Examples with JwtClaims - org.apache.cxf.rs.security.jose.jwt.JwtClaims

Example 56 with JwtClaims

use of org.apache.cxf.rs.security.jose.jwt.JwtClaims in project cxf by apache.

the class JAXRSOAuth2TlsTest method doTestTwoWayTLSClientIdBoundJwt.

private void doTestTwoWayTLSClientIdBoundJwt(String clientId) throws Exception {
    String atServiceAddress = "https://localhost:" + PORT + "/oauth2Jwt/token";
    WebClient wc = createOAuth2WebClient(atServiceAddress);
    ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, new Consumer(clientId), new CustomGrant());
    assertNotNull(at.getTokenKey());
    JwsJwtCompactConsumer c = new JwsJwtCompactConsumer(at.getTokenKey());
    JwtClaims claims = JwtUtils.jsonToClaims(c.getDecodedJwsPayload());
    Map<String, Object> cnfs = claims.getMapProperty(JwtConstants.CLAIM_CONFIRMATION);
    assertNotNull(cnfs);
    assertNotNull(cnfs.get(JoseConstants.HEADER_X509_THUMBPRINT_SHA256));
    String protectedRsAddress = "https://localhost:" + PORT + "/rsJwt/bookstore/books/123";
    WebClient wcRs = createRsWebClient(protectedRsAddress, at, "client.xml");
    Book book = wcRs.get(Book.class);
    assertEquals(123L, book.getId());
    String protectedRsAddress2 = "https://localhost:" + PORT + "/rsJwt2/bookstore/books/123";
    WebClient wcRs2 = createRsWebClient(protectedRsAddress2, at, "client.xml");
    book = wcRs2.get(Book.class);
    assertEquals(123L, book.getId());
    String unprotectedRsAddress = "https://localhost:" + PORT + "/rsUnprotected/bookstore/books/123";
    WebClient wcRsDiffClientCert = createRsWebClient(unprotectedRsAddress, at, "client2.xml");
    // Unprotected resource
    book = wcRsDiffClientCert.get(Book.class);
    assertEquals(123L, book.getId());
    // Protected resource, access token was created with Morphit.jks key, RS is accessed with
    // Bethal.jks key, thus 401 is expected
    wcRsDiffClientCert = createRsWebClient(protectedRsAddress, at, "client2.xml");
    assertEquals(401, wcRsDiffClientCert.get().getStatus());
    wcRsDiffClientCert = createRsWebClient(protectedRsAddress2, at, "client2.xml");
    assertEquals(401, wcRsDiffClientCert.get().getStatus());
}

Also used : JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) Consumer(org.apache.cxf.rs.security.oauth2.client.Consumer) JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims) Book(org.apache.cxf.systest.jaxrs.security.Book) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Aggregations

JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)56 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)42 WebClient (org.apache.cxf.jaxrs.client.WebClient)40 URL (java.net.URL)38 Response (javax.ws.rs.core.Response)34 Book (org.apache.cxf.systest.jaxrs.security.Book)34 HashMap (java.util.HashMap)33 JacksonJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider)32 ArrayList (java.util.ArrayList)32 JwtAuthenticationClientFilter (org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)32 ZonedDateTime (java.time.ZonedDateTime)10 JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)7 JwsJwtCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer)7 AuthorizationCodeParameters (org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils.AuthorizationCodeParameters)4 Instant (java.time.Instant)3 ResponseProcessingException (javax.ws.rs.client.ResponseProcessingException)3 Map (java.util.Map)2 Properties (java.util.Properties)2 MultivaluedMap (javax.ws.rs.core.MultivaluedMap)2 JweHeaders (org.apache.cxf.rs.security.jose.jwe.JweHeaders)2