use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.
the class AuthorizationGrantTest method testAuthorizationCodeGrantRefresh.
@org.junit.Test
public void testAuthorizationCodeGrantRefresh() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
String code = getAuthorizationCode(client);
assertNotNull(code);
// Now get the access token
client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
// Refresh the access token
client.type("application/x-www-form-urlencoded").accept("application/json");
Form form = new Form();
form.param("grant_type", "refresh_token");
form.param("refresh_token", accessToken.getRefreshToken());
form.param("client_id", "consumer-id");
Response response = client.post(form);
accessToken = response.readEntity(ClientAccessToken.class);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.
the class AuthorizationGrantTest method getAuthorizationCode.
private String getAuthorizationCode(WebClient client, String scope, String consumerId) {
// Make initial authorization request
client.type("application/json").accept("application/json");
client.query("client_id", consumerId);
client.query("redirect_uri", "http://www.blah.apache.org");
client.query("response_type", "code");
if (scope != null) {
client.query("scope", scope);
}
client.path("authorize/");
Response response = client.get();
OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
// Now call "decision" to get the authorization code grant
client.path("decision");
client.type("application/x-www-form-urlencoded");
Form form = new Form();
form.param("session_authenticity_token", authzData.getAuthenticityToken());
form.param("client_id", authzData.getClientId());
form.param("redirect_uri", authzData.getRedirectUri());
if (authzData.getProposedScope() != null) {
form.param("scope", authzData.getProposedScope());
}
form.param("oauthDecision", "allow");
response = client.post(form);
String location = response.getHeaderString("Location");
return getSubstring(location, "code");
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.
the class AuthorizationGrantTest method testAuthorizationCodeGrantWithScope.
@org.junit.Test
public void testAuthorizationCodeGrantWithScope() throws Exception {
URL busFile = AuthorizationGrantTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
String code = getAuthorizationCode(client, "read_balance");
assertNotNull(code);
// Now get the access token
client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertTrue(accessToken.getApprovedScope().contains("read_balance"));
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.
the class SAMLAuthorizationGrantTest method testSAMLAuthorizationGrant.
@org.junit.Test
public void testSAMLAuthorizationGrant() throws Exception {
URL busFile = SAMLAuthorizationGrantTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
// Create the SAML Assertion
String assertion = createToken(address + "token", true, true);
// Get Access Token
client.type("application/x-www-form-urlencoded").accept("application/json");
client.path("token");
Form form = new Form();
form.param("grant_type", "urn:ietf:params:oauth:grant-type:saml2-bearer");
form.param("assertion", Base64UrlUtility.encode(assertion));
form.param("client_id", "consumer-id");
Response response = client.post(form);
ClientAccessToken accessToken = response.readEntity(ClientAccessToken.class);
assertNotNull(accessToken.getTokenKey());
assertNotNull(accessToken.getRefreshToken());
}
use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.
the class AuthorizationCodeFlowTest method testAuthorizationCodeFlow.
@org.junit.Test
public void testAuthorizationCodeFlow() throws Exception {
URL busFile = AuthorizationCodeFlowTest.class.getResource("cxf-client.xml");
String address = "https://localhost:" + PORT + "/services/";
WebClient client = WebClient.create(address, setupProviders(), "alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
// Get Authorization Code
String code = getAuthorizationCode(client, "openid");
assertNotNull(code);
// Now get the access token
client = WebClient.create(address, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(client, code);
assertNotNull(accessToken.getTokenKey());
assertTrue(accessToken.getApprovedScope().contains("openid"));
String idToken = accessToken.getParameters().get("id_token");
assertNotNull(idToken);
validateIdToken(idToken, null);
}
Aggregations