Search in sources :

Example 1 with RevokeSessionRequest

use of org.gluu.oxauth.client.RevokeSessionRequest in project oxAuth by GluuFederation.

the class RevokeSessionHttpTest method revokeSession.

@Parameters({ "redirectUris", "userId", "userSecret", "redirectUri", "sectorIdentifierUri", "umaPatClientId", "umaPatClientSecret" })
@Test
public void revokeSession(final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri, String umaPatClientId, String umaPatClientSecret) throws Exception {
    showTitle("revokeSession");
    final AuthenticationMethod authnMethod = AuthenticationMethod.CLIENT_SECRET_BASIC;
    // 1. Register client
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setTokenEndpointAuthMethod(authnMethod);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
    registerRequest.setResponseTypes(responseTypes);
    RegisterClient registerClient = newRegisterClient(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();
    showClient(registerClient);
    assertOk(registerResponse);
    assertNotNull(registerResponse.getRegistrationAccessToken());
    // 3. Request authorization
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String state = UUID.randomUUID().toString();
    String nonce = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, registerResponse.getClientId(), scopes, redirectUri, nonce);
    authorizationRequest.setState(state);
    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
    assertNotNull(authorizationResponse.getLocation(), "The location is null");
    assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
    assertNotNull(authorizationResponse.getIdToken(), "The ID Token is null");
    assertNotNull(authorizationResponse.getState(), "The state is null");
    assertNotNull(authorizationResponse.getScope(), "The scope is null");
    RevokeSessionRequest revokeSessionRequest = new RevokeSessionRequest("uid", "test");
    revokeSessionRequest.setAuthenticationMethod(authnMethod);
    // it must be client with revoke_session scope
    revokeSessionRequest.setAuthUsername(umaPatClientId);
    revokeSessionRequest.setAuthPassword(umaPatClientSecret);
    RevokeSessionClient revokeSessionClient = newRevokeSessionClient(revokeSessionRequest);
    final RevokeSessionResponse revokeSessionResponse = revokeSessionClient.exec();
    showClient(revokeSessionClient);
    assertEquals(revokeSessionResponse.getStatus(), 200);
}
Also used : RegisterRequest(org.gluu.oxauth.client.RegisterRequest) AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest) RevokeSessionRequest(org.gluu.oxauth.client.RevokeSessionRequest) AuthenticationMethod(org.gluu.oxauth.model.common.AuthenticationMethod) RevokeSessionResponse(org.gluu.oxauth.client.RevokeSessionResponse) ResponseType(org.gluu.oxauth.model.common.ResponseType) AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse) RegisterResponse(org.gluu.oxauth.client.RegisterResponse) RegisterClient(org.gluu.oxauth.client.RegisterClient) RevokeSessionClient(org.gluu.oxauth.client.RevokeSessionClient) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Aggregations

BaseTest (org.gluu.oxauth.BaseTest)1 AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)1 AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)1 RegisterClient (org.gluu.oxauth.client.RegisterClient)1 RegisterRequest (org.gluu.oxauth.client.RegisterRequest)1 RegisterResponse (org.gluu.oxauth.client.RegisterResponse)1 RevokeSessionClient (org.gluu.oxauth.client.RevokeSessionClient)1 RevokeSessionRequest (org.gluu.oxauth.client.RevokeSessionRequest)1 RevokeSessionResponse (org.gluu.oxauth.client.RevokeSessionResponse)1 AuthenticationMethod (org.gluu.oxauth.model.common.AuthenticationMethod)1 ResponseType (org.gluu.oxauth.model.common.ResponseType)1 Parameters (org.testng.annotations.Parameters)1 Test (org.testng.annotations.Test)1