Examples with OpenIdConnectTokenPKIProviderImpl org.forgerock.openam.sts.tokengeneration.oidc.crypto.OpenIdConnectTokenPKIProviderImpl used on opensource projects

Search in sources :

Example 1 with OpenIdConnectTokenPKIProviderImpl

use of org.forgerock.openam.sts.tokengeneration.oidc.crypto.OpenIdConnectTokenPKIProviderImpl in project OpenAM by OpenRock.

the class OpenIdConnectTokenGenerationImplTest method testRSAOpenIdConnectTokenGeneration.

@Test
public void testRSAOpenIdConnectTokenGeneration() throws TokenCreationException {
    SSOTokenIdentity mockSSOTokenIdentity = mock(SSOTokenIdentity.class);
    when(mockSSOTokenIdentity.validateAndGetTokenPrincipal(any(SSOToken.class))).thenReturn(SUBJECT_NAME);
    SSOToken mockSSOToken = mock(SSOToken.class);
    STSInstanceState mockSTSInstanceState = mock(STSInstanceState.class);
    STSInstanceConfig mockSTSInstanceConfig = mock(STSInstanceConfig.class);
    when(mockSTSInstanceState.getConfig()).thenReturn(mockSTSInstanceConfig);
    OpenIdConnectTokenConfig openIdConnectTokenConfig = buildRSAOpenIdConnectTokenConfig();
    when(mockSTSInstanceConfig.getOpenIdConnectTokenConfig()).thenReturn(openIdConnectTokenConfig);
    OpenIdConnectTokenPKIProviderImpl tokenCryptoProvider = new OpenIdConnectTokenPKIProviderImpl(openIdConnectTokenConfig);
    when(mockSTSInstanceState.getOpenIdConnectTokenPKIProvider()).thenReturn(tokenCryptoProvider);
    TokenGenerationServiceInvocationState mockTokenGenerationInvocationState = mock(TokenGenerationServiceInvocationState.class);
    OpenIdConnectTokenClaimMapperProvider mockClaimMapperProvider = mock(OpenIdConnectTokenClaimMapperProvider.class);
    OpenIdConnectTokenClaimMapper mockClaimMapper = mock(OpenIdConnectTokenClaimMapper.class);
    when(mockClaimMapperProvider.getClaimMapper(any(OpenIdConnectTokenConfig.class))).thenReturn(mockClaimMapper);
    when(mockClaimMapper.getCustomClaims(mockSSOToken, mappedClaimConfig)).thenReturn(mappedClaimAttributes);
    long authTime = System.currentTimeMillis() / 1000;
    OpenIdConnectTokenGenerationState openIdConnectTokenGenerationState = buildOpenIdConnectTokenGenerationState(authTime);
    when(mockTokenGenerationInvocationState.getOpenIdConnectTokenGenerationState()).thenReturn(openIdConnectTokenGenerationState);
    String oidcToken = new OpenIdConnectTokenGenerationImpl(mockSSOTokenIdentity, new JwtBuilderFactory(), mockClaimMapperProvider, mock(CTSTokenPersistence.class), mock(Logger.class)).generate(mockSSOToken, mockSTSInstanceState, mockTokenGenerationInvocationState);
    SignedJwt signedJwt = reconstructSignedJwt(oidcToken);
    JwtClaimsSet jwtClaimsSet = signedJwt.getClaimsSet();
    assertEquals(SUBJECT_NAME, jwtClaimsSet.getSubject());
    assertEquals(AUDIENCE, jwtClaimsSet.getAudience().get(0));
    assertEquals(AUTHN_CLASS_REFERENCE, jwtClaimsSet.getClaim("acr", String.class));
    assertEquals(ISSUER, jwtClaimsSet.getIssuer());
    assertEquals(EMAIL_CLAIM_VALUE, jwtClaimsSet.get(EMAIL_CLAIM_KEY).asString());
    assertTrue(verifyRSASignature(signedJwt, openIdConnectTokenConfig));
}
Also used : JwtBuilderFactory(org.forgerock.json.jose.builders.JwtBuilderFactory) SSOToken(com.iplanet.sso.SSOToken) STSInstanceState(org.forgerock.openam.sts.tokengeneration.state.STSInstanceState) SignedJwt(org.forgerock.json.jose.jws.SignedJwt) OpenIdConnectTokenConfig(org.forgerock.openam.sts.config.user.OpenIdConnectTokenConfig) TokenGenerationServiceInvocationState(org.forgerock.openam.sts.service.invocation.TokenGenerationServiceInvocationState) JwtClaimsSet(org.forgerock.json.jose.jwt.JwtClaimsSet) SSOTokenIdentity(org.forgerock.openam.sts.tokengeneration.SSOTokenIdentity) OpenIdConnectTokenPKIProviderImpl(org.forgerock.openam.sts.tokengeneration.oidc.crypto.OpenIdConnectTokenPKIProviderImpl) OpenIdConnectTokenGenerationState(org.forgerock.openam.sts.service.invocation.OpenIdConnectTokenGenerationState) STSInstanceConfig(org.forgerock.openam.sts.config.user.STSInstanceConfig) Test(org.testng.annotations.Test)

Aggregations

SSOToken (com.iplanet.sso.SSOToken)1 JwtBuilderFactory (org.forgerock.json.jose.builders.JwtBuilderFactory)1 SignedJwt (org.forgerock.json.jose.jws.SignedJwt)1 JwtClaimsSet (org.forgerock.json.jose.jwt.JwtClaimsSet)1 OpenIdConnectTokenConfig (org.forgerock.openam.sts.config.user.OpenIdConnectTokenConfig)1 STSInstanceConfig (org.forgerock.openam.sts.config.user.STSInstanceConfig)1 OpenIdConnectTokenGenerationState (org.forgerock.openam.sts.service.invocation.OpenIdConnectTokenGenerationState)1 TokenGenerationServiceInvocationState (org.forgerock.openam.sts.service.invocation.TokenGenerationServiceInvocationState)1 SSOTokenIdentity (org.forgerock.openam.sts.tokengeneration.SSOTokenIdentity)1 OpenIdConnectTokenPKIProviderImpl (org.forgerock.openam.sts.tokengeneration.oidc.crypto.OpenIdConnectTokenPKIProviderImpl)1 STSInstanceState (org.forgerock.openam.sts.tokengeneration.state.STSInstanceState)1 Test (org.testng.annotations.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial