Examples with ClientRegistration org.apache.cxf.rs.security.oauth2.services.ClientRegistration used on opensource projects

Search in sources :

Example 6 with ClientRegistration

use of org.apache.cxf.rs.security.oauth2.services.ClientRegistration in project cxf by apache.

the class OIDCDynamicRegistrationTest method testRegisterClientInitialAccessTokenCodeGrant.

@org.junit.Test
public void testRegisterClientInitialAccessTokenCodeGrant() throws Exception {
    URL busFile = OIDCDynamicRegistrationTest.class.getResource("client.xml");
    String address = "https://localhost:" + PORT + "/services/dynamicWithAt/register";
    WebClient wc = WebClient.create(address, Collections.singletonList(new JsonMapObjectProvider()), busFile.toString());
    wc.accept("application/json").type("application/json");
    ClientRegistration reg = newClientRegistrationCodeGrant();
    ClientRegistrationResponse resp = null;
    assertEquals(401, wc.post(reg).getStatus());
    wc.authorization(new ClientAccessToken("Bearer", "123456789"));
    resp = wc.post(reg, ClientRegistrationResponse.class);
    assertNotNull(resp.getClientId());
    assertNotNull(resp.getClientSecret());
    assertEquals(address + "/" + resp.getClientId(), resp.getRegistrationClientUri());
    String regAccessToken = resp.getRegistrationAccessToken();
    assertNotNull(regAccessToken);
    wc.reset();
    wc.path(resp.getClientId());
    assertEquals(401, wc.get().getStatus());
    wc.authorization(new ClientAccessToken("Bearer", regAccessToken));
    ClientRegistration clientRegResp = wc.get(ClientRegistration.class);
    testCommonRegCodeGrantProperties(clientRegResp);
    assertNull(clientRegResp.getTokenEndpointAuthMethod());
    assertEquals(200, wc.delete().getStatus());
}
Also used : ClientRegistration(org.apache.cxf.rs.security.oauth2.services.ClientRegistration) ClientRegistrationResponse(org.apache.cxf.rs.security.oauth2.services.ClientRegistrationResponse) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) JsonMapObjectProvider(org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 7 with ClientRegistration

use of org.apache.cxf.rs.security.oauth2.services.ClientRegistration in project cxf by apache.

the class OIDCDynamicRegistrationTest method testRegisterClientPasswordGrantPublic.

@org.junit.Test
public void testRegisterClientPasswordGrantPublic() throws Exception {
    URL busFile = OIDCDynamicRegistrationTest.class.getResource("client.xml");
    String address = "https://localhost:" + PORT + "/services/dynamicWithAt/register";
    WebClient wc = WebClient.create(address, Collections.singletonList(new JsonMapObjectProvider()), busFile.toString());
    wc.accept("application/json").type("application/json");
    ClientRegistration reg = new ClientRegistration();
    reg.setClientName("dynamic_client");
    reg.setGrantTypes(Collections.singletonList(OAuthConstants.RESOURCE_OWNER_GRANT));
    reg.setTokenEndpointAuthMethod(OAuthConstants.TOKEN_ENDPOINT_AUTH_NONE);
    wc.authorization(new ClientAccessToken("Bearer", "123456789"));
    ClientRegistrationResponse resp = wc.post(reg, ClientRegistrationResponse.class);
    assertNotNull(resp.getClientId());
    assertNull(resp.getClientSecret());
    assertEquals(address + "/" + resp.getClientId(), resp.getRegistrationClientUri());
    String regAccessToken = resp.getRegistrationAccessToken();
    assertNotNull(regAccessToken);
    wc.reset();
    wc.path(resp.getClientId());
    wc.authorization(new ClientAccessToken("Bearer", regAccessToken));
    ClientRegistration clientRegResp = wc.get(ClientRegistration.class);
    assertEquals("native", clientRegResp.getApplicationType());
    assertEquals("dynamic_client", clientRegResp.getClientName());
    assertEquals(Collections.singletonList(OAuthConstants.RESOURCE_OWNER_GRANT), clientRegResp.getGrantTypes());
    assertEquals(OAuthConstants.TOKEN_ENDPOINT_AUTH_NONE, clientRegResp.getTokenEndpointAuthMethod());
    assertNull(clientRegResp.getScope());
    assertNull(clientRegResp.getRedirectUris());
    assertEquals(200, wc.delete().getStatus());
}
Also used : ClientRegistration(org.apache.cxf.rs.security.oauth2.services.ClientRegistration) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) ClientRegistrationResponse(org.apache.cxf.rs.security.oauth2.services.ClientRegistrationResponse) JsonMapObjectProvider(org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 8 with ClientRegistration

use of org.apache.cxf.rs.security.oauth2.services.ClientRegistration in project cxf by apache.

the class OIDCDynamicRegistrationTest method newClientRegistrationCodeGrant.

private ClientRegistration newClientRegistrationCodeGrant() {
    ClientRegistration reg = new ClientRegistration();
    reg.setApplicationType("web");
    reg.setScope("openid");
    reg.setClientName("dynamic_client");
    reg.setGrantTypes(Collections.singletonList(OAuthConstants.AUTHORIZATION_CODE_GRANT));
    reg.setRedirectUris(Collections.singletonList("https://a/b/c"));
    reg.setProperty("post_logout_redirect_uris", Collections.singletonList("https://rp/logout"));
    return reg;
}
Also used : ClientRegistration(org.apache.cxf.rs.security.oauth2.services.ClientRegistration)

Example 9 with ClientRegistration

use of org.apache.cxf.rs.security.oauth2.services.ClientRegistration in project cxf by apache.

the class OidcDynamicRegistrationService method fromClientToClientRegistration.

@Override
protected ClientRegistration fromClientToClientRegistration(Client client) {
    ClientRegistration resp = super.fromClientToClientRegistration(client);
    String logoutUris = client.getProperties().get(POST_LOGOUT_LOGOUT_URIS);
    if (logoutUris != null) {
        List<String> list = new LinkedList<String>();
        for (String s : logoutUris.split(" ")) {
            list.add(s);
        }
        resp.setProperty(POST_LOGOUT_LOGOUT_URIS, list);
    }
    return resp;
}
Also used : ClientRegistration(org.apache.cxf.rs.security.oauth2.services.ClientRegistration) LinkedList(java.util.LinkedList)

Example 10 with ClientRegistration

use of org.apache.cxf.rs.security.oauth2.services.ClientRegistration in project cxf by apache.

the class OIDCDynamicRegistrationTest method testRegisterClientInitialAccessTokenCodeGrantTls.

@org.junit.Test
public void testRegisterClientInitialAccessTokenCodeGrantTls() throws Exception {
    URL busFile = OIDCDynamicRegistrationTest.class.getResource("client.xml");
    String address = "https://localhost:" + PORT + "/services/dynamicWithAt/register";
    WebClient wc = WebClient.create(address, Collections.singletonList(new JsonMapObjectProvider()), busFile.toString());
    wc.accept("application/json").type("application/json");
    ClientRegistration reg = newClientRegistrationCodeGrant();
    reg.setTokenEndpointAuthMethod(OAuthConstants.TOKEN_ENDPOINT_AUTH_TLS);
    reg.setProperty(OAuthConstants.TLS_CLIENT_AUTH_SUBJECT_DN, "CN=whateverhost.com,OU=Morpit,O=ApacheTest,L=Syracuse,C=US");
    ClientRegistrationResponse resp = null;
    assertEquals(401, wc.post(reg).getStatus());
    wc.authorization(new ClientAccessToken("Bearer", "123456789"));
    resp = wc.post(reg, ClientRegistrationResponse.class);
    assertNotNull(resp.getClientId());
    assertNull(resp.getClientSecret());
    assertEquals(address + "/" + resp.getClientId(), resp.getRegistrationClientUri());
    String regAccessToken = resp.getRegistrationAccessToken();
    assertNotNull(regAccessToken);
    wc.reset();
    wc.path(resp.getClientId());
    assertEquals(401, wc.get().getStatus());
    wc.authorization(new ClientAccessToken("Bearer", regAccessToken));
    ClientRegistration clientRegResp = wc.get(ClientRegistration.class);
    testCommonRegCodeGrantProperties(clientRegResp);
    assertEquals(OAuthConstants.TOKEN_ENDPOINT_AUTH_TLS, clientRegResp.getTokenEndpointAuthMethod());
    assertEquals("CN=whateverhost.com,OU=Morpit,O=ApacheTest,L=Syracuse,C=US", clientRegResp.getProperty(OAuthConstants.TLS_CLIENT_AUTH_SUBJECT_DN));
    assertEquals(200, wc.delete().getStatus());
}
Also used : ClientRegistration(org.apache.cxf.rs.security.oauth2.services.ClientRegistration) ClientRegistrationResponse(org.apache.cxf.rs.security.oauth2.services.ClientRegistrationResponse) ClientAccessToken(org.apache.cxf.rs.security.oauth2.common.ClientAccessToken) JsonMapObjectProvider(org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Aggregations

ClientRegistration (org.apache.cxf.rs.security.oauth2.services.ClientRegistration)8 WebClient (org.apache.cxf.jaxrs.client.WebClient)5 ClientAccessToken (org.apache.cxf.rs.security.oauth2.common.ClientAccessToken)5 ClientRegistrationResponse (org.apache.cxf.rs.security.oauth2.services.ClientRegistrationResponse)5 URL (java.net.URL)4 JsonMapObjectProvider (org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider)4 Client (org.apache.cxf.rs.security.oauth2.common.Client)3 LinkedList (java.util.LinkedList)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1 Produces (javax.ws.rs.Produces)1 SecurityContext (javax.ws.rs.core.SecurityContext)1 UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)1 Test (org.junit.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial