Example 1 with GetClientTokenResponse
use of io.jans.ca.common.response.GetClientTokenResponse in project jans by JanssenProject.
the class GetAccessTokenByRefreshTokenOperation method execute.
@Override
public IOpResponse execute(GetAccessTokenByRefreshTokenParams params) {
try {
validate(params);
final Rp rp = getRp();
final TokenClient tokenClient = new TokenClient(getDiscoveryService().getConnectDiscoveryResponse(rp).getTokenEndpoint());
tokenClient.setExecutor(getHttpService().getClientEngine());
final TokenResponse tokenResponse = tokenClient.execRefreshToken(scopeAsString(params), params.getRefreshToken(), rp.getClientId(), rp.getClientSecret());
if (tokenResponse != null) {
if (Util.allNotBlank(tokenResponse.getAccessToken())) {
GetClientTokenResponse response = new GetClientTokenResponse();
response.setAccessToken(tokenResponse.getAccessToken());
response.setExpiresIn(tokenResponse.getExpiresIn());
response.setRefreshToken(tokenResponse.getRefreshToken());
response.setScope(Utils.stringToList(tokenResponse.getScope()));
return response;
} else {
LOG.error("access_token is blank in response, params: " + params + ", response: " + tokenResponse);
LOG.error("Please check AS logs for more details (oxauth.log for CE).");
}
} else {
LOG.error("No response from TokenClient");
}
} catch (HttpException e) {
throw e;
} catch (Exception e) {
LOG.error(e.getMessage(), e);
}
throw HttpException.internalError();
}
Also used :
GetClientTokenResponse(io.jans.ca.common.response.GetClientTokenResponse)
TokenResponse(io.jans.as.client.TokenResponse)
HttpException(io.jans.ca.server.HttpException)
GetClientTokenResponse(io.jans.ca.common.response.GetClientTokenResponse)
TokenClient(io.jans.as.client.TokenClient)
Rp(io.jans.ca.server.service.Rp)
HttpException(io.jans.ca.server.HttpException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Example 2 with GetClientTokenResponse
use of io.jans.ca.common.response.GetClientTokenResponse in project jans by JanssenProject.
the class GetClientTokenOperation method execute.
@Override
public IOpResponse execute(GetClientTokenParams params) {
try {
final AuthenticationMethod authenticationMethod = AuthenticationMethod.fromString(params.getAuthenticationMethod());
final String tokenEndpoint = getDiscoveryService().getConnectDiscoveryResponse(params.getOpConfigurationEndpoint(), params.getOpHost(), params.getOpDiscoveryPath()).getTokenEndpoint();
final TokenClient tokenClient = getOpClientFactory().createTokenClient(tokenEndpoint);
tokenClient.setExecutor(getHttpService().getClientEngine());
final TokenResponse tokenResponse;
if (authenticationMethod == AuthenticationMethod.PRIVATE_KEY_JWT) {
LOG.trace("Getting client token with private_key_jwt client authentication ...");
SignatureAlgorithm algorithm = SignatureAlgorithm.fromString(params.getAlgorithm());
if (algorithm == null) {
throw new HttpException(ErrorResponseCode.INVALID_SIGNATURE_ALGORITHM);
}
TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
tokenRequest.setScope(scopeAsString(params));
tokenRequest.setAuthUsername(params.getClientId());
tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
tokenRequest.setAlgorithm(algorithm);
tokenRequest.setCryptoProvider(getCryptoProvider());
tokenRequest.setKeyId(params.getKeyId());
tokenRequest.setAudience(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
tokenResponse = tokenClient.exec();
} else {
tokenResponse = tokenClient.execClientCredentialsGrant(scopeAsString(params), params.getClientId(), params.getClientSecret());
}
if (tokenResponse != null) {
if (Util.allNotBlank(tokenResponse.getAccessToken())) {
GetClientTokenResponse response = new GetClientTokenResponse();
response.setAccessToken(tokenResponse.getAccessToken());
response.setExpiresIn(tokenResponse.getExpiresIn());
response.setRefreshToken(tokenResponse.getRefreshToken());
response.setScope(Utils.stringToList(tokenResponse.getScope()));
return response;
} else {
LOG.error("access_token is blank in response, params: " + params + ", response: " + tokenResponse);
LOG.error("Please check AS logs for more details (oxauth.log for CE).");
}
} else {
LOG.error("No response from TokenClient");
LOG.error("Please check AS logs for more details (oxauth.log for CE).");
}
} catch (HttpException e) {
throw e;
} catch (Exception e) {
LOG.error(e.getMessage(), e);
}
throw HttpException.internalError();
}
Also used :
GetClientTokenResponse(io.jans.ca.common.response.GetClientTokenResponse)
TokenResponse(io.jans.as.client.TokenResponse)
TokenRequest(io.jans.as.client.TokenRequest)
SignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm)
HttpException(io.jans.ca.server.HttpException)
AuthenticationMethod(io.jans.as.model.common.AuthenticationMethod)
GetClientTokenResponse(io.jans.ca.common.response.GetClientTokenResponse)
TokenClient(io.jans.as.client.TokenClient)
HttpException(io.jans.ca.server.HttpException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Example 3 with GetClientTokenResponse
use of io.jans.ca.common.response.GetClientTokenResponse in project jans by JanssenProject.
the class GetClientTokenTest method getClientToken.
@Parameters({ "host", "opHost" })
@Test
public void getClientToken(String host, String opHost) {
final GetClientTokenParams params = new GetClientTokenParams();
params.setOpHost(opHost);
params.setScope(Lists.newArrayList("openid"));
params.setClientId(Tester.getSetupClient().getClientId());
params.setClientSecret(Tester.getSetupClient().getClientSecret());
GetClientTokenResponse resp = Tester.newClient(host).getClientToken(params);
assertNotNull(resp);
notEmpty(resp.getAccessToken());
}
Also used :
GetClientTokenResponse(io.jans.ca.common.response.GetClientTokenResponse)
GetClientTokenParams(io.jans.ca.common.params.GetClientTokenParams)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
Example 4 with GetClientTokenResponse
use of io.jans.ca.common.response.GetClientTokenResponse in project jans by JanssenProject.
the class IntrospectAccessTokenTest method introspectAccessToken.
@Parameters({ "host", "opHost", "redirectUrls" })
@Test
public void introspectAccessToken(String host, String opHost, String redirectUrls) {
ClientInterface client = Tester.newClient(host);
RegisterSiteResponse setupResponse = SetupClientTest.setupClient(client, opHost, redirectUrls);
final GetClientTokenParams params = new GetClientTokenParams();
params.setOpHost(opHost);
params.setScope(Lists.newArrayList("openid", "jans_client_api"));
params.setClientId(setupResponse.getClientId());
params.setClientSecret(setupResponse.getClientSecret());
GetClientTokenResponse tokenResponse = client.getClientToken(params);
assertNotNull(tokenResponse);
notEmpty(tokenResponse.getAccessToken());
IntrospectAccessTokenParams introspectParams = new IntrospectAccessTokenParams();
introspectParams.setRpId(setupResponse.getRpId());
introspectParams.setAccessToken(tokenResponse.getAccessToken());
IntrospectAccessTokenResponse introspectionResponse = client.introspectAccessToken("Bearer " + tokenResponse.getAccessToken(), null, introspectParams);
assertNotNull(introspectionResponse);
assertTrue(introspectionResponse.isActive());
assertNotNull(introspectionResponse.getIssuedAt());
assertNotNull(introspectionResponse.getExpiresAt());
assertTrue(introspectionResponse.getExpiresAt() >= introspectionResponse.getIssuedAt());
}
Also used :
IntrospectAccessTokenParams(io.jans.ca.common.params.IntrospectAccessTokenParams)
IntrospectAccessTokenResponse(io.jans.ca.common.response.IntrospectAccessTokenResponse)
ClientInterface(io.jans.ca.client.ClientInterface)
RegisterSiteResponse(io.jans.ca.common.response.RegisterSiteResponse)
GetClientTokenResponse(io.jans.ca.common.response.GetClientTokenResponse)
GetClientTokenParams(io.jans.ca.common.params.GetClientTokenParams)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
Example 5 with GetClientTokenResponse
use of io.jans.ca.common.response.GetClientTokenResponse in project jans by JanssenProject.
the class Tester method getAuthorization.
public static String getAuthorization() {
Preconditions.checkNotNull(SETUP_CLIENT);
if (Strings.isNullOrEmpty(AUTHORIZATION)) {
final GetClientTokenParams params = new GetClientTokenParams();
params.setOpHost(OP_HOST);
params.setScope(Lists.newArrayList("openid"));
params.setClientId(Tester.getSetupClient().getClientId());
params.setClientSecret(Tester.getSetupClient().getClientSecret());
GetClientTokenResponse resp = Tester.newClient(HOST).getClientToken(params);
assertNotNull(resp);
assertTrue(!Strings.isNullOrEmpty(resp.getAccessToken()));
AUTHORIZATION = "Bearer " + resp.getAccessToken();
}
return AUTHORIZATION;
}
Also used :
GetClientTokenResponse(io.jans.ca.common.response.GetClientTokenResponse)
GetClientTokenParams(io.jans.ca.common.params.GetClientTokenParams)
Aggregations
GetClientTokenResponse (io.jans.ca.common.response.GetClientTokenResponse)9
GetClientTokenParams (io.jans.ca.common.params.GetClientTokenParams)6
Parameters (org.testng.annotations.Parameters)4
Test (org.testng.annotations.Test)4
TokenClient (io.jans.as.client.TokenClient)2
TokenResponse (io.jans.as.client.TokenResponse)2
RegisterSiteResponse (io.jans.ca.common.response.RegisterSiteResponse)2
HttpException (io.jans.ca.server.HttpException)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
TokenRequest (io.jans.as.client.TokenRequest)1
AuthenticationMethod (io.jans.as.model.common.AuthenticationMethod)1
SignatureAlgorithm (io.jans.as.model.crypto.signature.SignatureAlgorithm)1
Jwt (io.jans.as.model.jwt.Jwt)1
ClientInterface (io.jans.ca.client.ClientInterface)1
GetAccessTokenByRefreshTokenParams (io.jans.ca.common.params.GetAccessTokenByRefreshTokenParams)1
IntrospectAccessTokenParams (io.jans.ca.common.params.IntrospectAccessTokenParams)1
RegisterSiteParams (io.jans.ca.common.params.RegisterSiteParams)1
IntrospectAccessTokenResponse (io.jans.ca.common.response.IntrospectAccessTokenResponse)1
Rp (io.jans.ca.server.service.Rp)1
