Examples with Builder javax.ws.rs.client.Invocation.Builder used on opensource projects

Example 16 with Builder

use of javax.ws.rs.client.Invocation.Builder in project oxAuth by GluuFederation.

the class UserAuthenticationFilterEmbeddedTest method requestAccessTokenCustomAuthStep2.

@Parameters({ "tokenPath", "validateTokenPath", "redirectUri" })
@Test(dependsOnMethods = { "requestAccessTokenCustomAuthStep1", "dynamicClientRegistration" })
public void requestAccessTokenCustomAuthStep2(final String tokenPath, final String validateTokenPath, final String redirectUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode1);
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenCustomAuthStep2", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code.");
    assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
    assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
        assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
        assertTrue(jsonObj.has("refresh_token"), "Unexpected result: refresh_token not found");
        assertTrue(jsonObj.has("id_token"), "Unexpected result: id_token not found");
        String accessToken = jsonObj.getString("access_token");
        String refreshToken = jsonObj.getString("refresh_token");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    } catch (Exception e) {
        e.printStackTrace();
        fail(e.getMessage());
    }
}

Example 17 with Builder

use of javax.ws.rs.client.Invocation.Builder in project oxAuth by GluuFederation.

the class UserAuthenticationFilterEmbeddedTest method dynamicClientRegistration.

@Parameters({ "registerPath", "redirectUris" })
@Test
public void dynamicClientRegistration(final String registerPath, final String redirectUris) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.TOKEN, ResponseType.ID_TOKEN);
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    String registerRequestContent = registerRequest.getJSONParameters().toString(4);
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("dynamicClientRegistration", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        final RegisterResponse registerResponse = RegisterResponse.valueOf(entity);
        ClientTestUtil.assert_(registerResponse);
        clientId = registerResponse.getClientId();
        clientSecret = registerResponse.getClientSecret();
    } catch (Exception e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 18 with Builder

use of javax.ws.rs.client.Invocation.Builder in project oxAuth by GluuFederation.

the class UserAuthenticationFilterEmbeddedTest method requestAccessTokenCustomAuthStep1.

@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAccessTokenCustomAuthStep1(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
    final String state = UUID.randomUUID().toString();
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath).request();
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
    List<ResponseType> responseTypes = new ArrayList<ResponseType>();
    responseTypes.add(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.addCustomParameter("uid", userId);
    authorizationRequest.addCustomParameter("pwd", userSecret);
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(authorizationRequest.getParameters())));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenCustomAuthStep1", response, entity);
    assertEquals(response.getStatus(), 302, "Unexpected response code.");
    assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
    if (response.getLocation() != null) {
        try {
            URI uri = new URI(response.getLocation().toString());
            assertNotNull(uri.getQuery(), "The query string is null");
            Map<String, String> params = QueryStringDecoder.decode(uri.getQuery());
            assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
            assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
            assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
            assertEquals(params.get(AuthorizeResponseParam.STATE), state);
            authorizationCode1 = params.get(AuthorizeResponseParam.CODE);
        } catch (URISyntaxException e) {
            e.printStackTrace();
            fail("Response URI is not well formed");
        } catch (Exception e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    }
}

Example 19 with Builder

use of javax.ws.rs.client.Invocation.Builder in project oxAuth by GluuFederation.

the class UserAuthenticationFilterEmbeddedTest method requestAccessTokenCustomAuth2Step1.

@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestAccessTokenCustomAuth2Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    String registerRequestContent = registerRequest.getJSONParameters().toString(4);
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenCustomAuth2Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret2 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 20 with Builder

use of javax.ws.rs.client.Invocation.Builder in project oxAuth by GluuFederation.

the class UserInfoRestWebServiceEmbeddedTest method requestUserInfoHS256Step2.

@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "requestUserInfoHS256Step1")
public void requestUserInfoHS256Step2(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
    final String state = UUID.randomUUID().toString();
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
    List<String> scopes = Arrays.asList("openid");
    String nonce = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);
    OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
    JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret1, cryptoProvider);
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
    String authJwt = jwtAuthorizationRequest.getEncodedJwt();
    authorizationRequest.setRequest(authJwt);
    System.out.println("Request JWT: " + authJwt);
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
    request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
    request.header("Accept", MediaType.TEXT_PLAIN);
    Response response = request.get();
    String entity = response.readEntity(String.class);
    showResponse("requestUserInfoHS256Step2", response, entity);
    assertEquals(response.getStatus(), 302, "Unexpected response code.");
    assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
    try {
        URI uri = new URI(response.getLocation().toString());
        assertNotNull(uri.getFragment(), "Query string is null");
        Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
        assertNotNull(params.get(AuthorizeResponseParam.ACCESS_TOKEN), "The accessToken is null");
        assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
        assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
        assertEquals(params.get(AuthorizeResponseParam.STATE), state);
        accessToken5 = params.get(AuthorizeResponseParam.ACCESS_TOKEN);
    } catch (URISyntaxException e) {
        e.printStackTrace();
        fail("Response URI is not well formed");
    }
}