Examples with ClientAccessToken org.apache.cxf.rs.security.oauth2.common.ClientAccessToken used on opensource projects

Search in sources :

Example 36 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuth2FiltersTest method testServiceWithTokenUsingAudience.

@org.junit.Test
public void testServiceWithTokenUsingAudience() throws Exception {
    // Get Authorization Code
    String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
    WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(), "alice", "security", null);
    // Save the Cookie for the second request...
    WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    String code = OAuth2TestUtils.getAuthorizationCode(oauthClient, null, "consumer-id-aud");
    assertNotNull(code);
    // Now get the access token
    oauthClient = WebClient.create(oauthService, "consumer-id-aud", "this-is-a-secret", null);
    String address = "https://localhost:" + PORT + "/secured/bookstore/books";
    ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code, "consumer-id-aud", address);
    assertNotNull(accessToken.getTokenKey());
    // Now invoke on the service with the access token
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders()).authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
    Response response = client.type("application/xml").post(new Book("book", 123L));
    assertEquals(response.getStatus(), 200);
    Book returnedBook = response.readEntity(Book.class);
    assertEquals(returnedBook.getName(), "book");
    assertEquals(returnedBook.getId(), 123L);
}
Also used : Response(javax.ws.rs.core.Response) Book(org.apache.cxf.systest.jaxrs.security.Book) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 37 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuth2FiltersTest method testServiceWithEmptyToken.

@org.junit.Test
public void testServiceWithEmptyToken() throws Exception {
    // Now invoke on the service with the faked access token
    String address = "https://localhost:" + PORT + "/secured/bookstore/books";
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders()).authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, ""));
    Response response = client.post(new Book("book", 123L));
    assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
Also used : Response(javax.ws.rs.core.Response) Book(org.apache.cxf.systest.jaxrs.security.Book) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 38 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuth2FiltersTest method testServiceWithTokenAndMultipleScopes.

@org.junit.Test
public void testServiceWithTokenAndMultipleScopes() throws Exception {
    // Get Authorization Code
    String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
    WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(), "alice", "security", null);
    // Save the Cookie for the second request...
    WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    String code = OAuth2TestUtils.getAuthorizationCode(oauthClient, "read_book create_image create_book");
    assertNotNull(code);
    // Now get the access token
    oauthClient = WebClient.create(oauthService, "consumer-id", "this-is-a-secret", null);
    ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code);
    assertNotNull(accessToken.getTokenKey());
    // Now invoke on the service with the access token
    String address = "https://localhost:" + PORT + "/secured/bookstore/books";
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders()).authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
    Response response = client.type("application/xml").post(new Book("book", 123L));
    assertEquals(response.getStatus(), 200);
    Book returnedBook = response.readEntity(Book.class);
    assertEquals(returnedBook.getName(), "book");
    assertEquals(returnedBook.getId(), 123L);
}
Also used : Response(javax.ws.rs.core.Response) Book(org.apache.cxf.systest.jaxrs.security.Book) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 39 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuth2FiltersTest method testServiceWithTokenUsingIncorrectAudience.

@org.junit.Test
public void testServiceWithTokenUsingIncorrectAudience() throws Exception {
    // Get Authorization Code
    String oauthService = "https://localhost:" + OAUTH_PORT + "/services/";
    WebClient oauthClient = WebClient.create(oauthService, OAuth2TestUtils.setupProviders(), "alice", "security", null);
    // Save the Cookie for the second request...
    WebClient.getConfig(oauthClient).getRequestContext().put(org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
    String code = OAuth2TestUtils.getAuthorizationCode(oauthClient, null, "consumer-id-aud2");
    assertNotNull(code);
    // Now get the access token
    oauthClient = WebClient.create(oauthService, "consumer-id-aud2", "this-is-a-secret", null);
    String address = "https://localhost:" + PORT + "/securedxyz/bookstore/books";
    ClientAccessToken accessToken = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(oauthClient, code, "consumer-id-aud2", address);
    assertNotNull(accessToken.getTokenKey());
    // Now invoke on the service with the access token
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders()).authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, accessToken.getTokenKey()));
    Response response = client.post(new Book("book", 123L));
    assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
Also used : Response(javax.ws.rs.core.Response) Book(org.apache.cxf.systest.jaxrs.security.Book) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 40 with ClientAccessToken

use of org.apache.cxf.rs.security.oauth2.common.ClientAccessToken in project cxf by apache.

the class OAuth2FiltersTest method testServiceWithFakeToken.

@org.junit.Test
public void testServiceWithFakeToken() throws Exception {
    // Now invoke on the service with the faked access token
    String address = "https://localhost:" + PORT + "/secured/bookstore/books";
    WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders()).authorization(new ClientAccessToken(BEARER_AUTHORIZATION_SCHEME, UUID.randomUUID().toString()));
    Response response = client.post(new Book("book", 123L));
    assertEquals(Family.CLIENT_ERROR, response.getStatusInfo().getFamily());
}
Also used : Response(javax.ws.rs.core.Response) Book(org.apache.cxf.systest.jaxrs.security.Book) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Aggregations

ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)134 WebClient (org.apache.cxf.jaxrs.client.WebClient)116 URL (java.net.URL)53 Response (javax.ws.rs.core.Response)51 Form (javax.ws.rs.core.Form)41 Test (org.junit.Test)21 Consumer (org.apache.cxf.rs.security.oauth2.client.Consumer)16 Book (org.apache.cxf.systest.jaxrs.security.Book)12 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)11 TokenIntrospection (org.apache.cxf.rs.security.oauth2.common.TokenIntrospection)11 OAuthServiceException (org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException)8 JsonMapObjectProvider (org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider)7 OAuthJSONProvider (org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider)7 ClientRegistration (org.apache.cxf.rs.security.oauth2.services.ClientRegistration)7 ClientRegistrationResponse (org.apache.cxf.rs.security.oauth2.services.ClientRegistrationResponse)7 ResponseProcessingException (javax.ws.rs.client.ResponseProcessingException)6 JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)6 AuthorizationCodeGrant (org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant)6 HashMap (java.util.HashMap)4 Produces (javax.ws.rs.Produces)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial