Search in sources :

Example 81 with JSONException

use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.

the class RequestObjectSigningAlgRestrictionEmbeddedTest method requestObjectSigningAlgRS512Step1.

/**
	 * Read client to check whether it is using the Request Object Signing Alg
	 * <code>RS384</code>.
	 */
/**
	 * Request authorization with Request Object Signing Alg <code>RS384</code>.
	 */
/**
	 * Fail 1: Request authorization with Request Object Signing Alg
	 * <code>NONE</code>.
	 */
/**
	 * Fail 2: Request authorization with Request Object Signing Alg
	 * <code>HS256</code>.
	 */
/**
	 * Fail 3: Request authorization with Request Object Signing Alg
	 * <code>HS384</code>.
	 */
/**
	 * Fail 4: Request authorization with Request Object Signing Alg
	 * <code>HS512</code>.
	 */
/**
	 * Fail 5: Request authorization with Request Object Signing Alg
	 * <code>RS256</code>.
	 */
/**
	 * Fail 6: Request authorization with Request Object Signing Alg
	 * <code>RS512</code>.
	 */
/**
	 * Fail 7: Request authorization with Request Object Signing Alg
	 * <code>ES256</code>.
	 */
/**
	 * Fail 8: Request authorization with Request Object Signing Alg
	 * <code>ES384</code>.
	 */
/**
	 * Fail 9: Request authorization with Request Object Signing Alg
	 * <code>ES512</code>.
	 */
/**
	 * Register a client with Request Object Signing Alg <code>RS512</code>.
	 */
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestObjectSigningAlgRS512Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    String registerRequestContent = null;
    try {
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
        registerRequest.setJwksUri(jwksUri);
        registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
        registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        registerRequestContent = registerRequest.getJSONParameters().toString(4);
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage());
    }
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestObjectSigningAlgRS512Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId8 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret8 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
        registrationAccessToken8 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.xdi.oxauth.client.RegisterRequest) JSONObject(org.codehaus.jettison.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.codehaus.jettison.json.JSONException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 82 with JSONException

use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.

the class RequestObjectSigningAlgRestrictionEmbeddedTest method requestObjectSigningAlgNoneStep1.

/**
	 * Register a client with Request Object Signing Alg <code>NONE</code>.
	 */
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestObjectSigningAlgNoneStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    String registerRequestContent = null;
    try {
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
        registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.NONE);
        registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        registerRequestContent = registerRequest.getJSONParameters().toString(4);
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage());
    }
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestObjectSigningAlgNoneStep1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret2 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
        registrationAccessToken2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        registrationClientUri2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.xdi.oxauth.client.RegisterRequest) JSONObject(org.codehaus.jettison.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.codehaus.jettison.json.JSONException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 83 with JSONException

use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.

the class RequestObjectSigningAlgRestrictionEmbeddedTest method requestObjectSigningAlgHS512Step1.

/**
	 * Read client to check whether it is using the Request Object Signing Alg
	 * <code>HS384</code>.
	 */
/**
	 * Request authorization with Request Object Signing Alg <code>HS384</code>.
	 */
/**
	 * Fail 1: Request authorization with Request Object Signing Alg
	 * <code>NONE</code>.
	 */
/**
	 * Fail 2: Request authorization with Request Object Signing Alg
	 * <code>HS256</code>.
	 */
/**
	 * Fail 3: Request authorization with Request Object Signing Alg
	 * <code>HS512</code>.
	 */
/**
	 * Fail 4: Request authorization with Request Object Signing Alg
	 * <code>RS256</code>.
	 */
/**
	 * Fail 5: Request authorization with Request Object Signing Alg
	 * <code>RS384</code>.
	 */
/**
	 * Fail 6: Request authorization with Request Object Signing Alg
	 * <code>RS512</code>.
	 */
/**
	 * Fail 7: Request authorization with Request Object Signing Alg
	 * <code>ES256</code>.
	 */
/**
	 * Fail 8: Request authorization with Request Object Signing Alg
	 * <code>ES384</code>.
	 */
/**
	 * Fail 9: Request authorization with Request Object Signing Alg
	 * <code>ES512</code>.
	 */
/**
	 * Register a client with Request Object Signing Alg <code>HS512</code>.
	 */
@Parameters({ "registerPath", "redirectUris" })
@Test
public void requestObjectSigningAlgHS512Step1(final String registerPath, final String redirectUris) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    String registerRequestContent = null;
    try {
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
        registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.HS512);
        registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        registerRequestContent = registerRequest.getJSONParameters().toString(4);
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage());
    }
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestObjectSigningAlgHS512Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId5 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret5 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
        registrationAccessToken5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.xdi.oxauth.client.RegisterRequest) JSONObject(org.codehaus.jettison.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.codehaus.jettison.json.JSONException) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 84 with JSONException

use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.

the class OpenIDRequestObjectWithESAlgEmbeddedTest method requestParameterMethodES256Step1.

@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES256Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    String registerRequestContent = null;
    try {
        List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
        registerRequest.setJwksUri(jwksUri);
        registerRequest.setResponseTypes(responseTypes);
        registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        registerRequestContent = registerRequest.getJSONParameters().toString(4);
    } catch (JSONException e) {
        fail(e.getMessage(), e);
    }
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestParameterMethodES256Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId1 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
    } catch (JSONException e) {
        fail(e.getMessage(), e);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.xdi.oxauth.client.RegisterRequest) JSONObject(org.codehaus.jettison.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.codehaus.jettison.json.JSONException) ResponseType(org.xdi.oxauth.model.common.ResponseType) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 85 with JSONException

use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.

the class OpenIDRequestObjectWithESAlgEmbeddedTest method requestParameterMethodES384Step1.

@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES384Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    String registerRequestContent = null;
    try {
        List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
        registerRequest.setJwksUri(jwksUri);
        registerRequest.setResponseTypes(responseTypes);
        registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        registerRequestContent = registerRequest.getJSONParameters().toString(4);
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage());
    }
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestParameterMethodES384Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
    } catch (JSONException e) {
        fail(e.getMessage(), e);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.xdi.oxauth.client.RegisterRequest) JSONObject(org.codehaus.jettison.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.codehaus.jettison.json.JSONException) ResponseType(org.xdi.oxauth.model.common.ResponseType) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Aggregations

JSONException (org.codehaus.jettison.json.JSONException)281 JSONObject (org.codehaus.jettison.json.JSONObject)256 Response (javax.ws.rs.core.Response)183 Builder (javax.ws.rs.client.Invocation.Builder)179 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)179 Test (org.testng.annotations.Test)174 BaseTest (org.xdi.oxauth.BaseTest)174 Parameters (org.testng.annotations.Parameters)171 RegisterRequest (org.xdi.oxauth.client.RegisterRequest)78 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)68 JSONArray (org.codehaus.jettison.json.JSONArray)44 RegisterResponse (org.xdi.oxauth.client.RegisterResponse)43 URISyntaxException (java.net.URISyntaxException)35 TokenRequest (org.xdi.oxauth.client.TokenRequest)35 ResponseType (org.xdi.oxauth.model.common.ResponseType)35 WebApplicationException (javax.ws.rs.WebApplicationException)18 IOException (java.io.IOException)17 OxAuthCryptoProvider (org.xdi.oxauth.model.crypto.OxAuthCryptoProvider)17 Path (javax.ws.rs.Path)14 Produces (javax.ws.rs.Produces)14