use of org.gluu.oxauth.client.RevokeSessionRequest in project oxAuth by GluuFederation.
the class RevokeSessionHttpTest method revokeSession.
@Parameters({ "redirectUris", "userId", "userSecret", "redirectUri", "sectorIdentifierUri", "umaPatClientId", "umaPatClientSecret" })
@Test
public void revokeSession(final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri, String umaPatClientId, String umaPatClientSecret) throws Exception {
showTitle("revokeSession");
final AuthenticationMethod authnMethod = AuthenticationMethod.CLIENT_SECRET_BASIC;
// 1. Register client
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(authnMethod);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setResponseTypes(responseTypes);
RegisterClient registerClient = newRegisterClient(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertOk(registerResponse);
assertNotNull(registerResponse.getRegistrationAccessToken());
// 3. Request authorization
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String state = UUID.randomUUID().toString();
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, registerResponse.getClientId(), scopes, redirectUri, nonce);
authorizationRequest.setState(state);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation(), "The location is null");
assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
assertNotNull(authorizationResponse.getIdToken(), "The ID Token is null");
assertNotNull(authorizationResponse.getState(), "The state is null");
assertNotNull(authorizationResponse.getScope(), "The scope is null");
RevokeSessionRequest revokeSessionRequest = new RevokeSessionRequest("uid", "test");
revokeSessionRequest.setAuthenticationMethod(authnMethod);
// it must be client with revoke_session scope
revokeSessionRequest.setAuthUsername(umaPatClientId);
revokeSessionRequest.setAuthPassword(umaPatClientSecret);
RevokeSessionClient revokeSessionClient = newRevokeSessionClient(revokeSessionRequest);
final RevokeSessionResponse revokeSessionResponse = revokeSessionClient.exec();
showClient(revokeSessionClient);
assertEquals(revokeSessionResponse.getStatus(), 200);
}
Aggregations