Examples with PostEnvironment net.openid.conformance.condition.PostEnvironment used on opensource projects

Example 26 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly method evaluate.

@Override
@PreEnvironment(required = "server")
@PostEnvironment(required = "server")
public Environment evaluate(Environment env) {
    JsonArray data = new JsonArray();
    data.add("private_key_jwt");
    JsonObject server = env.getObject("server");
    server.add("token_endpoint_auth_methods_supported", data);
    env.putObject("server", server);
    log("Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration", args("server_configuration", server));
    return env;
}

Example 27 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class SetTokenEndpointAuthMethodsSupportedToTlsClientAuthOnly method evaluate.

@Override
@PreEnvironment(required = "server")
@PostEnvironment(required = "server")
public Environment evaluate(Environment env) {
    JsonArray data = new JsonArray();
    data.add("tls_client_auth");
    JsonObject server = env.getObject("server");
    server.add("token_endpoint_auth_methods_supported", data);
    env.putObject("server", server);
    log("Changed token_endpoint_auth_methods_supported to tls_client_auth only in server configuration", args("server_configuration", server));
    return env;
}

Example 28 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class ConvertAuthorizationEndpointRequestToRequestObject method evaluate.

@Override
@PreEnvironment(required = "authorization_endpoint_request")
@PostEnvironment(required = "request_object_claims")
public Environment evaluate(Environment env) {
    JsonObject authorizationEndpointRequest = env.getObject("authorization_endpoint_request");
    JsonObject requestObjectClaims = authorizationEndpointRequest.deepCopy();
    env.putObject("request_object_claims", requestObjectClaims);
    logSuccess("Created request object claims", args("request_object_claims", requestObjectClaims));
    return env;
}

Example 29 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class CheckDiscEndpointIssuer method evaluate.

@Override
@PostEnvironment(required = { "server", "config" })
public Environment evaluate(Environment env) {
    JsonElement issuerElement = env.getElementFromObject("server", "issuer");
    if (issuerElement == null || issuerElement.isJsonObject()) {
        throw error("issuer is missing from discovery endpoint document");
    }
    String discoveryUrl = env.getString("config", "server.discoveryUrl");
    String issuerUrl = OIDFJSON.getString(issuerElement);
    final String removingPartInUrl = ".well-known/openid-configuration";
    if (discoveryUrl.endsWith(removingPartInUrl)) {
        discoveryUrl = discoveryUrl.substring(0, discoveryUrl.length() - removingPartInUrl.length());
    }
    // Remove slash character endpoint url before comparing
    if (!removeSlashEndpointURL(issuerUrl).equals(removeSlashEndpointURL(discoveryUrl))) {
        throw error("issuer listed in the discovery document is not consistent with the location the discovery document was retrieved from. These must match to prevent impersonation attacks.", args("discovery_url", discoveryUrl, "issuer", issuerUrl));
    }
    logSuccess("issuer is consistent with the discovery endpoint");
    return env;
}

Example 30 with PostEnvironment

use of net.openid.conformance.condition.PostEnvironment in project conformance-suite by openid-certification.

the class CheckDiscEndpointPARSupported method evaluate.

@Override
@PostEnvironment(required = { "server", "config" })
public Environment evaluate(Environment env) {
    JsonElement parEndpoint = env.getElementFromObject("server", "pushed_authorization_request_endpoint");
    if (parEndpoint == null || parEndpoint.isJsonObject()) {
        throw error("pushed_authorization_request_endpoint is missing from discovery endpoint document");
    }
    String parEndpointUrl = OIDFJSON.getString(parEndpoint);
    // verify parEndpointUrl is a valid https URL
    verifyValidHttpsUrl(parEndpointUrl);
    logSuccess("pushed_authorization_request_endpoint defines a valid https URL");
    return env;
}