Example 1 with OpenIdConfigurationClient
use of org.gluu.oxauth.client.OpenIdConfigurationClient in project oxAuth by GluuFederation.
the class BaseTest method discovery.
@BeforeTest
public void discovery(ITestContext context) throws Exception {
// Load Form Interaction
loginFormUsername = context.getCurrentXmlTest().getParameter("loginFormUsername");
loginFormPassword = context.getCurrentXmlTest().getParameter("loginFormPassword");
loginFormLoginButton = context.getCurrentXmlTest().getParameter("loginFormLoginButton");
authorizeFormAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormAllowButton");
authorizeFormDoNotAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormDoNotAllowButton");
allTestKeys = Maps.newHashMap(context.getCurrentXmlTest().getAllParameters());
String resource = context.getCurrentXmlTest().getParameter("swdResource");
if (StringUtils.isNotBlank(resource)) {
showTitle("OpenID Connect Discovery");
OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(clientEngine(true));
showClient(openIdConnectDiscoveryClient);
assertEquals(openIdConnectDiscoveryResponse.getStatus(), 200, "Unexpected response code");
assertNotNull(openIdConnectDiscoveryResponse.getSubject());
assertTrue(openIdConnectDiscoveryResponse.getLinks().size() > 0);
configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() + "/.well-known/openid-configuration";
System.out.println("OpenID Connect Configuration");
OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
client.setExecutor(clientEngine(true));
OpenIdConfigurationResponse response = client.execOpenIdConfiguration();
showClient(client);
assertEquals(response.getStatus(), 200, "Unexpected response code");
assertNotNull(response.getIssuer(), "The issuer is null");
assertNotNull(response.getAuthorizationEndpoint(), "The authorizationEndpoint is null");
assertNotNull(response.getTokenEndpoint(), "The tokenEndpoint is null");
assertNotNull(response.getRevocationEndpoint(), "The revocationEndpoint is null");
assertNotNull(response.getUserInfoEndpoint(), "The userInfoEndPoint is null");
assertNotNull(response.getJwksUri(), "The jwksUri is null");
assertNotNull(response.getRegistrationEndpoint(), "The registrationEndpoint is null");
assertTrue(response.getScopesSupported().size() > 0, "The scopesSupported is empty");
assertTrue(response.getScopeToClaimsMapping().size() > 0, "The scope to claims mapping is empty");
assertTrue(response.getResponseTypesSupported().size() > 0, "The responseTypesSupported is empty");
assertTrue(response.getGrantTypesSupported().size() > 0, "The grantTypesSupported is empty");
assertTrue(response.getAcrValuesSupported().size() >= 0, "The acrValuesSupported is empty");
assertTrue(response.getSubjectTypesSupported().size() > 0, "The subjectTypesSupported is empty");
assertTrue(response.getIdTokenSigningAlgValuesSupported().size() > 0, "The idTokenSigningAlgValuesSupported is empty");
assertTrue(response.getRequestObjectSigningAlgValuesSupported().size() > 0, "The requestObjectSigningAlgValuesSupported is empty");
assertTrue(response.getTokenEndpointAuthMethodsSupported().size() > 0, "The tokenEndpointAuthMethodsSupported is empty");
assertTrue(response.getClaimsSupported().size() > 0, "The claimsSupported is empty");
authorizationEndpoint = response.getAuthorizationEndpoint();
tokenEndpoint = response.getTokenEndpoint();
tokenRevocationEndpoint = response.getRevocationEndpoint();
userInfoEndpoint = response.getUserInfoEndpoint();
clientInfoEndpoint = response.getClientInfoEndpoint();
checkSessionIFrame = response.getCheckSessionIFrame();
endSessionEndpoint = response.getEndSessionEndpoint();
jwksUri = response.getJwksUri();
registrationEndpoint = response.getRegistrationEndpoint();
idGenEndpoint = response.getIdGenerationEndpoint();
introspectionEndpoint = response.getIntrospectionEndpoint();
deviceAuthzEndpoint = response.getDeviceAuthzEndpoint();
backchannelAuthenticationEndpoint = response.getBackchannelAuthenticationEndpoint();
revokeSessionEndpoint = response.getSessionRevocationEndpoint();
scopeToClaimsMapping = response.getScopeToClaimsMapping();
gluuConfigurationEndpoint = determineGluuConfigurationEndpoint(openIdConnectDiscoveryResponse.getLinks().get(0).getHref());
issuer = response.getIssuer();
} else {
showTitle("Loading configuration endpoints from properties file");
authorizationEndpoint = context.getCurrentXmlTest().getParameter("authorizationEndpoint");
tokenEndpoint = context.getCurrentXmlTest().getParameter("tokenEndpoint");
tokenRevocationEndpoint = context.getCurrentXmlTest().getParameter("tokenRevocationEndpoint");
userInfoEndpoint = context.getCurrentXmlTest().getParameter("userInfoEndpoint");
clientInfoEndpoint = context.getCurrentXmlTest().getParameter("clientInfoEndpoint");
checkSessionIFrame = context.getCurrentXmlTest().getParameter("checkSessionIFrame");
endSessionEndpoint = context.getCurrentXmlTest().getParameter("endSessionEndpoint");
jwksUri = context.getCurrentXmlTest().getParameter("jwksUri");
registrationEndpoint = context.getCurrentXmlTest().getParameter("registrationEndpoint");
configurationEndpoint = context.getCurrentXmlTest().getParameter("configurationEndpoint");
idGenEndpoint = context.getCurrentXmlTest().getParameter("idGenEndpoint");
introspectionEndpoint = context.getCurrentXmlTest().getParameter("introspectionEndpoint");
backchannelAuthenticationEndpoint = context.getCurrentXmlTest().getParameter("backchannelAuthenticationEndpoint");
revokeSessionEndpoint = context.getCurrentXmlTest().getParameter("revokeSessionEndpoint");
scopeToClaimsMapping = new HashMap<String, List<String>>();
issuer = context.getCurrentXmlTest().getParameter("issuer");
}
authorizationPageEndpoint = determineAuthorizationPageEndpoint(authorizationEndpoint);
}
Also used :
OpenIdConnectDiscoveryClient(org.gluu.oxauth.client.OpenIdConnectDiscoveryClient)
OpenIdConfigurationClient(org.gluu.oxauth.client.OpenIdConfigurationClient)
OpenIdConnectDiscoveryResponse(org.gluu.oxauth.client.OpenIdConnectDiscoveryResponse)
OpenIdConfigurationResponse(org.gluu.oxauth.client.OpenIdConfigurationResponse)
List(java.util.List)
BeforeTest(org.testng.annotations.BeforeTest)
Example 2 with OpenIdConfigurationClient
use of org.gluu.oxauth.client.OpenIdConfigurationClient in project oxTrust by GluuFederation.
the class AppInitializer method initOpenIdConfiguration.
@Produces
@ApplicationScoped
@Named("openIdConfiguration")
public OpenIdConfigurationResponse initOpenIdConfiguration() throws OxIntializationException {
String oxAuthIssuer = this.configurationFactory.getAppConfiguration().getOxAuthIssuer();
if (StringHelper.isEmpty(oxAuthIssuer)) {
log.info("oxAuth issuer isn't specified");
return null;
}
log.debug("Attempting to determine configuration endpoint URL");
OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient;
try {
openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(oxAuthIssuer);
} catch (URISyntaxException ex) {
throw new OxIntializationException("OpenId discovery response is invalid!", ex);
}
OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec();
if ((openIdConnectDiscoveryResponse.getStatus() != 200) || (openIdConnectDiscoveryResponse.getSubject() == null) || (openIdConnectDiscoveryResponse.getLinks().size() == 0)) {
throw new OxIntializationException("OpenId discovery response is invalid!");
}
log.debug("Attempting to load OpenID configuration");
String configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() + "/.well-known/openid-configuration";
OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
OpenIdConfigurationResponse openIdConfiguration;
try {
openIdConfiguration = client.execOpenIdConfiguration();
} catch (Exception e) {
log.error("Failed to load OpenId configuration!", e);
throw new OxIntializationException("Failed to load OpenId configuration!");
}
if (openIdConfiguration.getStatus() != 200) {
throw new OxIntializationException("OpenId configuration response is invalid!");
}
return openIdConfiguration;
}
Also used :
OpenIdConnectDiscoveryClient(org.gluu.oxauth.client.OpenIdConnectDiscoveryClient)
OpenIdConfigurationClient(org.gluu.oxauth.client.OpenIdConfigurationClient)
OpenIdConnectDiscoveryResponse(org.gluu.oxauth.client.OpenIdConnectDiscoveryResponse)
OpenIdConfigurationResponse(org.gluu.oxauth.client.OpenIdConfigurationResponse)
URISyntaxException(java.net.URISyntaxException)
OxIntializationException(org.gluu.exception.OxIntializationException)
URISyntaxException(java.net.URISyntaxException)
EncryptionException(org.gluu.util.security.StringEncrypter.EncryptionException)
OxIntializationException(org.gluu.exception.OxIntializationException)
Named(javax.inject.Named)
Produces(javax.enterprise.inject.Produces)
ApplicationScoped(javax.enterprise.context.ApplicationScoped)
Example 3 with OpenIdConfigurationClient
use of org.gluu.oxauth.client.OpenIdConfigurationClient in project oxTrust by GluuFederation.
the class OpenIdService method loadOpenIdConfiguration.
private void loadOpenIdConfiguration() throws IOException {
String openIdProvider = appConfiguration.getOxAuthIssuer();
if (StringHelper.isEmpty(openIdProvider)) {
throw new ConfigurationException("OpenIdProvider Url is invalid");
}
openIdProvider = openIdProvider + "/.well-known/openid-configuration";
final OpenIdConfigurationClient openIdConfigurationClient = new OpenIdConfigurationClient(openIdProvider);
final OpenIdConfigurationResponse response = openIdConfigurationClient.execOpenIdConfiguration();
if ((response == null) || (response.getStatus() != 200)) {
throw new ConfigurationException("Failed to load oxAuth configuration");
}
log.info("Successfully loaded oxAuth configuration");
this.openIdConfiguration = response;
}
Also used :
OpenIdConfigurationClient(org.gluu.oxauth.client.OpenIdConfigurationClient)
ConfigurationException(org.gluu.util.exception.ConfigurationException)
OpenIdConfigurationResponse(org.gluu.oxauth.client.OpenIdConfigurationResponse)
Example 4 with OpenIdConfigurationClient
use of org.gluu.oxauth.client.OpenIdConfigurationClient in project oxTrust by GluuFederation.
the class OpenIdClient method loadOpenIdConfiguration.
private void loadOpenIdConfiguration() throws IOException {
String openIdProvider = appConfiguration.getOpenIdProviderUrl();
if (StringHelper.isEmpty(openIdProvider)) {
throw new ConfigurationException("OpenIdProvider Url is invalid");
}
final OpenIdConfigurationClient openIdConfigurationClient = new OpenIdConfigurationClient(openIdProvider);
final OpenIdConfigurationResponse response = openIdConfigurationClient.execOpenIdConfiguration();
if ((response == null) || (response.getStatus() != 200)) {
throw new ConfigurationException("Failed to load oxAuth configuration");
}
logger.info("Successfully loaded oxAuth configuration");
this.openIdConfiguration = response;
}
Also used :
OpenIdConfigurationClient(org.gluu.oxauth.client.OpenIdConfigurationClient)
ConfigurationException(org.gluu.util.exception.ConfigurationException)
OpenIdConfigurationResponse(org.gluu.oxauth.client.OpenIdConfigurationResponse)
Example 5 with OpenIdConfigurationClient
use of org.gluu.oxauth.client.OpenIdConfigurationClient in project oxAuth by GluuFederation.
the class ConfigurationRestWebServiceHttpTest method requestOpenIdConfiguration.
@Test
@Parameters({ "swdResource" })
public void requestOpenIdConfiguration(final String resource) throws Exception {
showTitle("OpenID Connect Discovery");
OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
CloseableHttpClient httpClient = createHttpClient(HostnameVerifierType.ALLOW_ALL);
OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse;
try {
openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(new ApacheHttpClient43Engine(httpClient));
} finally {
httpClient.close();
}
showClient(openIdConnectDiscoveryClient);
assertEquals(openIdConnectDiscoveryResponse.getStatus(), 200, "Unexpected response code");
assertNotNull(openIdConnectDiscoveryResponse.getSubject());
assertTrue(openIdConnectDiscoveryResponse.getLinks().size() > 0);
String configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() + "/.well-known/openid-configuration";
showTitle("OpenID Connect Configuration");
OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
OpenIdConfigurationResponse response = client.execOpenIdConfiguration();
showClient(client);
assertEquals(response.getStatus(), 200, "Unexpected response code");
assertNotNull(response.getIssuer(), "The issuer is null");
assertNotNull(response.getAuthorizationEndpoint(), "The authorizationEndpoint is null");
assertNotNull(response.getTokenEndpoint(), "The tokenEndpoint is null");
assertNotNull(response.getRevocationEndpoint(), "The tokenRevocationEndpoint is null");
assertNotNull(response.getUserInfoEndpoint(), "The userInfoEndPoint is null");
assertNotNull(response.getClientInfoEndpoint(), "The clientInfoEndPoint is null");
assertNotNull(response.getCheckSessionIFrame(), "The checkSessionIFrame is null");
assertNotNull(response.getEndSessionEndpoint(), "The endSessionEndpoint is null");
assertNotNull(response.getJwksUri(), "The jwksUri is null");
assertNotNull(response.getRegistrationEndpoint(), "The registrationEndpoint is null");
assertNotNull(response.getIntrospectionEndpoint(), "The introspectionEndpoint is null");
assertNotNull(response.getIdGenerationEndpoint(), "The idGenerationEndpoint is null");
assertTrue(response.getScopesSupported().size() > 0, "The scopesSupported is empty");
assertTrue(response.getScopeToClaimsMapping().size() > 0, "The scope to claims mapping is empty");
assertTrue(response.getResponseTypesSupported().size() > 0, "The responseTypesSupported is empty");
assertTrue(response.getResponseModesSupported().size() > 0, "The responseModesSupported is empty");
assertTrue(response.getGrantTypesSupported().size() > 0, "The grantTypesSupported is empty");
assertTrue(response.getAcrValuesSupported().size() >= 0, "The acrValuesSupported is empty");
assertTrue(response.getSubjectTypesSupported().size() > 0, "The subjectTypesSupported is empty");
assertTrue(response.getUserInfoSigningAlgValuesSupported().size() > 0, "The userInfoSigningAlgValuesSupported is empty");
assertTrue(response.getUserInfoEncryptionAlgValuesSupported().size() > 0, "The userInfoEncryptionAlgValuesSupported is empty");
assertTrue(response.getUserInfoEncryptionEncValuesSupported().size() > 0, "The userInfoEncryptionEncValuesSupported is empty");
assertTrue(response.getIdTokenSigningAlgValuesSupported().size() > 0, "The idTokenSigningAlgValuesSupported is empty");
assertTrue(response.getIdTokenEncryptionAlgValuesSupported().size() > 0, "The idTokenEncryptionAlgValuesSupported is empty");
assertTrue(response.getIdTokenEncryptionEncValuesSupported().size() > 0, "The idTokenEncryptionEncValuesSupported is empty");
assertTrue(response.getRequestObjectSigningAlgValuesSupported().size() > 0, "The requestObjectSigningAlgValuesSupported is empty");
assertTrue(response.getRequestObjectEncryptionAlgValuesSupported().size() > 0, "The requestObjectEncryptionAlgValuesSupported is empty");
assertTrue(response.getRequestObjectEncryptionEncValuesSupported().size() > 0, "The requestObjectEncryptionEncValuesSupported is empty");
assertTrue(response.getTokenEndpointAuthMethodsSupported().size() > 0, "The tokenEndpointAuthMethodsSupported is empty");
assertTrue(response.getTokenEndpointAuthSigningAlgValuesSupported().size() > 0, "The tokenEndpointAuthSigningAlgValuesSupported is empty");
assertTrue(response.getDisplayValuesSupported().size() > 0, "The displayValuesSupported is empty");
assertTrue(response.getClaimTypesSupported().size() > 0, "The claimTypesSupported is empty");
assertTrue(response.getClaimsSupported().size() > 0, "The claimsSupported is empty");
assertNotNull(response.getServiceDocumentation(), "The serviceDocumentation is null");
assertTrue(response.getClaimsLocalesSupported().size() > 0, "The claimsLocalesSupported is empty");
assertTrue(response.getUiLocalesSupported().size() > 0, "The uiLocalesSupported is empty");
assertTrue(response.getClaimsParameterSupported(), "The claimsParameterSupported is false");
assertTrue(response.getRequestParameterSupported(), "The requestParameterSupported is false");
assertTrue(response.getRequestUriParameterSupported(), "The requestUriParameterSupported is false");
assertFalse(response.getRequireRequestUriRegistration(), "The requireRequestUriRegistration is true");
assertNotNull(response.getOpPolicyUri(), "The opPolicyUri is null");
assertNotNull(response.getOpTosUri(), "The opTosUri is null");
// oxAuth #917: Add dynamic scopes and claims to discovery
Map<String, List<String>> scopeToClaims = response.getScopeToClaimsMapping();
List<String> scopesSupported = response.getScopesSupported();
List<String> claimsSupported = response.getClaimsSupported();
for (Map.Entry<String, List<String>> scopeEntry : scopeToClaims.entrySet()) {
assertTrue(scopesSupported.contains(scopeEntry.getKey()), "The scopes supported list does not contain the scope: " + scopeEntry.getKey());
for (String claimEntry : scopeEntry.getValue()) {
assertTrue(claimsSupported.contains(claimEntry), "The claims supported list does not contain the claim: " + claimEntry);
}
}
}
Also used :
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
OpenIdConnectDiscoveryClient(org.gluu.oxauth.client.OpenIdConnectDiscoveryClient)
OpenIdConfigurationClient(org.gluu.oxauth.client.OpenIdConfigurationClient)
OpenIdConnectDiscoveryResponse(org.gluu.oxauth.client.OpenIdConnectDiscoveryResponse)
OpenIdConfigurationResponse(org.gluu.oxauth.client.OpenIdConfigurationResponse)
List(java.util.List)
Map(java.util.Map)
ApacheHttpClient43Engine(org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
OpenIdConfigurationClient (org.gluu.oxauth.client.OpenIdConfigurationClient)6
OpenIdConfigurationResponse (org.gluu.oxauth.client.OpenIdConfigurationResponse)6
OpenIdConnectDiscoveryClient (org.gluu.oxauth.client.OpenIdConnectDiscoveryClient)4
OpenIdConnectDiscoveryResponse (org.gluu.oxauth.client.OpenIdConnectDiscoveryResponse)4
List (java.util.List)2
BaseTest (org.gluu.oxauth.BaseTest)2
ConfigurationException (org.gluu.util.exception.ConfigurationException)2
ApacheHttpClient43Engine (org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine)2
Parameters (org.testng.annotations.Parameters)2
Test (org.testng.annotations.Test)2
URISyntaxException (java.net.URISyntaxException)1
Map (java.util.Map)1
ApplicationScoped (javax.enterprise.context.ApplicationScoped)1
Produces (javax.enterprise.inject.Produces)1
Named (javax.inject.Named)1
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)1
OxIntializationException (org.gluu.exception.OxIntializationException)1
EncryptionException (org.gluu.util.security.StringEncrypter.EncryptionException)1
BeforeTest (org.testng.annotations.BeforeTest)1
