Example 11 with AuthorizationRequest
use of org.gluu.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class AuthorizeWithResponseModeEmbeddedTest method requestAuthorizationCodeWithResponseModeQuery.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationCodeWithResponseModeQuery(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
authorizationRequest.setResponseMode(ResponseMode.QUERY);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationCodeWithResponseModeQuery", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getQuery(), "Query string is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getQuery());
assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
Also used :
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 12 with AuthorizationRequest
use of org.gluu.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class AuthorizeWithResponseModeEmbeddedTest method requestAuthorizationTokenWithResponseModeQuery.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationTokenWithResponseModeQuery(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
authorizationRequest.setResponseMode(ResponseMode.QUERY);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationTokenWithResponseModeQuery", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getQuery(), "Query is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getQuery());
assertNotNull(params.get(AuthorizeResponseParam.ACCESS_TOKEN), "The access token is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertNotNull(params.get(AuthorizeResponseParam.TOKEN_TYPE), "The token type is null");
assertNotNull(params.get(AuthorizeResponseParam.EXPIRES_IN), "The expires in value is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope must be null");
assertNull(params.get("refresh_token"), "The refresh_token must be null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
}
Also used :
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 13 with AuthorizationRequest
use of org.gluu.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class TTokenRequest method requestAuthorizationCode.
private void requestAuthorizationCode(final String authorizePath, final String userId, final String userSecret, final String umaClientId, final String umaRedirectUri, final String p_scopeType) throws Exception {
List<ResponseType> responseTypes = new ArrayList<ResponseType>();
responseTypes.add(ResponseType.CODE);
responseTypes.add(ResponseType.ID_TOKEN);
List<String> scopes = new ArrayList<String>();
scopes.add(p_scopeType);
String state = UUID.randomUUID().toString();
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, umaClientId, scopes, umaRedirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
authorizationRequest.getPrompts().add(Prompt.NONE);
Builder request = ResteasyClientBuilder.newClient().target(baseUri.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
BaseTest.showResponse("TTokenClient.requestAuthorizationCode() : ", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
final String location = response.getLocation().toString();
final int fragmentIndex = location.indexOf("#");
Map<String, String> params = new HashMap<String, String>();
if (fragmentIndex != -1) {
String fragment = location.substring(fragmentIndex + 1);
params = QueryStringDecoder.decode(fragment);
} else {
int queryStringIndex = location.indexOf("?");
if (queryStringIndex != -1) {
String queryString = location.substring(queryStringIndex + 1);
params = QueryStringDecoder.decode(queryString);
}
}
assertNotNull(params.get("code"), "The code is null");
assertNotNull(params.get("scope"), "The scope is null");
assertNotNull(params.get("state"), "The state is null");
token.setAuthorizationCode(params.get("code"));
token.setScope(params.get("scope"));
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
}
}
Also used :
RPTResponse(org.gluu.oxauth.model.uma.RPTResponse)
RptIntrospectionResponse(org.gluu.oxauth.model.uma.RptIntrospectionResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
HashMap(java.util.HashMap)
MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
ArrayList(java.util.ArrayList)
JSONException(org.json.JSONException)
IOException(java.io.IOException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Example 14 with AuthorizationRequest
use of org.gluu.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class SectorIdentifierUrlVerificationEmbeddedTest method requestAuthorizationCodeWithSectorIdentifierStep2.
// This test requires a place to publish a sector identifier JSON array of
// redirect URIs via HTTPS
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "requestAuthorizationCodeWithSectorIdentifierStep1")
public void requestAuthorizationCodeWithSectorIdentifierStep2(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String state = UUID.randomUUID().toString();
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationCodeWithSectorIdentifierStep2", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment());
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
assertNotNull(params.get(AuthorizeResponseParam.ID_TOKEN), "The ID Token is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
String idToken = params.get(AuthorizeResponseParam.ID_TOKEN);
Jwt jwt = Jwt.parse(idToken);
assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
} catch (InvalidJwtException e) {
e.printStackTrace();
fail("Invalid JWT");
}
}
Also used :
Response(javax.ws.rs.core.Response)
InvalidJwtException(org.gluu.oxauth.model.exception.InvalidJwtException)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
REGISTRATION_CLIENT_URI(org.gluu.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 15 with AuthorizationRequest
use of org.gluu.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class OpenIDRequestObjectWithESAlgEmbeddedTest method requestParameterMethodES512Step2.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "requestParameterMethodES512Step1")
public void requestParameterMethodES512Step2(final String authorizePath, final String userId, final String userSecret, final String redirectUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
Builder request = null;
try {
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId3, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.ES512, cryptoProvider);
jwtAuthorizationRequest.setKeyId(keyId);
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[] { ACR_VALUE })));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
System.out.println("Request JWT: " + authJwt);
request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
} catch (Exception ex) {
fail(ex.getMessage(), ex);
}
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES512Step2", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Query string is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get("access_token"), "The accessToken is null");
assertNotNull(params.get("scope"), "The scope is null");
assertNotNull(params.get("state"), "The state is null");
} catch (URISyntaxException e) {
fail(e.getMessage(), e);
}
}
Also used :
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
Claim(org.gluu.oxauth.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)551
BaseTest (org.gluu.oxauth.BaseTest)532
Test (org.testng.annotations.Test)532
ResponseType (org.gluu.oxauth.model.common.ResponseType)526
Parameters (org.testng.annotations.Parameters)525
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)505
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)490
RegisterClient (org.gluu.oxauth.client.RegisterClient)483
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)483
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)262
AuthorizeClient (org.gluu.oxauth.client.AuthorizeClient)209
JwtAuthorizationRequest (org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)193
Jwt (org.gluu.oxauth.model.jwt.Jwt)162
TokenClient (org.gluu.oxauth.client.TokenClient)159
TokenResponse (org.gluu.oxauth.client.TokenResponse)159
TokenRequest (org.gluu.oxauth.client.TokenRequest)154
UserInfoResponse (org.gluu.oxauth.client.UserInfoResponse)148
UserInfoClient (org.gluu.oxauth.client.UserInfoClient)147
Claim (org.gluu.oxauth.client.model.authorize.Claim)124
RSAPublicKey (org.gluu.oxauth.model.crypto.signature.RSAPublicKey)86
