull(userInfoResponse1.getClaim("work_phone"));
// 7. Request access token revocation
TokenRevocationRequest tokenRevocationRequest2 = new TokenRevocationRequest();
tokenRevocationRequest2.setToken(accessToken);
tokenRevocationRequest2.setTokenTypeHint(TokenTypeHint.ACCESS_TOKEN);
tokenRevocationRequest2.setAuthUsername(clientId);
tokenRevocationRequest2.setAuthPassword(clientSecret);
TokenRevocationClient tokenRevocationClient2 = new TokenRevocationClient(tokenRevocationEndpoint);
tokenRevocationClient2.setRequest(tokenRevocationRequest2);
TokenRevocationResponse tokenRevocationResponse2 = tokenRevocationClient2.exec();
showClient(tokenRevocationClient2);
assertEquals(tokenRevocationResponse2.getStatus(), 200, "Unexpected response code: " + tokenRevocationResponse2.getStatus());
// 8. Request user info with the revoked access token must fail
UserInfoClient userInfoClient2 = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse2 = userInfoClient2.execUserInfo(accessToken);
showClient(userInfoClient2);
assertEquals(userInfoResponse2.getStatus(), 401, "Unexpected response code: " + userInfoResponse2.getStatus());
assertNotNull(userInfoResponse2.getErrorType(), "Unexpected result: errorType not found");
assertNotNull(userInfoResponse2.getErrorDescription(), "Unexpected result: errorDescription not found");
// 9. Request new access token using the refresh token must fail.
TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
TokenResponse tokenResponse2 = tokenClient2.execRefreshToken(scope, refreshToken, clientId, clientSecret);
showClient(tokenClient2);
assertEquals(tokenResponse2.getStatus(), 400, "Unexpected response code: " + tokenResponse2.getStatus());
assertNotNull(tokenResponse2.getEntity(), "The entity is null");
assertNotNull(tokenResponse2.getErrorType(), "The error type is null");
assertNotNull(tokenResponse2.getErrorDescription(), "The error description is null");
}
Also used :
Jwt(io.jans.as.model.jwt.Jwt)
TokenRevocationRequest(io.jans.as.client.TokenRevocationRequest)
TokenRevocationClient(io.jans.as.client.TokenRevocationClient)
UserInfoClient(io.jans.as.client.UserInfoClient)
ResponseType(io.jans.as.model.common.ResponseType)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
RegisterResponse(io.jans.as.client.RegisterResponse)
TokenResponse(io.jans.as.client.TokenResponse)
RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey)
RSASigner(io.jans.as.model.jws.RSASigner)
TokenRequest(io.jans.as.client.TokenRequest)
UserInfoResponse(io.jans.as.client.UserInfoResponse)
TokenClient(io.jans.as.client.TokenClient)
TokenRevocationResponse(io.jans.as.client.TokenRevocationResponse)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 8 with TokenRevocationRequest
use of io.jans.as.client.TokenRevocationRequest in project jans by JanssenProject.
the class TokenRevocationTest method requestTokenRevocationFail2.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestTokenRevocationFail2(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) {
showTitle("requestTokenRevocationFail2");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization and receive the authorization code.
String nonce = UUID.randomUUID().toString();
AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
String authorizationCode = authorizationResponse.getCode();
// 3. Request access token using the authorization code.
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertTokenResponseOk(tokenResponse, true, false);
String accessToken = tokenResponse.getAccessToken();
// 4. Request refresh token revocation: Invalid tokens do not cause an error.
TokenRevocationRequest tokenRevocationRequest = new TokenRevocationRequest();
tokenRevocationRequest.setToken("INVALID_ACCESS_TOKEN");
tokenRevocationRequest.setTokenTypeHint(TokenTypeHint.ACCESS_TOKEN);
tokenRevocationRequest.setAuthUsername(clientId);
tokenRevocationRequest.setAuthPassword(clientSecret);
TokenRevocationClient tokenRevocationClient = new TokenRevocationClient(tokenRevocationEndpoint);
tokenRevocationClient.setRequest(tokenRevocationRequest);
TokenRevocationResponse tokenRevocationResponse = tokenRevocationClient.exec();
showClient(tokenRevocationClient);
assertEquals(tokenRevocationResponse.getStatus(), 200, "Unexpected response code: " + tokenRevocationResponse.getStatus());
// 5. Request user info
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
showClient(userInfoClient);
assertUserInfoBasicMinimumResponseOk(userInfoResponse, 200);
assertUserInfoPersonalDataNotNull(userInfoResponse);
assertNotNull(userInfoResponse.getClaim(JwtClaimName.BIRTHDATE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.GENDER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.MIDDLE_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NICKNAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PREFERRED_USERNAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PROFILE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.WEBSITE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL_VERIFIED));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.USER_NAME));
assertNull(userInfoResponse.getClaim("org_name"));
assertNull(userInfoResponse.getClaim("work_phone"));
}
Also used :
TokenRevocationRequest(io.jans.as.client.TokenRevocationRequest)
TokenRevocationClient(io.jans.as.client.TokenRevocationClient)
UserInfoClient(io.jans.as.client.UserInfoClient)
ResponseType(io.jans.as.model.common.ResponseType)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
RegisterResponse(io.jans.as.client.RegisterResponse)
TokenResponse(io.jans.as.client.TokenResponse)
TokenRequest(io.jans.as.client.TokenRequest)
UserInfoResponse(io.jans.as.client.UserInfoResponse)
TokenClient(io.jans.as.client.TokenClient)
TokenRevocationResponse(io.jans.as.client.TokenRevocationResponse)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Aggregations
AuthorizationResponse (io.jans.as.client.AuthorizationResponse)8
BaseTest (io.jans.as.client.BaseTest)8
RegisterResponse (io.jans.as.client.RegisterResponse)8
TokenRevocationClient (io.jans.as.client.TokenRevocationClient)8
TokenRevocationRequest (io.jans.as.client.TokenRevocationRequest)8
TokenRevocationResponse (io.jans.as.client.TokenRevocationResponse)8
ResponseType (io.jans.as.model.common.ResponseType)8
Parameters (org.testng.annotations.Parameters)8
Test (org.testng.annotations.Test)8
TokenClient (io.jans.as.client.TokenClient)7
TokenRequest (io.jans.as.client.TokenRequest)7
TokenResponse (io.jans.as.client.TokenResponse)7
UserInfoClient (io.jans.as.client.UserInfoClient)6
UserInfoResponse (io.jans.as.client.UserInfoResponse)6
RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)4
RSASigner (io.jans.as.model.jws.RSASigner)4
Jwt (io.jans.as.model.jwt.Jwt)4
