Examples with UserInfoClient io.jans.as.client.UserInfoClient used on opensource projects

Example 81 with UserInfoClient

use of io.jans.as.client.UserInfoClient in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method processUserInfo.

private void processUserInfo(String accessToken) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    userInfoClient.setExecutor(clientEngine(true));
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertUserInfoBasicMinimumResponseOk(userInfoResponse, 200);
    assertUserInfoPersonalDataNotNull(userInfoResponse);
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.BIRTHDATE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.GENDER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.MIDDLE_NAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.NICKNAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PREFERRED_USERNAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PROFILE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.WEBSITE));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL_VERIFIED));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.USER_NAME));
    assertNull(userInfoResponse.getClaim("org_name"));
    assertNull(userInfoResponse.getClaim("work_phone"));
}

Example 82 with UserInfoClient

use of io.jans.as.client.UserInfoClient in project jans by JanssenProject.

the class UserInfoRestWebServiceHttpTest method requestUserInfoDynamicScopesPasswordFlow.

@Parameters({ "userId", "userSecret", "redirectUris", "sectorIdentifierUri" })
@Test
public void requestUserInfoDynamicScopesPasswordFlow(final String userId, final String userSecret, final String redirectUris, final String sectorIdentifierUri) {
    showTitle("requestUserInfoDynamicScopesPasswordFlow");
    List<ResponseType> responseTypes = new ArrayList<ResponseType>();
    List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    RegisterResponse registerResponse = register(redirectUris, responseTypes, grantTypes, sectorIdentifierUri);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization
    String username = userId;
    String password = userSecret;
    String scope = "openid profile address email org_name work_phone";
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    TokenResponse response1 = tokenClient.execResourceOwnerPasswordCredentialsGrant(username, password, scope, clientId, clientSecret);
    showClient(tokenClient);
    assertTokenResponseOk(response1, false, false);
    assertNotNull(response1.getScope(), "The scope is null");
    String accessToken = response1.getAccessToken();
    // 3. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse response2 = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertUserInfoBasicMinimumResponseOk(response2, 200);
    assertUserInfoPersonalDataNotNull(response2);
    assertNotNull(response2.getClaim("org_name"));
    assertNotNull(response2.getClaim("work_phone"));
}

Example 83 with UserInfoClient

use of io.jans.as.client.UserInfoClient in project jans by JanssenProject.

the class UserInfoRestWebServiceHttpTest method requestUserInfoES512.

@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "sectorIdentifierUri" })
@Test
public void requestUserInfoES512(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) {
    showTitle("requestUserInfoES512");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
    // 1. Dynamic Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setUserInfoSignedResponseAlg(SignatureAlgorithm.ES512);
    registerRequest.setSubjectType(SubjectType.PAIRWISE);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, clientId);
    String accessToken = authorizationResponse.getAccessToken();
    // 3. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    userInfoClient.setJwksUri(jwksUri);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    showClient(userInfoClient);
    assertUserInfoBasicResponseOk(userInfoResponse, 200);
    assertUserInfoPersonalDataNotNull(userInfoResponse);
}

Example 84 with UserInfoClient

use of io.jans.as.client.UserInfoClient in project jans by JanssenProject.

the class UserInfoRestWebServiceHttpTest method claimsRequestWithEssentialNameClaim.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "postLogoutRedirectUri" })
@Test
public void claimsRequestWithEssentialNameClaim(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri, final String clientJwksUri, final String postLogoutRedirectUri) throws Exception {
    showTitle("claimsRequestWithEssentialNameClaim");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    List<GrantType> grantTypes = Arrays.asList(GrantType.AUTHORIZATION_CODE);
    // 1. Dynamic Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setGrantTypes(grantTypes);
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setPostLogoutRedirectUris(Arrays.asList(postLogoutRedirectUri));
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    registerRequest.setSubjectType(SubjectType.PAIRWISE);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider();
    List<String> scopes = Arrays.asList("openid");
    String nonce = UUID.randomUUID().toString();
    String state = UUID.randomUUID().toString();
    JSONObject claimsObj = new JSONObject();
    UserInfoMember userInfoMember = new UserInfoMember();
    userInfoMember.getClaims().add(new Claim("name", ClaimValue.createEssential(true)));
    claimsObj.put("userinfo", userInfoMember.toJSONObject());
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);
    authorizationRequest.setClaims(claimsObj);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, responseTypes, true);
    String authorizationCode = authorizationResponse.getCode();
    // 3. Request access token using the authorization code.
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    tokenClient.setRequest(tokenRequest);
    TokenResponse tokenResponse = tokenClient.exec();
    showClient(tokenClient);
    assertTokenResponseOk(tokenResponse, true, false);
    String accessToken = tokenResponse.getAccessToken();
    // 4. Request user info
    UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    userInfoClient.setRequest(userInfoRequest);
    UserInfoResponse userInfoResponse = userInfoClient.exec();
    showClient(userInfoClient);
    assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
}

Example 85 with UserInfoClient

use of io.jans.as.client.UserInfoClient in project jans by JanssenProject.

the class TokenRevocationTest method requestTokenRevocationOptionalTokenTypeHint.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestTokenRevocationOptionalTokenTypeHint(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("requestTokenRevocationOptionalTokenTypeHint");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    // 1. Register client
    RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization and receive the authorization code.
    String nonce = UUID.randomUUID().toString();
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
    String scope = authorizationResponse.getScope();
    String authorizationCode = authorizationResponse.getCode();
    String idToken = authorizationResponse.getIdToken();
    // 3. Request access token using the authorization code.
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
    tokenClient1.setRequest(tokenRequest);
    TokenResponse tokenResponse1 = tokenClient1.exec();
    showClient(tokenClient1);
    assertTokenResponseOk(tokenResponse1, true, false);
    String refreshToken = tokenResponse1.getRefreshToken();
    // 4. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertJwtStandarClaimsNotNull(jwt, false);
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.OX_OPENID_CONNECT_VERSION));
    RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
    assertTrue(rsaSigner.validate(jwt));
    // 5. Request new access token using the refresh token.
    TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
    TokenResponse tokenResponse2 = tokenClient2.execRefreshToken(scope, refreshToken, clientId, clientSecret);
    showClient(tokenClient2);
    assertTokenResponseOk(tokenResponse2, true, false);
    assertNotNull(tokenResponse2.getScope(), "The scope is null");
    String accessToken = tokenResponse2.getAccessToken();
    String refreshToken2 = tokenResponse2.getRefreshToken();
    // 6. Request user info
    UserInfoClient userInfoClient1 = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse1 = userInfoClient1.execUserInfo(accessToken);
    showClient(userInfoClient1);
    assertUserInfoBasicMinimumResponseOk(userInfoResponse1, 200);
    assertUserInfoPersonalDataNotNull(userInfoResponse1);
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.BIRTHDATE));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.GENDER));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.MIDDLE_NAME));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.NICKNAME));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PREFERRED_USERNAME));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PROFILE));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.WEBSITE));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.EMAIL_VERIFIED));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PHONE_NUMBER));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.ADDRESS));
    assertNotNull(userInfoResponse1.getClaim(JwtClaimName.USER_NAME));
    assertNull(userInfoResponse1.getClaim("org_name"));
    assertNull(userInfoResponse1.getClaim("work_phone"));
    // 7. Request refresh token revocation
    TokenRevocationRequest tokenRevocationRequest1 = new TokenRevocationRequest();
    tokenRevocationRequest1.setToken(refreshToken2);
    tokenRevocationRequest1.setAuthUsername(clientId);
    tokenRevocationRequest1.setAuthPassword(clientSecret);
    TokenRevocationClient tokenRevocationClient1 = new TokenRevocationClient(tokenRevocationEndpoint);
    tokenRevocationClient1.setRequest(tokenRevocationRequest1);
    TokenRevocationResponse tokenRevocationResponse1 = tokenRevocationClient1.exec();
    showClient(tokenRevocationClient1);
    assertEquals(tokenRevocationResponse1.getStatus(), 200, "Unexpected response code: " + tokenRevocationResponse1.getStatus());
    // 8. Request new access token using the revoked refresh token should fail.
    TokenClient tokenClient3 = new TokenClient(tokenEndpoint);
    TokenResponse tokenResponse3 = tokenClient3.execRefreshToken(scope, refreshToken2, clientId, clientSecret);
    showClient(tokenClient3);
    assertEquals(tokenResponse3.getStatus(), 400, "Unexpected response code: " + tokenResponse2.getStatus());
    assertNotNull(tokenResponse3.getEntity(), "The entity is null");
    assertNotNull(tokenResponse3.getErrorType(), "The error type is null");
    assertNotNull(tokenResponse3.getErrorDescription(), "The error description is null");
    // 9. Request token revocation
    TokenRevocationRequest tokenRevocationRequest2 = new TokenRevocationRequest();
    tokenRevocationRequest2.setToken(accessToken);
    tokenRevocationRequest2.setAuthUsername(clientId);
    tokenRevocationRequest2.setAuthPassword(clientSecret);
    TokenRevocationClient tokenRevocationClient2 = new TokenRevocationClient(tokenRevocationEndpoint);
    tokenRevocationClient2.setRequest(tokenRevocationRequest2);
    TokenRevocationResponse tokenRevocationResponse2 = tokenRevocationClient2.exec();
    showClient(tokenRevocationClient2);
    assertEquals(tokenRevocationResponse2.getStatus(), 200, "Unexpected response code: " + tokenRevocationResponse2.getStatus());
    // 10. Request user info with the revoked access token should fail
    UserInfoClient userInfoClient2 = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse userInfoResponse2 = userInfoClient2.execUserInfo(accessToken);
    showClient(userInfoClient2);
    assertEquals(userInfoResponse2.getStatus(), 401, "Unexpected response code: " + userInfoResponse2.getStatus());
    assertNotNull(userInfoResponse2.getErrorType(), "Unexpected result: errorType not found");
    assertNotNull(userInfoResponse2.getErrorDescription(), "Unexpected result: errorDescription not found");
}