use of org.gluu.oxauth.client.BackchannelAuthenticationResponse in project oxAuth by GluuFederation.
the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintES384.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "ES384_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintES384")
public void backchannelTokenDeliveryModePingIdTokenHintES384(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
showTitle("backchannelTokenDeliveryModePingIdTokenHintES384");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.ES384);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientSecretExpiresAt());
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_USER_CODE_PARAMETER.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT.toString()));
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.PING.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.ES384.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
String clientId = registerResponse.getClientId();
// 2. Authentication Request
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Arrays.asList("openid"));
backchannelAuthenticationRequest.setIdTokenHint(idTokenHintES384);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.ES384);
backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
backchannelAuthenticationRequest.setKeyId(keyId);
backchannelAuthenticationRequest.setAudience(tokenEndpoint);
backchannelAuthenticationRequest.setAuthUsername(clientId);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertEquals(backchannelAuthenticationResponse.getStatus(), 200, "Unexpected response code: " + backchannelAuthenticationResponse.getEntity());
assertNotNull(backchannelAuthenticationResponse.getAuthReqId());
assertNotNull(backchannelAuthenticationResponse.getExpiresIn());
// This parameter will only be present if the Client is registered to use the Poll or Ping modes.
assertNotNull(backchannelAuthenticationResponse.getInterval());
}
use of org.gluu.oxauth.client.BackchannelAuthenticationResponse in project oxAuth by GluuFederation.
the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingLoginHintTokenES384.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode" })
@Test(dependsOnMethods = "loginHintTokenES384")
public void backchannelTokenDeliveryModePingLoginHintTokenES384(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode) {
showTitle("backchannelTokenDeliveryModePingLoginHintTokenES384");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.ES384);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientSecretExpiresAt());
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_USER_CODE_PARAMETER.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT.toString()));
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.PING.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.ES384.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Authentication Request
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Arrays.asList("openid"));
backchannelAuthenticationRequest.setLoginHintToken(loginHintTokenES384);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthUsername(clientId);
backchannelAuthenticationRequest.setAuthPassword(clientSecret);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertEquals(backchannelAuthenticationResponse.getStatus(), 200, "Unexpected response code: " + backchannelAuthenticationResponse.getEntity());
assertNotNull(backchannelAuthenticationResponse.getAuthReqId());
assertNotNull(backchannelAuthenticationResponse.getExpiresIn());
// This parameter will only be present if the Client is registered to use the Poll or Ping modes.
assertNotNull(backchannelAuthenticationResponse.getInterval());
}
use of org.gluu.oxauth.client.BackchannelAuthenticationResponse in project oxAuth by GluuFederation.
the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingLoginHintTokenPS256.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode" })
@Test(dependsOnMethods = "loginHintTokenPS256")
public void backchannelTokenDeliveryModePingLoginHintTokenPS256(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode) {
showTitle("backchannelTokenDeliveryModePingLoginHintTokenPS256");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.PS256);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientSecretExpiresAt());
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_USER_CODE_PARAMETER.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT.toString()));
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.PING.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.PS256.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Authentication Request
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Arrays.asList("openid"));
backchannelAuthenticationRequest.setLoginHintToken(loginHintTokenPS256);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthUsername(clientId);
backchannelAuthenticationRequest.setAuthPassword(clientSecret);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertEquals(backchannelAuthenticationResponse.getStatus(), 200, "Unexpected response code: " + backchannelAuthenticationResponse.getEntity());
assertNotNull(backchannelAuthenticationResponse.getAuthReqId());
assertNotNull(backchannelAuthenticationResponse.getExpiresIn());
// This parameter will only be present if the Client is registered to use the Poll or Ping modes.
assertNotNull(backchannelAuthenticationResponse.getInterval());
}
use of org.gluu.oxauth.client.BackchannelAuthenticationResponse in project oxAuth by GluuFederation.
the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintRS384.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "RS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "idTokenHintRS384")
public void backchannelTokenDeliveryModePingIdTokenHintRS384(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
showTitle("backchannelTokenDeliveryModePingIdTokenHintRS384");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS384);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientSecretExpiresAt());
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_USER_CODE_PARAMETER.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT.toString()));
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.PING.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.RS384.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
String clientId = registerResponse.getClientId();
// 2. Authentication Request
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Arrays.asList("openid"));
backchannelAuthenticationRequest.setIdTokenHint(idTokenHintRS384);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
backchannelAuthenticationRequest.setAlgorithm(SignatureAlgorithm.RS384);
backchannelAuthenticationRequest.setCryptoProvider(cryptoProvider);
backchannelAuthenticationRequest.setKeyId(keyId);
backchannelAuthenticationRequest.setAudience(tokenEndpoint);
backchannelAuthenticationRequest.setAuthUsername(clientId);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertEquals(backchannelAuthenticationResponse.getStatus(), 200, "Unexpected response code: " + backchannelAuthenticationResponse.getEntity());
assertNotNull(backchannelAuthenticationResponse.getAuthReqId());
assertNotNull(backchannelAuthenticationResponse.getExpiresIn());
// This parameter will only be present if the Client is registered to use the Poll or Ping modes.
assertNotNull(backchannelAuthenticationResponse.getInterval());
}
use of org.gluu.oxauth.client.BackchannelAuthenticationResponse in project oxAuth by GluuFederation.
the class BackchannelAuthenticationPingMode method backchannelTokenDeliveryModePingIdTokenHintAlgRSAOAEPEncA256GCM.
@Parameters({ "clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode" })
@Test(dependsOnMethods = "idTokenHintAlgRSAOAEPEncA256GCM")
public void backchannelTokenDeliveryModePingIdTokenHintAlgRSAOAEPEncA256GCM(final String clientJwksUri, final String backchannelClientNotificationEndpoint, final String backchannelUserCode) {
showTitle("backchannelTokenDeliveryModePingIdTokenHintAlgRSAOAEPEncA256GCM");
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", null);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
registerRequest.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
registerRequest.setBackchannelUserCodeParameter(true);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientSecretExpiresAt());
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_USER_CODE_PARAMETER.toString()));
assertTrue(registerResponse.getClaims().containsKey(BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT.toString()));
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.PING.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.RS256.getValue());
assertEquals(registerResponse.getClaims().get(BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Authentication Request
String clientNotificationToken = UUID.randomUUID().toString();
BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
backchannelAuthenticationRequest.setScope(Arrays.asList("openid"));
backchannelAuthenticationRequest.setIdTokenHint(idTokenHintAlgRSAOAEPEncA256GCM);
backchannelAuthenticationRequest.setClientNotificationToken(clientNotificationToken);
backchannelAuthenticationRequest.setUserCode(backchannelUserCode);
backchannelAuthenticationRequest.setRequestedExpiry(1200);
backchannelAuthenticationRequest.setAuthUsername(clientId);
backchannelAuthenticationRequest.setAuthPassword(clientSecret);
BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(backchannelAuthenticationEndpoint);
backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
BackchannelAuthenticationResponse backchannelAuthenticationResponse = backchannelAuthenticationClient.exec();
showClient(backchannelAuthenticationClient);
assertEquals(backchannelAuthenticationResponse.getStatus(), 200, "Unexpected response code: " + backchannelAuthenticationResponse.getEntity());
assertNotNull(backchannelAuthenticationResponse.getAuthReqId());
assertNotNull(backchannelAuthenticationResponse.getExpiresIn());
// This parameter will only be present if the Client is registered to use the Poll or Ping modes.
assertNotNull(backchannelAuthenticationResponse.getInterval());
}
Aggregations