Search in sources :

Example 1 with GetAuthorizationUrlResponse

use of io.jans.ca.common.response.GetAuthorizationUrlResponse in project jans by JanssenProject.

the class GetAuthorizationUrlOperation method execute.

@Override
public IOpResponse execute(GetAuthorizationUrlParams params) throws Exception {
    final Rp rp = getRp();
    String authorizationEndpoint = getDiscoveryService().getConnectDiscoveryResponse(rp).getAuthorizationEndpoint();
    List<String> scope = Lists.newArrayList();
    if (params.getScope() != null && !params.getScope().isEmpty()) {
        scope.addAll(params.getScope());
    } else if (rp.getScope() != null) {
        scope.addAll(rp.getScope());
    }
    if (StringUtils.isNotBlank(params.getRedirectUri()) && !Utils.isValidUrl(params.getRedirectUri())) {
        throw new HttpException(ErrorResponseCode.INVALID_REDIRECT_URI);
    }
    if (StringUtils.isNotBlank(params.getRedirectUri()) && !rp.getRedirectUris().contains(params.getRedirectUri())) {
        throw new HttpException(ErrorResponseCode.REDIRECT_URI_IS_NOT_REGISTERED);
    }
    List<String> responseTypes = Lists.newArrayList();
    if (params.getResponseTypes() != null && !params.getResponseTypes().isEmpty() && rp.getResponseTypes().containsAll(params.getResponseTypes())) {
        responseTypes.addAll(params.getResponseTypes());
    } else {
        responseTypes.addAll(rp.getResponseTypes());
    }
    String state = StringUtils.isNotBlank(params.getState()) ? getStateService().putState(getStateService().encodeExpiredObject(params.getState(), ExpiredObjectType.STATE)) : getStateService().generateState();
    String nonce = StringUtils.isNotBlank(params.getNonce()) ? getStateService().putNonce(getStateService().encodeExpiredObject(params.getNonce(), ExpiredObjectType.NONCE)) : getStateService().generateNonce();
    String clientId = getConfigurationService().getConfiguration().getEncodeClientIdInAuthorizationUrl() ? Utils.encode(rp.getClientId()) : rp.getClientId();
    String redirectUri = StringUtils.isNotBlank(params.getRedirectUri()) ? params.getRedirectUri() : rp.getRedirectUri();
    authorizationEndpoint += "?response_type=" + Utils.joinAndUrlEncode(responseTypes);
    authorizationEndpoint += "&client_id=" + clientId;
    authorizationEndpoint += "&redirect_uri=" + redirectUri;
    authorizationEndpoint += "&scope=" + Utils.joinAndUrlEncode(scope);
    authorizationEndpoint += "&state=" + state;
    authorizationEndpoint += "&nonce=" + nonce;
    String acrValues = Utils.joinAndUrlEncode(acrValues(rp, params)).trim();
    if (!Strings.isNullOrEmpty(acrValues)) {
        authorizationEndpoint += "&acr_values=" + acrValues;
    }
    if (!Strings.isNullOrEmpty(params.getPrompt())) {
        authorizationEndpoint += "&prompt=" + params.getPrompt();
    }
    if (!Strings.isNullOrEmpty(params.getHostedDomain())) {
        authorizationEndpoint += "&hd=" + params.getHostedDomain();
    }
    if (params.getCustomParameters() != null && !params.getCustomParameters().isEmpty()) {
        authorizationEndpoint += "&" + AuthorizeRequestParam.CUSTOM_RESPONSE_HEADERS + "=" + Utils.encode(Util.mapAsString(params.getCustomParameters()));
    }
    if (params.getParams() != null && !params.getParams().isEmpty()) {
        authorizationEndpoint += "&" + Utils.mapAsStringWithEncodedValues(params.getParams());
    }
    return new GetAuthorizationUrlResponse(authorizationEndpoint);
}
Also used : GetAuthorizationUrlResponse(io.jans.ca.common.response.GetAuthorizationUrlResponse) HttpException(io.jans.ca.server.HttpException) Rp(io.jans.ca.server.service.Rp)

Example 2 with GetAuthorizationUrlResponse

use of io.jans.ca.common.response.GetAuthorizationUrlResponse in project jans by JanssenProject.

the class GoogleTest method getAuthorizationUrl.

private static String getAuthorizationUrl(ClientInterface client, RegisterSiteResponse site) {
    final GetAuthorizationUrlParams params = new GetAuthorizationUrlParams();
    params.setRpId(site.getRpId());
    final GetAuthorizationUrlResponse resp = client.getAuthorizationUrl(Tester.getAuthorization(site), null, params);
    assertNotNull(resp);
    notEmpty(resp.getAuthorizationUrl());
    System.out.println("Authorization url: " + resp.getAuthorizationUrl());
    return resp.getAuthorizationUrl();
}
Also used : GetAuthorizationUrlResponse(io.jans.ca.common.response.GetAuthorizationUrlResponse) GetAuthorizationUrlParams(io.jans.ca.common.params.GetAuthorizationUrlParams)

Example 3 with GetAuthorizationUrlResponse

use of io.jans.ca.common.response.GetAuthorizationUrlResponse in project jans by JanssenProject.

the class GetRequestUriTest method test.

@Parameters({ "host", "redirectUrls", "opHost" })
@Test
public void test(String host, String redirectUrls, String opHost) {
    ClientInterface client = Tester.newClient(host);
    // client registration
    final RegisterSiteResponse site = RegisterSiteTest.registerSite(client, opHost, redirectUrls);
    // jwks generation
    JsonNode jwks = client.getRpJwks();
    // update jwks in OP
    UpdateSiteParams updateSiteParams = new UpdateSiteParams();
    updateSiteParams.setRpId(site.getRpId());
    updateSiteParams.setJwks(jwks.asText());
    updateSiteParams.setRequestObjectSigningAlg("RS256");
    client.updateSite(Tester.getAuthorization(site), null, updateSiteParams);
    // Request uri
    GetRequestObjectUriParams getRequestUriParams = new GetRequestObjectUriParams();
    getRequestUriParams.setRpId(site.getRpId());
    getRequestUriParams.setRpHostUrl("http://localhost" + ":" + SetUpTest.SUPPORT.getLocalPort());
    GetRequestObjectUriResponse getRequestUriResponse = client.getRequestObjectUri(Tester.getAuthorization(site), null, getRequestUriParams);
    assertNotNull(getRequestUriResponse.getRequestUri());
    // Get Request object
    String requestObjectId = getRequestUriResponse.getRequestUri().substring(getRequestUriResponse.getRequestUri().lastIndexOf('/') + 1);
    String requestObject = client.getRequestObject(requestObjectId);
    assertNotNull(requestObject);
    Map<String, String> paramsMap = new HashMap<>();
    paramsMap.put("request", requestObject);
    final GetAuthorizationUrlParams commandParams = new GetAuthorizationUrlParams();
    commandParams.setRpId(site.getRpId());
    commandParams.setParams(paramsMap);
    final GetAuthorizationUrlResponse resp = client.getAuthorizationUrl(Tester.getAuthorization(site), null, commandParams);
    assertNotNull(resp);
    TestUtils.notEmpty(resp.getAuthorizationUrl());
}
Also used : GetAuthorizationUrlResponse(io.jans.ca.common.response.GetAuthorizationUrlResponse) HashMap(java.util.HashMap) JsonNode(com.fasterxml.jackson.databind.JsonNode) ClientInterface(io.jans.ca.client.ClientInterface) UpdateSiteParams(io.jans.ca.common.params.UpdateSiteParams) RegisterSiteResponse(io.jans.ca.common.response.RegisterSiteResponse) GetRequestObjectUriResponse(io.jans.ca.common.response.GetRequestObjectUriResponse) GetRequestObjectUriParams(io.jans.ca.common.params.GetRequestObjectUriParams) GetAuthorizationUrlParams(io.jans.ca.common.params.GetAuthorizationUrlParams) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test)

Example 4 with GetAuthorizationUrlResponse

use of io.jans.ca.common.response.GetAuthorizationUrlResponse in project jans by JanssenProject.

the class GetAuthorizationUrlTest method testWithCustomStateParameter.

@Parameters({ "host", "opHost", "redirectUrls", "postLogoutRedirectUrl", "logoutUrl", "paramRedirectUrl", "state" })
@Test
public void testWithCustomStateParameter(String host, String opHost, String redirectUrls, String postLogoutRedirectUrl, String logoutUrl, String paramRedirectUrl, String state) throws IOException {
    ClientInterface client = Tester.newClient(host);
    final RegisterSiteResponse site = RegisterSiteTest.registerSite(client, opHost, redirectUrls, postLogoutRedirectUrl, logoutUrl, false);
    final GetAuthorizationUrlParams commandParams = new GetAuthorizationUrlParams();
    commandParams.setRpId(site.getRpId());
    commandParams.setRedirectUri(paramRedirectUrl);
    commandParams.setState(state);
    final GetAuthorizationUrlResponse resp = client.getAuthorizationUrl(Tester.getAuthorization(site), null, commandParams);
    assertNotNull(resp);
    notEmpty(resp.getAuthorizationUrl());
    assertTrue(resp.getAuthorizationUrl().contains(paramRedirectUrl));
    Map<String, String> parameters = CoreUtils.splitQuery(resp.getAuthorizationUrl());
    assertTrue(StringUtils.isNotBlank(parameters.get("state")));
    assertEquals(parameters.get("state"), state);
}
Also used : GetAuthorizationUrlResponse(io.jans.ca.common.response.GetAuthorizationUrlResponse) ClientInterface(io.jans.ca.client.ClientInterface) RegisterSiteResponse(io.jans.ca.common.response.RegisterSiteResponse) GetAuthorizationUrlParams(io.jans.ca.common.params.GetAuthorizationUrlParams) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test)

Example 5 with GetAuthorizationUrlResponse

use of io.jans.ca.common.response.GetAuthorizationUrlResponse in project jans by JanssenProject.

the class GetAuthorizationUrlTest method testWithParameterAuthorizationUrl.

@Parameters({ "host", "opHost", "redirectUrls", "postLogoutRedirectUrl", "logoutUrl", "paramRedirectUrl" })
@Test
public void testWithParameterAuthorizationUrl(String host, String opHost, String redirectUrls, String postLogoutRedirectUrl, String logoutUrl, String paramRedirectUrl) {
    ClientInterface client = Tester.newClient(host);
    final RegisterSiteResponse site = RegisterSiteTest.registerSite(client, opHost, redirectUrls, postLogoutRedirectUrl, logoutUrl, false);
    final GetAuthorizationUrlParams commandParams = new GetAuthorizationUrlParams();
    commandParams.setRpId(site.getRpId());
    commandParams.setRedirectUri(paramRedirectUrl);
    final GetAuthorizationUrlResponse resp = client.getAuthorizationUrl(Tester.getAuthorization(site), null, commandParams);
    assertNotNull(resp);
    notEmpty(resp.getAuthorizationUrl());
    assertTrue(resp.getAuthorizationUrl().contains(paramRedirectUrl));
}
Also used : GetAuthorizationUrlResponse(io.jans.ca.common.response.GetAuthorizationUrlResponse) ClientInterface(io.jans.ca.client.ClientInterface) RegisterSiteResponse(io.jans.ca.common.response.RegisterSiteResponse) GetAuthorizationUrlParams(io.jans.ca.common.params.GetAuthorizationUrlParams) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test)

Aggregations

GetAuthorizationUrlResponse (io.jans.ca.common.response.GetAuthorizationUrlResponse)10 GetAuthorizationUrlParams (io.jans.ca.common.params.GetAuthorizationUrlParams)9 ClientInterface (io.jans.ca.client.ClientInterface)8 RegisterSiteResponse (io.jans.ca.common.response.RegisterSiteResponse)8 Parameters (org.testng.annotations.Parameters)8 Test (org.testng.annotations.Test)8 HashMap (java.util.HashMap)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 GetRequestObjectUriParams (io.jans.ca.common.params.GetRequestObjectUriParams)1 UpdateSiteParams (io.jans.ca.common.params.UpdateSiteParams)1 GetRequestObjectUriResponse (io.jans.ca.common.response.GetRequestObjectUriResponse)1 HttpException (io.jans.ca.server.HttpException)1 RegisterSiteTest (io.jans.ca.server.RegisterSiteTest)1 Rp (io.jans.ca.server.service.Rp)1