Examples with Client org.apache.cxf.rs.security.oauth2.common.Client used on opensource projects

Example 26 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.

the class BalanceServiceTest method testPartnerServiceWithToken.

@org.junit.Test
public void testPartnerServiceWithToken() throws Exception {
    URL busFile = BalanceServiceTest.class.getResource("cxf-client.xml");
    // Create an initial account at the bank
    String address = "https://localhost:" + PORT + "/bankservice/customers/balance";
    WebClient client = WebClient.create(address, "bob", "security", busFile.toString());
    client.type("text/plain").accept("text/plain");
    client.path("/bob");
    client.post(40);
    // Get Authorization Code (as "bob")
    String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
    WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "bob", "security", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    String code = getAuthorizationCode(oauthClient);
    assertNotNull(code);
    // Now get the access token
    oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id", "this-is-a-secret", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code, "http://www.blah.apache.org");
    assertNotNull(accessToken.getTokenKey());
    // Now invoke on the service with the access token
    String partnerAddress = "https://localhost:" + PORT + "/bankservice/partners/balance";
    WebClient partnerClient = WebClient.create(partnerAddress, busFile.toString());
    partnerClient.type("text/plain").accept("text/plain");
    partnerClient.header("Authorization", "Bearer " + accessToken.getTokenKey());
    partnerClient.path("/bob");
    // Now make a service invocation with the access token
    Response serviceResponse = partnerClient.get();
    assertEquals(serviceResponse.getStatus(), 200);
    assertEquals(serviceResponse.readEntity(Integer.class).intValue(), 40);
}

Example 27 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.

the class BalanceServiceTest method testPartnerServiceWithTokenUsingAudience.

@org.junit.Test
public void testPartnerServiceWithTokenUsingAudience() throws Exception {
    URL busFile = BalanceServiceTest.class.getResource("cxf-client.xml");
    // Create an initial account at the bank
    String address = "https://localhost:" + PORT + "/bankservice/customers/balance";
    WebClient client = WebClient.create(address, "bob", "security", busFile.toString());
    client.type("text/plain").accept("text/plain");
    client.path("/bob");
    client.post(40);
    // Get Authorization Code (as "bob")
    String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
    WebClient oauthClient = WebClient.create(oauthService, setupProviders(), "bob", "security", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    String code = getAuthorizationCode(oauthClient, null, "consumer-id-aud");
    assertNotNull(code);
    // Now get the access token
    oauthClient = WebClient.create(oauthService, setupProviders(), "consumer-id-aud", "this-is-a-secret", busFile.toString());
    // Save the Cookie for the second request...
    WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    String partnerAddress = "https://localhost:" + PORT + "/bankservice/partners/balance";
    ClientAccessToken accessToken = getAccessTokenWithAuthorizationCode(oauthClient, code, "consumer-id-aud", partnerAddress, "http://www.blah.apache.org");
    assertNotNull(accessToken.getTokenKey());
    // Now invoke on the service with the access token
    WebClient partnerClient = WebClient.create(partnerAddress, busFile.toString());
    partnerClient.type("text/plain").accept("text/plain");
    partnerClient.header("Authorization", "Bearer " + accessToken.getTokenKey());
    partnerClient.path("/bob");
    // Now make a service invocation with the access token
    Response serviceResponse = partnerClient.get();
    assertEquals(serviceResponse.getStatus(), 200);
    assertEquals(serviceResponse.readEntity(Integer.class).intValue(), 40);
}

Example 28 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.

the class JWTRequestTest method getAuthorizationCode.

private String getAuthorizationCode(WebClient client, String scope, String nonce, String state, String consumerId, String request) {
    // Make initial authorization request
    client.type("application/json").accept("application/json");
    client.query("client_id", consumerId);
    client.query("redirect_uri", "http://www.blah.apache.org");
    client.query("response_type", "code");
    if (scope != null) {
        client.query("scope", scope);
    }
    if (nonce != null) {
        client.query("nonce", nonce);
    }
    if (state != null) {
        client.query("state", state);
    }
    if (request != null) {
        client.query("request", request);
    }
    client.path("authorize/");
    Response response = client.get();
    OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
    // Now call "decision" to get the authorization code grant
    client.path("decision");
    client.type("application/x-www-form-urlencoded");
    Form form = new Form();
    form.param("session_authenticity_token", authzData.getAuthenticityToken());
    form.param("client_id", authzData.getClientId());
    form.param("redirect_uri", authzData.getRedirectUri());
    if (authzData.getNonce() != null) {
        form.param("nonce", authzData.getNonce());
    }
    if (authzData.getProposedScope() != null) {
        form.param("scope", authzData.getProposedScope());
    }
    if (authzData.getState() != null) {
        form.param("state", authzData.getState());
    }
    form.param("oauthDecision", "allow");
    response = client.post(form);
    String location = response.getHeaderString("Location");
    if (state != null) {
        Assert.assertTrue(location.contains("state=" + state));
    }
    return getSubstring(location, "code");
}

Example 29 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.

the class BalanceServiceTest method makeAuthorizationCodeInvocation.

private String makeAuthorizationCodeInvocation(WebClient client) {
    // Make initial authorization request
    client.type("application/json").accept("application/json");
    Response response = client.get();
    OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
    // Now call "decision" to get the authorization code grant
    client.path("decision");
    client.type("application/x-www-form-urlencoded");
    Form form = new Form();
    form.param("session_authenticity_token", authzData.getAuthenticityToken());
    form.param("client_id", authzData.getClientId());
    form.param("redirect_uri", authzData.getRedirectUri());
    if (authzData.getProposedScope() != null) {
        form.param("scope", authzData.getProposedScope());
    }
    form.param("state", authzData.getState());
    form.param("oauthDecision", "allow");
    response = client.post(form);
    return response.getHeaderString("Location");
}

Example 30 with Client

use of org.apache.cxf.rs.security.oauth2.common.Client in project testcases by coheigea.

the class UserInfoTest method getAuthorizationCode.

private String getAuthorizationCode(WebClient client, String scope, String nonce, String state, String consumerId) {
    // Make initial authorization request
    client.type("application/json").accept("application/json");
    client.query("client_id", consumerId);
    client.query("redirect_uri", "http://www.blah.apache.org");
    client.query("response_type", "code");
    if (scope != null) {
        client.query("scope", scope);
    }
    if (nonce != null) {
        client.query("nonce", nonce);
    }
    if (state != null) {
        client.query("state", state);
    }
    client.path("authorize/");
    Response response = client.get();
    OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
    // Now call "decision" to get the authorization code grant
    client.path("decision");
    client.type("application/x-www-form-urlencoded");
    Form form = new Form();
    form.param("session_authenticity_token", authzData.getAuthenticityToken());
    form.param("client_id", authzData.getClientId());
    form.param("redirect_uri", authzData.getRedirectUri());
    if (authzData.getNonce() != null) {
        form.param("nonce", authzData.getNonce());
    }
    if (authzData.getProposedScope() != null) {
        form.param("scope", authzData.getProposedScope());
    }
    if (authzData.getState() != null) {
        form.param("state", authzData.getState());
    }
    form.param("oauthDecision", "allow");
    response = client.post(form);
    String location = response.getHeaderString("Location");
    if (state != null) {
        Assert.assertTrue(location.contains("state=" + state));
    }
    return getSubstring(location, "code");
}