Examples with PageConfig io.jans.as.client.page.PageConfig used on opensource projects

Example 1 with PageConfig

use of io.jans.as.client.page.PageConfig in project jans by JanssenProject.

the class BaseTest method newPageConfig.

protected PageConfig newPageConfig(WebDriver driver) {
    PageConfig config = new PageConfig(driver);
    config.getTestKeys().putAll(allTestKeys);
    return config;
}

Example 2 with PageConfig

use of io.jans.as.client.page.PageConfig in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method deviceAuthzFlowAccessDenied.

/**
 * Device authorization with access denied.
 */
@Parameters({ "userId", "userSecret" })
@Test
public void deviceAuthzFlowAccessDenied(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlowAccessDenied");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    AuthorizationResponse authorizationResponse = processDeviceAuthzDenyAccess(userId, userSecret, response.getUserCode(), currentDriver, false, pageConfig);
    validateErrorResponse(authorizationResponse, AuthorizeErrorResponseType.ACCESS_DENIED);
    // 4. Token request
    TokenResponse tokenResponse = processTokens(clientId, clientSecret, response.getDeviceCode());
    assertNotNull(tokenResponse.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse.getErrorType(), TokenErrorResponseType.ACCESS_DENIED, "Unexpected error");
}

Example 3 with PageConfig

use of io.jans.as.client.page.PageConfig in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method preventBruteForcing.

/**
 * Validate server denies brute forcing
 */
@Test
public void preventBruteForcing() throws Exception {
    showTitle("deviceAuthzFlow");
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    List<WebElement> list = currentDriver.findElements(By.xpath("//*[contains(text(),'Too many failed attemps')]"));
    byte limit = 10;
    while (list.size() == 0 && limit > 0) {
        processDeviceAuthzPutUserCodeAndPressContinue("ABCD-ABCD", currentDriver, false, pageConfig);
        Thread.sleep(500);
        list = currentDriver.findElements(By.xpath("//*[contains(text(),'Too many failed attemps')]"));
        limit--;
    }
    stopWebDriver(false, currentDriver);
    assertTrue(list.size() > 0 && limit > 0, "Brute forcing prevention not working correctly.");
}

Example 4 with PageConfig

use of io.jans.as.client.page.PageConfig in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method deviceAuthzFlowWithCompleteVerificationUri.

/**
 * Process a complete device authorization flow using verification_uri_complete
 */
@Parameters({ "userId", "userSecret" })
@Test
public void deviceAuthzFlowWithCompleteVerificationUri(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlow");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    processDeviceAuthzPutUserCodeAndPressContinue(response.getUserCode(), currentDriver, true, pageConfig);
    AuthorizationResponse authorizationResponse = processAuthorization(userId, userSecret, currentDriver);
    stopWebDriver(false, currentDriver);
    assertSuccessAuthzResponse(authorizationResponse);
    // 4. Token request
    TokenResponse tokenResponse1 = processTokens(clientId, clientSecret, response.getDeviceCode());
    validateTokenSuccessfulResponse(tokenResponse1);
    String refreshToken = tokenResponse1.getRefreshToken();
    String idToken = tokenResponse1.getIdToken();
    // 5. Validate id_token
    verifyIdToken(idToken);
    // 6. Request new access token using the refresh token.
    TokenResponse tokenResponse2 = processNewTokenWithRefreshToken(StringUtils.implode(scopes, " "), refreshToken, clientId, clientSecret);
    validateTokenSuccessfulResponse(tokenResponse2);
    String accessToken = tokenResponse2.getAccessToken();
    // 7. Request user info
    processUserInfo(accessToken);
}

Example 5 with PageConfig

use of io.jans.as.client.page.PageConfig in project jans by JanssenProject.

the class DeviceAuthzFlowHttpTest method attemptDifferentFailedValuesToTokenEndpoint.

/**
 * Attempts to get token with a wrong device_code, after that it attempts to get token twice,
 * second one should be rejected.
 */
@Parameters({ "userId", "userSecret" })
@Test
public void attemptDifferentFailedValuesToTokenEndpoint(final String userId, final String userSecret) throws Exception {
    showTitle("deviceAuthzFlow");
    // 1. Init device authz request from WS
    RegisterResponse registerResponse = DeviceAuthzRequestRegistrationTest.registerClientForDeviceAuthz(AuthenticationMethod.CLIENT_SECRET_BASIC, Collections.singletonList(GrantType.DEVICE_CODE), null, null, registrationEndpoint);
    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();
    // 2. Device request registration
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    DeviceAuthzRequest deviceAuthzRequest = new DeviceAuthzRequest(clientId, scopes);
    deviceAuthzRequest.setAuthUsername(clientId);
    deviceAuthzRequest.setAuthPassword(clientSecret);
    DeviceAuthzClient deviceAuthzClient = new DeviceAuthzClient(deviceAuthzEndpoint);
    deviceAuthzClient.setRequest(deviceAuthzRequest);
    DeviceAuthzResponse response = deviceAuthzClient.exec();
    showClient(deviceAuthzClient);
    DeviceAuthzRequestRegistrationTest.validateSuccessfulResponse(response);
    // 3. Load device authz page, process user_code and authorization
    WebDriver currentDriver = initWebDriver(false, true);
    final PageConfig pageConfig = newPageConfig(currentDriver);
    processDeviceAuthzPutUserCodeAndPressContinue(response.getUserCode(), currentDriver, false, pageConfig);
    AuthorizationResponse authorizationResponse = processAuthorization(userId, userSecret, currentDriver);
    stopWebDriver(false, currentDriver);
    assertSuccessAuthzResponse(authorizationResponse);
    // 4. Token request with a wrong device code
    String wrongDeviceCode = "WRONG" + response.getDeviceCode();
    TokenResponse tokenResponse1 = processTokens(clientId, clientSecret, wrongDeviceCode);
    assertNotNull(tokenResponse1.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse1.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse1.getErrorType(), TokenErrorResponseType.EXPIRED_TOKEN, "Unexpected error");
    // 5. Token request with a right device code value
    tokenResponse1 = processTokens(clientId, clientSecret, response.getDeviceCode());
    validateTokenSuccessfulResponse(tokenResponse1);
    // 6. Try to get token again, however this should be rejected by the server
    tokenResponse1 = processTokens(clientId, clientSecret, response.getDeviceCode());
    assertNotNull(tokenResponse1.getErrorType(), "Error expected, however no error was found");
    assertNotNull(tokenResponse1.getErrorDescription(), "Error description expected, however no error was found");
    assertEquals(tokenResponse1.getErrorType(), TokenErrorResponseType.EXPIRED_TOKEN, "Unexpected error");
}