Example 81 with TokenClient
use of org.gluu.oxauth.client.TokenClient in project oxAuth by GluuFederation.
the class TokenEncryptionHttpTest method requestIdTokenAlgRSA15EncA256CBCPLUSHS512.
@Parameters({ "userId", "userSecret", "redirectUris", "clientJwksUri", "RS256_enc_keyId", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
// @Test // Before run this test, set openidScopeBackwardCompatibility to true
@Deprecated
public void requestIdTokenAlgRSA15EncA256CBCPLUSHS512(final String userId, final String userSecret, final String redirectUris, final String jwksUri, final String keyId, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) {
try {
showTitle("requestIdTokenAlgRSA15EncA256CBCPLUSHS512");
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setIdTokenEncryptedResponseAlg(KeyEncryptionAlgorithm.RSA1_5);
registerRequest.setIdTokenEncryptedResponseEnc(BlockEncryptionAlgorithm.A256CBC_PLUS_HS512);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setGrantTypes(grantTypes);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
String clientId = response.getClientId();
String clientSecret = response.getClientSecret();
// 2. Request authorization
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setUsername(userId);
tokenRequest.setPassword(userSecret);
tokenRequest.setScope("openid");
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
assertNotNull(tokenResponse.getEntity(), "The entity is null");
assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse.getTokenType(), "The token type is null");
assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
assertNotNull(tokenResponse.getScope(), "The scope is null");
assertNotNull(tokenResponse.getIdToken(), "The id token is null");
String idToken = tokenResponse.getIdToken();
// 3. Read Encrypted ID Token
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, null);
PrivateKey privateKey = cryptoProvider.getPrivateKey(keyId);
Jwe jwe = Jwe.parse(idToken, privateKey, null);
assertNotNull(jwe.getHeader().getClaimAsString(JwtHeaderName.TYPE));
assertNotNull(jwe.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
assertNotNull(jwe.getClaims().getClaimAsString(JwtClaimName.ISSUER));
assertNotNull(jwe.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
assertNotNull(jwe.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
assertNotNull(jwe.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
assertNotNull(jwe.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(jwe.getClaims().getClaimAsString(JwtClaimName.OX_OPENID_CONNECT_VERSION));
} catch (Exception ex) {
fail(ex.getMessage(), ex);
}
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
PrivateKey(java.security.PrivateKey)
GrantType(org.gluu.oxauth.model.common.GrantType)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
Jwe(org.gluu.oxauth.model.jwe.Jwe)
TokenClient(org.gluu.oxauth.client.TokenClient)
Parameters(org.testng.annotations.Parameters)
Example 82 with TokenClient
use of org.gluu.oxauth.client.TokenClient in project oxAuth by GluuFederation.
the class ResponseTypesRestrictionHttpTest method responseTypesCodeIdToken.
/**
* Registering with the response_types param <code>code, id_token</code>.
*/
@Parameters({ "redirectUris", "userId", "userSecret", "redirectUri", "sectorIdentifierUri" })
@Test
public void responseTypesCodeIdToken(final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("responseTypesCodeIdToken");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
String registrationAccessToken = registerResponse.getRegistrationAccessToken();
String registrationClientUri = registerResponse.getRegistrationClientUri();
// 2. Client read
RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
RegisterClient readClient = new RegisterClient(registrationClientUri);
readClient.setRequest(readClientRequest);
RegisterResponse readClientResponse = readClient.exec();
showClient(readClient);
assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
assertNotNull(readClientResponse.getClientId());
assertNotNull(readClientResponse.getClientSecret());
assertNotNull(readClientResponse.getClientIdIssuedAt());
assertNotNull(readClientResponse.getClientSecretExpiresAt());
assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
// 3. Request authorization
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String state = UUID.randomUUID().toString();
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation(), "The location is null");
assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
assertNotNull(authorizationResponse.getIdToken(), "The id token is null");
assertNotNull(authorizationResponse.getState(), "The state is null");
assertNotNull(authorizationResponse.getScope(), "The scope is null");
String authorizationCode = authorizationResponse.getCode();
String idToken = authorizationResponse.getIdToken();
// 4. Validate code and id_token
Jwt jwt = Jwt.parse(idToken);
assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
RSAPublicKey publicKey = JwkClient.getRSAPublicKey(jwksUri, jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
assertTrue(rsaSigner.validate(jwt));
assertTrue(rsaSigner.validateAuthorizationCode(authorizationCode, jwt));
// 5. Get Access Token
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse1 = tokenClient.exec();
showClient(tokenClient);
assertEquals(tokenResponse1.getStatus(), 200, "Unexpected response code: " + tokenResponse1.getStatus());
assertNotNull(tokenResponse1.getEntity(), "The entity is null");
assertNotNull(tokenResponse1.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse1.getExpiresIn(), "The expires in value is null");
assertNotNull(tokenResponse1.getTokenType(), "The token type is null");
assertNotNull(tokenResponse1.getRefreshToken(), "The refresh token is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
RSAPublicKey(org.gluu.oxauth.model.crypto.signature.RSAPublicKey)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
RSASigner(org.gluu.oxauth.model.jws.RSASigner)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
TokenClient(org.gluu.oxauth.client.TokenClient)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 83 with TokenClient
use of org.gluu.oxauth.client.TokenClient in project oxAuth by GluuFederation.
the class SSOWithMultipleBackendServicesHttpTest method sessionWorkFlow2.
@Parameters({ "redirectUris", "redirectUri", "userInum", "userEmail", "sectorIdentifierUri" })
@Test
public void sessionWorkFlow2(final String redirectUris, final String redirectUri, final String userInum, final String userEmail, final String sectorIdentifierUri) throws Exception {
showTitle("sessionWorkFlow2");
// Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// Authorization code flow to authenticate on B1
String state1 = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest1 = new AuthorizationRequest(Arrays.asList(ResponseType.CODE), clientId, Arrays.asList("openid", "profile", "email"), redirectUri, null);
authorizationRequest1.addCustomParameter("mail", userEmail);
authorizationRequest1.addCustomParameter("inum", userInum);
authorizationRequest1.getPrompts().add(Prompt.NONE);
authorizationRequest1.setState(state1);
authorizationRequest1.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER);
authorizationRequest1.setRequestSessionId(true);
AuthorizationResponse authorizationResponse1 = authorizationRequestAndGrantAccess(authorizationEndpoint, authorizationRequest1);
assertNotNull(authorizationResponse1.getLocation(), "The location is null");
assertNotNull(authorizationResponse1.getCode(), "The authorization code is null");
assertNotNull(authorizationResponse1.getSessionId(), "The session id is null");
assertNotNull(authorizationResponse1.getScope(), "The scope is null");
assertNotNull(authorizationResponse1.getState(), "The state is null");
assertEquals(authorizationRequest1.getState(), state1);
String authorizationCode1 = authorizationResponse1.getCode();
String sessionId = authorizationResponse1.getSessionId();
TokenRequest tokenRequest1 = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest1.setCode(authorizationCode1);
tokenRequest1.setRedirectUri(redirectUri);
tokenRequest1.setAuthUsername(clientId);
tokenRequest1.setAuthPassword(clientSecret);
tokenRequest1.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
tokenClient1.setRequest(tokenRequest1);
TokenResponse tokenResponse1 = tokenClient1.exec();
showClient(tokenClient1);
assertEquals(tokenResponse1.getStatus(), 200, "Unexpected response code: " + tokenResponse1.getStatus());
assertNotNull(tokenResponse1.getEntity(), "The entity is null");
assertNotNull(tokenResponse1.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse1.getExpiresIn(), "The expires in value is null");
assertNotNull(tokenResponse1.getTokenType(), "The token type is null");
assertNotNull(tokenResponse1.getRefreshToken(), "The refresh token is null");
// User wants to authenticate on B2 (without sending its credentials)
String state2 = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest2 = new AuthorizationRequest(Arrays.asList(ResponseType.CODE), clientId, Arrays.asList("openid", "profile", "email"), redirectUri, null);
authorizationRequest2.getPrompts().add(Prompt.NONE);
authorizationRequest2.setState(state2);
authorizationRequest2.setSessionId(sessionId);
AuthorizeClient authorizeClient2 = new AuthorizeClient(authorizationEndpoint);
authorizeClient2.setRequest(authorizationRequest2);
AuthorizationResponse authorizationResponse2 = authorizeClient2.exec();
showClient(authorizeClient2);
assertEquals(authorizationResponse2.getStatus(), 302, "Unexpected response code: " + authorizationResponse2.getStatus());
assertNotNull(authorizationResponse2.getLocation(), "The location is null");
assertNotNull(authorizationResponse2.getCode(), "The authorization code is null");
assertNotNull(authorizationResponse2.getScope(), "The scope is null");
assertNotNull(authorizationResponse2.getState(), "The state is null");
assertEquals(authorizationResponse2.getState(), state2);
String authorizationCode2 = authorizationResponse2.getCode();
TokenRequest tokenRequest2 = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest2.setCode(authorizationCode2);
tokenRequest2.setRedirectUri(redirectUri);
tokenRequest2.setAuthUsername(clientId);
tokenRequest2.setAuthPassword(clientSecret);
tokenRequest2.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
tokenClient2.setRequest(tokenRequest2);
TokenResponse tokenResponse2 = tokenClient2.exec();
showClient(tokenClient2);
assertEquals(tokenResponse2.getStatus(), 200, "Unexpected response code: " + tokenResponse2.getStatus());
assertNotNull(tokenResponse2.getEntity(), "The entity is null");
assertNotNull(tokenResponse2.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse2.getExpiresIn(), "The expires in value is null");
assertNotNull(tokenResponse2.getTokenType(), "The token type is null");
assertNotNull(tokenResponse2.getRefreshToken(), "The refresh token is null");
// User wants to authenticate on B3 (without sending its credentials)
String state3 = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest3 = new AuthorizationRequest(Arrays.asList(ResponseType.CODE), clientId, Arrays.asList("openid", "profile", "email"), redirectUri, null);
authorizationRequest3.getPrompts().add(Prompt.NONE);
authorizationRequest3.setState(state3);
authorizationRequest3.setSessionId(sessionId);
AuthorizeClient authorizeClient3 = new AuthorizeClient(authorizationEndpoint);
authorizeClient3.setRequest(authorizationRequest3);
AuthorizationResponse authorizationResponse3 = authorizeClient3.exec();
showClient(authorizeClient3);
assertEquals(authorizationResponse3.getStatus(), 302, "Unexpected response code: " + authorizationResponse3.getStatus());
assertNotNull(authorizationResponse3.getLocation(), "The location is null");
assertNotNull(authorizationResponse3.getCode(), "The authorization code is null");
assertNotNull(authorizationResponse3.getScope(), "The scope is null");
assertNotNull(authorizationResponse3.getState(), "The state is null");
assertEquals(authorizationResponse3.getState(), state3);
String authorizationCode3 = authorizationResponse3.getCode();
TokenRequest tokenRequest3 = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest3.setCode(authorizationCode3);
tokenRequest3.setRedirectUri(redirectUri);
tokenRequest3.setAuthUsername(clientId);
tokenRequest3.setAuthPassword(clientSecret);
tokenRequest3.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
TokenClient tokenClient3 = new TokenClient(tokenEndpoint);
tokenClient3.setRequest(tokenRequest3);
TokenResponse tokenResponse3 = tokenClient3.exec();
showClient(tokenClient3);
assertEquals(tokenResponse3.getStatus(), 200, "Unexpected response code: " + tokenResponse3.getStatus());
assertNotNull(tokenResponse3.getEntity(), "The entity is null");
assertNotNull(tokenResponse3.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse3.getExpiresIn(), "The expires in value is null");
assertNotNull(tokenResponse3.getTokenType(), "The token type is null");
assertNotNull(tokenResponse3.getRefreshToken(), "The refresh token is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
TokenClient(org.gluu.oxauth.client.TokenClient)
AuthorizeClient(org.gluu.oxauth.client.AuthorizeClient)
AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 84 with TokenClient
use of org.gluu.oxauth.client.TokenClient in project oxAuth by GluuFederation.
the class MTSLClientAuthenticationTest method main.
public static void main(String[] args) throws Exception {
File jdkJks = new File("u:\\tmp\\ce-ob\\clientkeystore");
if (!jdkJks.exists()) {
throw new RuntimeException("Failed to find jks trust store");
}
File certificate = new File("u:\\tmp\\ce-ob\\fullchain.p12");
if (!certificate.exists()) {
throw new RuntimeException("Failed to find certificate");
}
HttpClient httpclient = new DefaultHttpClient();
// truststore
KeyStore ts = KeyStore.getInstance("JKS", "SUN");
ts.load(new FileInputStream(jdkJks), "secret".toCharArray());
// if you remove me, you've got 'javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated' on missing truststore
if (0 == ts.size())
throw new IOException("Error loading truststore");
// tmf
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ts);
// keystore
KeyStore ks = KeyStore.getInstance("PKCS12", "SunJSSE");
ks.load(new FileInputStream(certificate), "".toCharArray());
// if you remove me, you've got 'javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated' on missing keystore
if (0 == ks.size())
throw new IOException("Error loading keystore");
// kmf
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, "".toCharArray());
// SSL
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
// socket
SSLSocketFactory socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
Scheme sch = new Scheme("https", 443, socketFactory);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
String clientId = "@!D445.22BF.5EF1.0D87!0001!03F2.297D!0008!F599.E2C7";
String clientSecret = "testClientSecret";
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode("testCode");
tokenRequest.setRedirectUri("https://ce-ob.gluu.org/cas/login");
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.TLS_CLIENT_AUTH);
TokenClient tokenClient = new TokenClient("https://ce-ob.gluu.org/oxauth/restv1/token");
tokenClient.setExecutor(new ApacheHttpClient43Engine(httpclient));
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
System.out.println(tokenResponse);
showClient(tokenClient);
}
Also used :
Scheme(org.apache.http.conn.scheme.Scheme)
IOException(java.io.IOException)
SSLContext(javax.net.ssl.SSLContext)
KeyStore(java.security.KeyStore)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
FileInputStream(java.io.FileInputStream)
ApacheHttpClient43Engine(org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
HttpClient(org.apache.http.client.HttpClient)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)
File(java.io.File)
TokenClient(org.gluu.oxauth.client.TokenClient)
Example 85 with TokenClient
use of org.gluu.oxauth.client.TokenClient in project oxAuth by GluuFederation.
the class CanMakeAccessTokenRequestWithClientSecretBasicAuthentication method canMakeAccessTokenRequestWithClientSecretBasicAuthentication.
@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "sectorIdentifierUri" })
@Test
public void canMakeAccessTokenRequestWithClientSecretBasicAuthentication(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception {
showTitle("OC5:FeatureTest-Can Make Access Token Request with client secret basic Authentication");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
authorizationRequest.setState(state);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation());
assertNotNull(authorizationResponse.getCode());
assertNotNull(authorizationResponse.getState());
String authorizationCode = authorizationResponse.getCode();
// 3. Get Access Token
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
assertNotNull(tokenResponse.getEntity(), "The entity is null");
assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
assertNotNull(tokenResponse.getTokenType(), "The token type is null");
assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
TokenClient(org.gluu.oxauth.client.TokenClient)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
TokenClient (org.gluu.oxauth.client.TokenClient)257
TokenResponse (org.gluu.oxauth.client.TokenResponse)256
Parameters (org.testng.annotations.Parameters)242
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)238
BaseTest (org.gluu.oxauth.BaseTest)237
Test (org.testng.annotations.Test)237
TokenRequest (org.gluu.oxauth.client.TokenRequest)235
RegisterClient (org.gluu.oxauth.client.RegisterClient)222
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)222
ResponseType (org.gluu.oxauth.model.common.ResponseType)176
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)172
AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)159
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)150
GrantType (org.gluu.oxauth.model.common.GrantType)53
UserInfoResponse (org.gluu.oxauth.client.UserInfoResponse)40
UserInfoClient (org.gluu.oxauth.client.UserInfoClient)38
Jwt (org.gluu.oxauth.model.jwt.Jwt)32
RSAPublicKey (org.gluu.oxauth.model.crypto.signature.RSAPublicKey)24
RSASigner (org.gluu.oxauth.model.jws.RSASigner)24
ClientInfoClient (org.gluu.oxauth.client.ClientInfoClient)16
