use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.
the class RequestObjectSigningAlgRestrictionEmbeddedTest method requestObjectSigningAlgRS512Step1.
/**
* Read client to check whether it is using the Request Object Signing Alg
* <code>RS384</code>.
*/
/**
* Request authorization with Request Object Signing Alg <code>RS384</code>.
*/
/**
* Fail 1: Request authorization with Request Object Signing Alg
* <code>NONE</code>.
*/
/**
* Fail 2: Request authorization with Request Object Signing Alg
* <code>HS256</code>.
*/
/**
* Fail 3: Request authorization with Request Object Signing Alg
* <code>HS384</code>.
*/
/**
* Fail 4: Request authorization with Request Object Signing Alg
* <code>HS512</code>.
*/
/**
* Fail 5: Request authorization with Request Object Signing Alg
* <code>RS256</code>.
*/
/**
* Fail 6: Request authorization with Request Object Signing Alg
* <code>RS512</code>.
*/
/**
* Fail 7: Request authorization with Request Object Signing Alg
* <code>ES256</code>.
*/
/**
* Fail 8: Request authorization with Request Object Signing Alg
* <code>ES384</code>.
*/
/**
* Fail 9: Request authorization with Request Object Signing Alg
* <code>ES512</code>.
*/
/**
* Register a client with Request Object Signing Alg <code>RS512</code>.
*/
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestObjectSigningAlgRS512Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = registerRequest.getJSONParameters().toString(4);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestObjectSigningAlgRS512Step1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId8 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
clientSecret8 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
registrationAccessToken8 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.
the class RequestObjectSigningAlgRestrictionEmbeddedTest method requestObjectSigningAlgNoneStep1.
/**
* Register a client with Request Object Signing Alg <code>NONE</code>.
*/
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestObjectSigningAlgNoneStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.NONE);
registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = registerRequest.getJSONParameters().toString(4);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestObjectSigningAlgNoneStep1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
clientSecret2 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
registrationAccessToken2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
registrationClientUri2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.
the class RequestObjectSigningAlgRestrictionEmbeddedTest method requestObjectSigningAlgHS512Step1.
/**
* Read client to check whether it is using the Request Object Signing Alg
* <code>HS384</code>.
*/
/**
* Request authorization with Request Object Signing Alg <code>HS384</code>.
*/
/**
* Fail 1: Request authorization with Request Object Signing Alg
* <code>NONE</code>.
*/
/**
* Fail 2: Request authorization with Request Object Signing Alg
* <code>HS256</code>.
*/
/**
* Fail 3: Request authorization with Request Object Signing Alg
* <code>HS512</code>.
*/
/**
* Fail 4: Request authorization with Request Object Signing Alg
* <code>RS256</code>.
*/
/**
* Fail 5: Request authorization with Request Object Signing Alg
* <code>RS384</code>.
*/
/**
* Fail 6: Request authorization with Request Object Signing Alg
* <code>RS512</code>.
*/
/**
* Fail 7: Request authorization with Request Object Signing Alg
* <code>ES256</code>.
*/
/**
* Fail 8: Request authorization with Request Object Signing Alg
* <code>ES384</code>.
*/
/**
* Fail 9: Request authorization with Request Object Signing Alg
* <code>ES512</code>.
*/
/**
* Register a client with Request Object Signing Alg <code>HS512</code>.
*/
@Parameters({ "registerPath", "redirectUris" })
@Test
public void requestObjectSigningAlgHS512Step1(final String registerPath, final String redirectUris) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.HS512);
registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = registerRequest.getJSONParameters().toString(4);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestObjectSigningAlgHS512Step1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId5 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
clientSecret5 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
registrationAccessToken5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.
the class OpenIDRequestObjectWithESAlgEmbeddedTest method requestParameterMethodES256Step1.
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES256Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = registerRequest.getJSONParameters().toString(4);
} catch (JSONException e) {
fail(e.getMessage(), e);
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES256Step1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId1 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
} catch (JSONException e) {
fail(e.getMessage(), e);
}
}
use of org.codehaus.jettison.json.JSONException in project oxAuth by GluuFederation.
the class OpenIDRequestObjectWithESAlgEmbeddedTest method requestParameterMethodES384Step1.
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES384Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = registerRequest.getJSONParameters().toString(4);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES384Step1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
} catch (JSONException e) {
fail(e.getMessage(), e);
}
}
Aggregations