Example 16 with UserInfoRequest
use of io.jans.as.client.UserInfoRequest in project jans by JanssenProject.
the class MultivaluedClaims method authorizationRequestObjectWithMultivaluedClaimAlgRSA15EncA256CBCPLUSHS512.
@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "dnName", "keyStoreFile", "keyStoreSecret", "RSA1_5_keyId", "clientJwksUri", "sectorIdentifierUri" })
@Test
public void authorizationRequestObjectWithMultivaluedClaimAlgRSA15EncA256CBCPLUSHS512(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String clientKeyId, final String clientJwksUri, final String sectorIdentifierUri) throws Exception {
showTitle("authorizationRequestObjectWithMultivaluedClaimAlgRSA15EncA256CBCPLUSHS512");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setIdTokenEncryptedResponseAlg(KeyEncryptionAlgorithm.RSA1_5);
registerRequest.setIdTokenEncryptedResponseEnc(BlockEncryptionAlgorithm.A256CBC_PLUS_HS512);
registerRequest.setUserInfoEncryptedResponseAlg(KeyEncryptionAlgorithm.RSA1_5);
registerRequest.setUserInfoEncryptedResponseEnc(BlockEncryptionAlgorithm.A256CBC_PLUS_HS512);
registerRequest.setRequestObjectEncryptionAlg(KeyEncryptionAlgorithm.RSA1_5);
registerRequest.setRequestObjectEncryptionEnc(BlockEncryptionAlgorithm.A256CBC_PLUS_HS512);
registerRequest.setClaims(Arrays.asList("member_of"));
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
String clientId = registerResponse.getClientId();
// 2. Choose encryption key
JwkClient jwkClient = new JwkClient(jwksUri);
JwkResponse jwkResponse = jwkClient.exec();
String serverKeyId = jwkResponse.getKeyId(Algorithm.RSA1_5);
assertNotNull(serverKeyId);
// 3. Request authorization
JSONObject jwks = JwtUtil.getJSONWebKeys(jwksUri);
AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, KeyEncryptionAlgorithm.RSA1_5, BlockEncryptionAlgorithm.A256CBC_PLUS_HS512, cryptoProvider);
jwtAuthorizationRequest.setKeyId(serverKeyId);
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createEssential(true)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim("member_of", ClaimValue.createEssential(true)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim("member_of", ClaimValue.createEssential(true)));
String authJwt = jwtAuthorizationRequest.getEncodedJwt(jwks);
authorizationRequest.setRequest(authJwt);
AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
authorizeClient.setRequest(authorizationRequest);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertAuthorizationResponse(authorizationResponse, responseTypes, true);
String idToken = authorizationResponse.getIdToken();
String accessToken = authorizationResponse.getAccessToken();
// 4. Validate id_token
PrivateKey privateKey = cryptoProvider.getPrivateKey(clientKeyId);
Jwe jwe = Jwe.parse(idToken, privateKey, null);
assertJweStandarClaimsNotNull(jwe, true);
assertNotNull(jwe.getClaims().getClaimAsStringList("member_of"));
assertTrue(jwe.getClaims().getClaimAsStringList("member_of").size() > 1);
// 5. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
userInfoClient.setPrivateKey(privateKey);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim("member_of"));
assertTrue(userInfoResponse.getClaim("member_of").size() > 1);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
AuthorizationRequest(io.jans.as.client.AuthorizationRequest)
JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest)
PrivateKey(java.security.PrivateKey)
UserInfoRequest(io.jans.as.client.UserInfoRequest)
UserInfoClient(io.jans.as.client.UserInfoClient)
ResponseType(io.jans.as.model.common.ResponseType)
JwkClient(io.jans.as.client.JwkClient)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
RegisterResponse(io.jans.as.client.RegisterResponse)
JwkResponse(io.jans.as.client.JwkResponse)
JSONObject(org.json.JSONObject)
RegisterClient(io.jans.as.client.RegisterClient)
JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest)
Jwe(io.jans.as.model.jwe.Jwe)
UserInfoResponse(io.jans.as.client.UserInfoResponse)
AuthorizeClient(io.jans.as.client.AuthorizeClient)
AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider)
Claim(io.jans.as.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 17 with UserInfoRequest
use of io.jans.as.client.UserInfoRequest in project jans by JanssenProject.
the class MultivaluedClaims method authorizationRequestWithMultivaluedClaimHS512.
@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "sectorIdentifierUri" })
@Test
public void authorizationRequestWithMultivaluedClaimHS512(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("authorizationRequestWithMultivaluedClaimHS512");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.HS512);
registerRequest.setUserInfoSignedResponseAlg(SignatureAlgorithm.HS512);
registerRequest.addCustomAttribute("jansInclClaimsInIdTkn", "true");
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "test");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
authorizeClient.setRequest(authorizationRequest);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertAuthorizationResponse(authorizationResponse, responseTypes, true);
String idToken = authorizationResponse.getIdToken();
String accessToken = authorizationResponse.getAccessToken();
// 3. Validate id_token
Jwt jwt = Jwt.parse(idToken);
assertJwtStandarClaimsNotNull(jwt, true);
assertNotNull(jwt.getClaims().getClaimAsStringList("member_of"));
assertTrue(jwt.getClaims().getClaimAsStringList("member_of").size() > 1);
HMACSigner hmacSigner = new HMACSigner(SignatureAlgorithm.HS512, clientSecret);
assertTrue(hmacSigner.validate(jwt));
// 4. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
userInfoClient.setSharedKey(clientSecret);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim("member_of"));
assertTrue(userInfoResponse.getClaim("member_of").size() > 1);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
AuthorizationRequest(io.jans.as.client.AuthorizationRequest)
JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest)
Jwt(io.jans.as.model.jwt.Jwt)
UserInfoRequest(io.jans.as.client.UserInfoRequest)
UserInfoClient(io.jans.as.client.UserInfoClient)
ResponseType(io.jans.as.model.common.ResponseType)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
RegisterResponse(io.jans.as.client.RegisterResponse)
HMACSigner(io.jans.as.model.jws.HMACSigner)
RegisterClient(io.jans.as.client.RegisterClient)
UserInfoResponse(io.jans.as.client.UserInfoResponse)
AuthorizeClient(io.jans.as.client.AuthorizeClient)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 18 with UserInfoRequest
use of io.jans.as.client.UserInfoRequest in project jans by JanssenProject.
the class MultivaluedClaims method authorizationRequestWithMultivaluedClaimPS256.
@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "sectorIdentifierUri" })
@Test
public void authorizationRequestWithMultivaluedClaimPS256(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("authorizationRequestWithMultivaluedClaimPS256");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setUserInfoSignedResponseAlg(SignatureAlgorithm.PS256);
registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.PS256);
registerRequest.addCustomAttribute("jansInclClaimsInIdTkn", "true");
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
String clientId = registerResponse.getClientId();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "test");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
authorizeClient.setRequest(authorizationRequest);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertAuthorizationResponse(authorizationResponse, responseTypes, true);
String idToken = authorizationResponse.getIdToken();
String accessToken = authorizationResponse.getAccessToken();
// 3. Validate id_token
Jwt jwt = Jwt.parse(idToken);
assertJwtStandarClaimsNotNull(jwt, true);
assertNotNull(jwt.getClaims().getClaimAsStringList("member_of"));
assertTrue(jwt.getClaims().getClaimAsStringList("member_of").size() > 1);
RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.PS256, publicKey);
assertTrue(rsaSigner.validate(jwt));
// 4. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
userInfoClient.setJwksUri(jwksUri);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim("member_of"));
assertTrue(userInfoResponse.getClaim("member_of").size() > 1);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
AuthorizationRequest(io.jans.as.client.AuthorizationRequest)
JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest)
Jwt(io.jans.as.model.jwt.Jwt)
UserInfoRequest(io.jans.as.client.UserInfoRequest)
UserInfoClient(io.jans.as.client.UserInfoClient)
ResponseType(io.jans.as.model.common.ResponseType)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
RegisterResponse(io.jans.as.client.RegisterResponse)
RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey)
RegisterClient(io.jans.as.client.RegisterClient)
RSASigner(io.jans.as.model.jws.RSASigner)
UserInfoResponse(io.jans.as.client.UserInfoResponse)
AuthorizeClient(io.jans.as.client.AuthorizeClient)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 19 with UserInfoRequest
use of io.jans.as.client.UserInfoRequest in project jans by JanssenProject.
the class MultivaluedClaims method authorizationRequestObjectWithMultivaluedClaimHS512.
@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void authorizationRequestObjectWithMultivaluedClaimHS512(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
showTitle("authorizationRequestObjectWithMultivaluedClaimHS512");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.HS512);
registerRequest.setUserInfoSignedResponseAlg(SignatureAlgorithm.HS512);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.HS512);
registerRequest.setClaims(Arrays.asList("member_of"));
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS512, clientSecret, cryptoProvider);
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createEssential(true)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim("member_of", ClaimValue.createEssential(true)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim("member_of", ClaimValue.createEssential(true)));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
authorizeClient.setRequest(authorizationRequest);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertAuthorizationResponse(authorizationResponse, responseTypes, true);
String idToken = authorizationResponse.getIdToken();
String accessToken = authorizationResponse.getAccessToken();
// 3. Validate id_token
Jwt jwt = Jwt.parse(idToken);
assertJwtStandarClaimsNotNull(jwt, true);
assertNotNull(jwt.getClaims().getClaimAsStringList("member_of"));
assertTrue(jwt.getClaims().getClaimAsStringList("member_of").size() > 1);
HMACSigner hmacSigner = new HMACSigner(SignatureAlgorithm.HS512, clientSecret);
assertTrue(hmacSigner.validate(jwt));
// 4. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
userInfoClient.setSharedKey(clientSecret);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim("member_of"));
assertTrue(userInfoResponse.getClaim("member_of").size() > 1);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
AuthorizationRequest(io.jans.as.client.AuthorizationRequest)
JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest)
Jwt(io.jans.as.model.jwt.Jwt)
UserInfoRequest(io.jans.as.client.UserInfoRequest)
UserInfoClient(io.jans.as.client.UserInfoClient)
ResponseType(io.jans.as.model.common.ResponseType)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
RegisterResponse(io.jans.as.client.RegisterResponse)
HMACSigner(io.jans.as.model.jws.HMACSigner)
RegisterClient(io.jans.as.client.RegisterClient)
JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest)
UserInfoResponse(io.jans.as.client.UserInfoResponse)
AuthorizeClient(io.jans.as.client.AuthorizeClient)
AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider)
Claim(io.jans.as.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Example 20 with UserInfoRequest
use of io.jans.as.client.UserInfoRequest in project jans by JanssenProject.
the class MultivaluedClaims method authorizationRequestWithMultivaluedClaimES384.
@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "sectorIdentifierUri" })
@Test
public void authorizationRequestWithMultivaluedClaimES384(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("authorizationRequestWithMultivaluedClaimES384");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.ES384);
registerRequest.setUserInfoSignedResponseAlg(SignatureAlgorithm.ES384);
registerRequest.addCustomAttribute("jansInclClaimsInIdTkn", "true");
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertRegisterResponseOk(registerResponse, 201, true);
String clientId = registerResponse.getClientId();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "test");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
authorizeClient.setRequest(authorizationRequest);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertAuthorizationResponse(authorizationResponse, responseTypes, true);
String idToken = authorizationResponse.getIdToken();
String accessToken = authorizationResponse.getAccessToken();
// 3. Validate id_token
Jwt jwt = Jwt.parse(idToken);
assertJwtStandarClaimsNotNull(jwt, true);
assertNotNull(jwt.getClaims().getClaimAsStringList("member_of"));
assertTrue(jwt.getClaims().getClaimAsStringList("member_of").size() > 1);
ECDSAPublicKey publicKey = JwkClient.getECDSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
ECDSASigner ecdsaSigner = new ECDSASigner(SignatureAlgorithm.ES384, publicKey);
assertTrue(ecdsaSigner.validate(jwt));
// 4. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
userInfoClient.setJwksUri(jwksUri);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim("member_of"));
assertTrue(userInfoResponse.getClaim("member_of").size() > 1);
}
Also used :
RegisterRequest(io.jans.as.client.RegisterRequest)
AuthorizationRequest(io.jans.as.client.AuthorizationRequest)
JwtAuthorizationRequest(io.jans.as.client.model.authorize.JwtAuthorizationRequest)
ECDSASigner(io.jans.as.model.jws.ECDSASigner)
Jwt(io.jans.as.model.jwt.Jwt)
UserInfoRequest(io.jans.as.client.UserInfoRequest)
UserInfoClient(io.jans.as.client.UserInfoClient)
ResponseType(io.jans.as.model.common.ResponseType)
AuthorizationResponse(io.jans.as.client.AuthorizationResponse)
RegisterResponse(io.jans.as.client.RegisterResponse)
RegisterClient(io.jans.as.client.RegisterClient)
UserInfoResponse(io.jans.as.client.UserInfoResponse)
AuthorizeClient(io.jans.as.client.AuthorizeClient)
ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(io.jans.as.client.BaseTest)
Aggregations
UserInfoRequest (io.jans.as.client.UserInfoRequest)82
Parameters (org.testng.annotations.Parameters)81
Test (org.testng.annotations.Test)81
UserInfoClient (io.jans.as.client.UserInfoClient)72
UserInfoResponse (io.jans.as.client.UserInfoResponse)72
AuthorizationResponse (io.jans.as.client.AuthorizationResponse)71
BaseTest (io.jans.as.client.BaseTest)71
RegisterResponse (io.jans.as.client.RegisterResponse)71
ResponseType (io.jans.as.model.common.ResponseType)71
AuthorizationRequest (io.jans.as.client.AuthorizationRequest)66
JwtAuthorizationRequest (io.jans.as.client.model.authorize.JwtAuthorizationRequest)65
RegisterClient (io.jans.as.client.RegisterClient)62
RegisterRequest (io.jans.as.client.RegisterRequest)62
AuthorizeClient (io.jans.as.client.AuthorizeClient)54
AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)48
Claim (io.jans.as.client.model.authorize.Claim)47
Jwt (io.jans.as.model.jwt.Jwt)42
RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)19
RSASigner (io.jans.as.model.jws.RSASigner)19
Jwe (io.jans.as.model.jwe.Jwe)15
