Examples with ClientAuthenticationProperties no.nav.security.token.support.client.core.ClientAuthenticationProperties used on opensource projects

Search in sources :

Example 1 with ClientAuthenticationProperties

use of no.nav.security.token.support.client.core.ClientAuthenticationProperties in project token-support by navikt.

the class ClientCredentialsTokenClientTest method assertThatClientAuthMethodIsPrivateKeyJwt.

private static void assertThatClientAuthMethodIsPrivateKeyJwt(String body, ClientProperties clientProperties) {
    ClientAuthenticationProperties auth = clientProperties.getAuthentication();
    assertThat(auth.getClientAuthMethod().getValue()).isEqualTo("private_key_jwt");
    assertThat(body).contains("client_id=" + encodeValue(auth.getClientId()));
    assertThat(body).contains("client_assertion_type=" + encodeValue("urn:ietf:params:oauth:client-assertion-type:jwt-bearer"));
    assertThat(body).contains("client_assertion=" + "ey");
}
Also used : ClientAuthenticationProperties(no.nav.security.token.support.client.core.ClientAuthenticationProperties)

Example 2 with ClientAuthenticationProperties

use of no.nav.security.token.support.client.core.ClientAuthenticationProperties in project token-support by navikt.

the class ClientAssertionTest method testCreateAssertion.

@Test
void testCreateAssertion() throws ParseException, JOSEException {
    ClientAuthenticationProperties clientAuth = ClientAuthenticationProperties.builder().clientJwk("src/test/resources/jwk.json").clientId("client1").clientAuthMethod(ClientAuthenticationMethod.PRIVATE_KEY_JWT).build();
    ClientProperties clientProperties = ClientProperties.builder().grantType(OAuth2GrantType.CLIENT_CREDENTIALS).tokenEndpointUrl(URI.create("http://token")).authentication(clientAuth).build();
    Instant now = Instant.now();
    ClientAssertion clientAssertion = new ClientAssertion(clientProperties.getTokenEndpointUrl(), clientProperties.getAuthentication());
    assertThat(clientAssertion).isNotNull();
    assertThat(clientAssertion.assertionType()).isEqualTo("urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
    String assertion = clientAssertion.assertion();
    assertThat(clientAssertion.assertion()).isNotNull();
    SignedJWT signedJWT = SignedJWT.parse(assertion);
    String keyId = clientProperties.getAuthentication().getClientRsaKey().getKeyID();
    assertThat(signedJWT.getHeader().getKeyID()).isEqualTo(keyId);
    assertThat(signedJWT.getHeader().getType()).isEqualTo(JOSEObjectType.JWT);
    assertThat(signedJWT.getHeader().getAlgorithm()).isEqualTo(JWSAlgorithm.RS256);
    JWSVerifier verifier = new RSASSAVerifier(clientAuth.getClientRsaKey());
    assertThat(signedJWT.verify(verifier)).isTrue();
    JWTClaimsSet claims = signedJWT.getJWTClaimsSet();
    assertThat(claims.getSubject()).isEqualTo(clientAuth.getClientId());
    assertThat(claims.getIssuer()).isEqualTo(clientAuth.getClientId());
    assertThat(claims.getAudience()).containsExactly(clientProperties.getTokenEndpointUrl().toString());
    assertThat(claims.getExpirationTime()).isAfter(Date.from(now));
    assertThat(claims.getNotBeforeTime()).isBefore(claims.getExpirationTime());
}
Also used : ClientProperties(no.nav.security.token.support.client.core.ClientProperties) RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) Instant(java.time.Instant) JWSVerifier(com.nimbusds.jose.JWSVerifier) SignedJWT(com.nimbusds.jwt.SignedJWT) ClientAuthenticationProperties(no.nav.security.token.support.client.core.ClientAuthenticationProperties) Test(org.junit.jupiter.api.Test)

Example 3 with ClientAuthenticationProperties

use of no.nav.security.token.support.client.core.ClientAuthenticationProperties in project token-support by navikt.

the class ClientCredentialsTokenClientTest method assertThatClientAuthMethodIsClientSecretPost.

private static void assertThatClientAuthMethodIsClientSecretPost(String body, ClientProperties clientProperties) {
    ClientAuthenticationProperties auth = clientProperties.getAuthentication();
    assertThat(auth.getClientAuthMethod().getValue()).isEqualTo("client_secret_post");
    assertThat(body).contains("client_id=" + encodeValue(auth.getClientId()));
    assertThat(body).contains("client_secret=" + encodeValue(auth.getClientSecret()));
}
Also used : ClientAuthenticationProperties(no.nav.security.token.support.client.core.ClientAuthenticationProperties)

Example 4 with ClientAuthenticationProperties

use of no.nav.security.token.support.client.core.ClientAuthenticationProperties in project token-support by navikt.

the class ClientCredentialsTokenClientTest method assertThatClientAuthMethodIsClientSecretBasic.

private static void assertThatClientAuthMethodIsClientSecretBasic(RecordedRequest recordedRequest, ClientProperties clientProperties) {
    ClientAuthenticationProperties auth = clientProperties.getAuthentication();
    assertThat(auth.getClientAuthMethod().getValue()).isEqualTo("client_secret_basic");
    assertThat(recordedRequest.getHeaders().get("Authorization")).isNotBlank();
    String usernamePwd = decodeBasicAuth(recordedRequest);
    assertThat(usernamePwd).isEqualTo(auth.getClientId() + ":" + auth.getClientSecret());
}
Also used : ClientAuthenticationProperties(no.nav.security.token.support.client.core.ClientAuthenticationProperties)

Aggregations

ClientAuthenticationProperties (no.nav.security.token.support.client.core.ClientAuthenticationProperties)4 JWSVerifier (com.nimbusds.jose.JWSVerifier)1 RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)1 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1 SignedJWT (com.nimbusds.jwt.SignedJWT)1 Instant (java.time.Instant)1 ClientProperties (no.nav.security.token.support.client.core.ClientProperties)1 Test (org.junit.jupiter.api.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial