Examples with JwtState io.jans.as.client.model.JwtState used on opensource projects

Search in sources :

Example 31 with JwtState

use of io.jans.as.client.model.JwtState in project jans by JanssenProject.

the class EncodeClaimsInStateParameter method jwtStateES512Test.

@Parameters({ "keyStoreFile", "keyStoreSecret", "dnName", "ES512_keyId" })
@Test
public void jwtStateES512Test(final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId) throws Exception {
    showTitle("jwtStateES512Test");
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    String rfp = UUID.randomUUID().toString();
    String jti = UUID.randomUUID().toString();
    JwtState jwtState = new JwtState(SignatureAlgorithm.ES512, cryptoProvider);
    jwtState.setKeyId(keyId);
    jwtState.setRfp(rfp);
    jwtState.setJti(jti);
    jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
    String encodedState = jwtState.getEncodedJwt();
    assertNotNull(encodedState);
    System.out.println("Signed JWS State: " + encodedState);
    Jwt jwt = Jwt.parse(encodedState);
    boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId, null, null, SignatureAlgorithm.ES512);
    assertTrue(validJwt);
}
Also used : JSONObject(org.json.JSONObject) Jwt(io.jans.as.model.jwt.Jwt) JwtState(io.jans.as.client.model.JwtState) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 32 with JwtState

use of io.jans.as.client.model.JwtState in project jans by JanssenProject.

the class EncodeClaimsInStateParameter method encodeClaimsInStateParameterES256.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "keyStoreFile", "keyStoreSecret", "dnName", "ES256_keyId" })
@Test
public void encodeClaimsInStateParameterES256(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri, final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId) throws Exception {
    showTitle("encodeClaimsInStateParameterES256");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    // 2. Request authorization
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String rfp = UUID.randomUUID().toString();
    String jti = UUID.randomUUID().toString();
    JwtState jwtState = new JwtState(SignatureAlgorithm.ES256, cryptoProvider);
    jwtState.setKeyId(keyId);
    jwtState.setRfp(rfp);
    jwtState.setJti(jti);
    jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
    String encodedState = jwtState.getEncodedJwt();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(encodedState);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, responseTypes, true);
    String state = authorizationResponse.getState();
    // 3. Validate state
    Jwt jwt = Jwt.parse(state);
    boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId, null, null, SignatureAlgorithm.ES256);
    assertTrue(validJwt);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) Jwt(io.jans.as.model.jwt.Jwt) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Asserter.assertAuthorizationResponse(io.jans.as.client.client.Asserter.assertAuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) JSONObject(org.json.JSONObject) RegisterClient(io.jans.as.client.RegisterClient) JwtState(io.jans.as.client.model.JwtState) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 33 with JwtState

use of io.jans.as.client.model.JwtState in project jans by JanssenProject.

the class EncodeClaimsInStateParameter method jwtStateAlgRSAOAEPEncA256GCMTest.

@Parameters({ "keyStoreFile", "keyStoreSecret", "dnName", "RS256_keyId", "clientJwksUri" })
@Test
public void jwtStateAlgRSAOAEPEncA256GCMTest(final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId, final String clientJwksUri) throws Exception {
    showTitle("jwtStateAlgRSAOAEPEncA256GCMTest");
    JSONObject jwks = JwtUtil.getJSONWebKeys(clientJwksUri);
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    String rfp = UUID.randomUUID().toString();
    String jti = UUID.randomUUID().toString();
    JwtState jwtState = new JwtState(KeyEncryptionAlgorithm.RSA_OAEP, BlockEncryptionAlgorithm.A256GCM, cryptoProvider);
    jwtState.setKeyId(keyId);
    jwtState.setRfp(rfp);
    jwtState.setJti(jti);
    jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
    String encodedState = jwtState.getEncodedJwt(jwks);
    assertNotNull(encodedState);
    System.out.println("Encrypted JWE State: " + encodedState);
    PrivateKey privateKey = cryptoProvider.getPrivateKey(keyId);
    Jwe jwe = Jwe.parse(encodedState, privateKey, null);
    assertNotNull(jwe.getClaims().getClaimAsString(KID));
    assertNotNull(jwe.getClaims().getClaimAsString(RFP));
    assertNotNull(jwe.getClaims().getClaimAsString(JTI));
    assertNotNull(jwe.getClaims().getClaimAsJSON(ADDITIONAL_CLAIMS));
    JSONObject addClaims = jwe.getClaims().getClaimAsJSON(ADDITIONAL_CLAIMS);
    assertEquals(addClaims.getString("first_name"), "Javier");
    assertEquals(addClaims.getString("last_name"), "Rojas");
    assertEquals(addClaims.getInt("age"), 34);
    assertNotNull(addClaims.getJSONArray("more"));
    assertEquals(addClaims.getJSONArray("more").length(), 2);
}
Also used : PrivateKey(java.security.PrivateKey) JSONObject(org.json.JSONObject) Jwe(io.jans.as.model.jwe.Jwe) JwtState(io.jans.as.client.model.JwtState) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 34 with JwtState

use of io.jans.as.client.model.JwtState in project jans by JanssenProject.

the class EncodeClaimsInStateParameter method encodeClaimsInStateParameterPS512.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "keyStoreFile", "keyStoreSecret", "dnName", "PS512_keyId" })
@Test
public void encodeClaimsInStateParameterPS512(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri, final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId) throws Exception {
    showTitle("encodeClaimsInStateParameterPS512");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    // 2. Request authorization
    AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String rfp = UUID.randomUUID().toString();
    String jti = UUID.randomUUID().toString();
    JwtState jwtState = new JwtState(SignatureAlgorithm.PS512, cryptoProvider);
    jwtState.setKeyId(keyId);
    jwtState.setRfp(rfp);
    jwtState.setJti(jti);
    jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
    String encodedState = jwtState.getEncodedJwt();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(encodedState);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, responseTypes, true);
    String state = authorizationResponse.getState();
    // 3. Validate state
    Jwt jwt = Jwt.parse(state);
    boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId, null, null, SignatureAlgorithm.PS512);
    assertTrue(validJwt);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) Jwt(io.jans.as.model.jwt.Jwt) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Asserter.assertAuthorizationResponse(io.jans.as.client.client.Asserter.assertAuthorizationResponse) RegisterResponse(io.jans.as.client.RegisterResponse) JSONObject(org.json.JSONObject) RegisterClient(io.jans.as.client.RegisterClient) JwtState(io.jans.as.client.model.JwtState) AuthCryptoProvider(io.jans.as.model.crypto.AuthCryptoProvider) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Example 35 with JwtState

use of io.jans.as.client.model.JwtState in project jans by JanssenProject.

the class EncodeClaimsInStateParameter method encodeClaimsInStateParameterAlgA128KWEncA128GCM.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void encodeClaimsInStateParameterAlgA128KWEncA128GCM(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("encodeClaimsInStateParameterAlgA128KWEncA128GCM");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertRegisterResponseOk(registerResponse, 201, true);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Request authorization
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String rfp = UUID.randomUUID().toString();
    String jti = UUID.randomUUID().toString();
    JwtState jwtState = new JwtState(KeyEncryptionAlgorithm.A128KW, BlockEncryptionAlgorithm.A128GCM, clientSecret);
    jwtState.setRfp(rfp);
    jwtState.setJti(jti);
    jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
    String encodedState = jwtState.getEncodedJwt();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(encodedState);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertAuthorizationResponse(authorizationResponse, responseTypes, true);
    String state = authorizationResponse.getState();
    // 3. Decrypt state
    Jwe jwe = Jwe.parse(state, null, clientSecret.getBytes());
    assertNotNull(jwe.getClaims().getClaimAsString(RFP));
    assertNotNull(jwe.getClaims().getClaimAsString(JTI));
    assertNotNull(jwe.getClaims().getClaimAsJSON(ADDITIONAL_CLAIMS));
    JSONObject addClaims = jwe.getClaims().getClaimAsJSON(ADDITIONAL_CLAIMS);
    assertEquals(addClaims.getString("first_name"), "Javier");
    assertEquals(addClaims.getString("last_name"), "Rojas");
    assertEquals(addClaims.getInt("age"), 34);
    assertNotNull(addClaims.getJSONArray("more"));
    assertEquals(addClaims.getJSONArray("more").length(), 2);
}
Also used : RegisterRequest(io.jans.as.client.RegisterRequest) RegisterResponse(io.jans.as.client.RegisterResponse) AuthorizationRequest(io.jans.as.client.AuthorizationRequest) JSONObject(org.json.JSONObject) RegisterClient(io.jans.as.client.RegisterClient) Jwe(io.jans.as.model.jwe.Jwe) JwtState(io.jans.as.client.model.JwtState) ResponseType(io.jans.as.model.common.ResponseType) AuthorizationResponse(io.jans.as.client.AuthorizationResponse) Asserter.assertAuthorizationResponse(io.jans.as.client.client.Asserter.assertAuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(io.jans.as.client.BaseTest)

Aggregations

BaseTest (io.jans.as.client.BaseTest)35 JwtState (io.jans.as.client.model.JwtState)35 JSONObject (org.json.JSONObject)35 Test (org.testng.annotations.Test)35 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)30 Parameters (org.testng.annotations.Parameters)29 Jwt (io.jans.as.model.jwt.Jwt)25 AuthorizationRequest (io.jans.as.client.AuthorizationRequest)17 AuthorizationResponse (io.jans.as.client.AuthorizationResponse)17 RegisterClient (io.jans.as.client.RegisterClient)17 RegisterRequest (io.jans.as.client.RegisterRequest)17 RegisterResponse (io.jans.as.client.RegisterResponse)17 Asserter.assertAuthorizationResponse (io.jans.as.client.client.Asserter.assertAuthorizationResponse)17 ResponseType (io.jans.as.model.common.ResponseType)17 Jwe (io.jans.as.model.jwe.Jwe)10 PrivateKey (java.security.PrivateKey)6 AbstractCryptoProvider (io.jans.as.model.crypto.AbstractCryptoProvider)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial