use of io.jans.as.model.common.ResponseType in project jans by JanssenProject.
the class AuthorizationResponseModeJwtResponseTypeTokenIdTokenSignedHttpTest method authorizationRequestObjectPS256.
@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "clientJwksUri", "PS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void authorizationRequestObjectPS256(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
showTitle("requestParameterMethodPS256");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Dynamic Client Registration
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, sectorIdentifierUri, clientJwksUri, SignatureAlgorithm.PS256, null, null);
String clientId = registerResponse.getClientId();
// 2. Request authorization
AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
request.setResponseMode(ResponseMode.JWT);
request.setState(state);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.PS256, cryptoProvider);
jwtAuthorizationRequest.setKeyId(keyId);
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
request.setRequest(authJwt);
AuthorizationResponse authorizationResponse = authorizationRequest(request, ResponseMode.FRAGMENT_JWT, userId, userSecret);
String accessToken = authorizationResponse.getAccessToken();
// 3. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
userInfoClient.setJwksUri(jwksUri);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertUserInfoBasicResponseOk(userInfoResponse, 200);
assertUserInfoPersonalDataNotNull(userInfoResponse);
}
use of io.jans.as.model.common.ResponseType in project jans by JanssenProject.
the class AuthorizationResponseModeJwtResponseTypeTokenIdTokenSignedHttpTest method authorizationRequestObjectRS256.
@Parameters({ "userId", "userSecret", "redirectUri", "redirectUris", "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void authorizationRequestObjectRS256(final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
showTitle("requestParameterMethodRS256");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Dynamic Client Registration
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, sectorIdentifierUri, clientJwksUri, SignatureAlgorithm.RS256, null, null);
String clientId = registerResponse.getClientId();
// 2. Request authorization
AuthCryptoProvider cryptoProvider = new AuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
request.setResponseMode(ResponseMode.JWT);
request.setState(state);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.RS256, cryptoProvider);
jwtAuthorizationRequest.setKeyId(keyId);
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
request.setRequest(authJwt);
AuthorizationResponse authorizationResponse = authorizationRequest(request, ResponseMode.FRAGMENT_JWT, userId, userSecret);
String accessToken = authorizationResponse.getAccessToken();
// 3. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
userInfoClient.setJwksUri(jwksUri);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertUserInfoBasicResponseOk(userInfoResponse, 200);
assertUserInfoPersonalDataNotNull(userInfoResponse);
}
use of io.jans.as.model.common.ResponseType in project jans by JanssenProject.
the class AuthorizationResponseModeJwtResponseTypeTokenIdTokenSignedHttpTest method testHS384.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void testHS384(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("testHS384");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, sectorIdentifierUri, null, SignatureAlgorithm.HS384, null, null);
String clientId = registerResponse.getClientId();
sharedKey = registerResponse.getClientSecret();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
authorizationRequest(responseTypes, ResponseMode.JWT, ResponseMode.FRAGMENT_JWT, clientId, scopes, redirectUri, nonce, state, userId, userSecret);
}
use of io.jans.as.model.common.ResponseType in project jans by JanssenProject.
the class AuthorizationResponseModeJwtResponseTypeTokenIdTokenSignedHttpTest method testES384.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void testES384(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("testES384");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, sectorIdentifierUri, null, SignatureAlgorithm.ES384, null, null);
String clientId = registerResponse.getClientId();
sharedKey = registerResponse.getClientSecret();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
authorizationRequest(responseTypes, ResponseMode.JWT, ResponseMode.FRAGMENT_JWT, clientId, scopes, redirectUri, nonce, state, userId, userSecret);
}
use of io.jans.as.model.common.ResponseType in project jans by JanssenProject.
the class AuthorizationResponseModeJwtResponseTypeTokenIdTokenSignedHttpTest method testPS256.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void testPS256(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("testPS256");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, sectorIdentifierUri, null, SignatureAlgorithm.PS256, null, null);
String clientId = registerResponse.getClientId();
sharedKey = registerResponse.getClientSecret();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
authorizationRequest(responseTypes, ResponseMode.JWT, ResponseMode.FRAGMENT_JWT, clientId, scopes, redirectUri, nonce, state, userId, userSecret);
}
Aggregations