use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.
the class TTokenRequest method requestToken.
private void requestToken(final String tokenPath, final String umaClientId, final String umaClientSecret, final String umaRedirectUri) throws Exception {
if (token == null || StringUtils.isBlank(token.getAuthorizationCode())) {
throw new IllegalArgumentException("Authorization code is not initialized.");
}
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(token.getAuthorizationCode());
tokenRequest.setRedirectUri(umaRedirectUri);
tokenRequest.setAuthUsername(umaClientId);
tokenRequest.setAuthPassword(umaClientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
tokenRequest.setScope(token.getScope());
Builder request = ResteasyClientBuilder.newClient().target(baseUri.toString() + tokenPath).request();
request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
BaseTest.showResponse("TTokenClient.requestToken() :", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code.");
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
assertTrue(jsonObj.has("refresh_token"), "Unexpected result: refresh_token not found");
// assertTrue(jsonObj.has("id_token"), "Unexpected result: id_token
// not found");
String accessToken = jsonObj.getString("access_token");
String refreshToken = jsonObj.getString("refresh_token");
// String idToken = jsonObj.getString("id_token");
token.setAccessToken(accessToken);
token.setRefreshToken(refreshToken);
// m_token.setIdToken(idToken);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
}
use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.
the class TokenRestWebServiceEmbeddedTest method requestAccessTokenClientCredentials.
@Parameters({ "tokenPath" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAccessTokenClientCredentials(final String tokenPath) throws Exception {
// Testing with valid parameters
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
tokenRequest.setScope("email read_stream manage_pages");
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
showResponse("requestAccessTokenClientCredentials", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code.");
assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.
the class TokenRestWebServiceEmbeddedTest method requestAccessTokenWithClientSecretJwtFail.
@Parameters({ "tokenPath", "userId", "userSecret", "audience" })
@Test
public void requestAccessTokenWithClientSecretJwtFail(final String tokenPath, final String userId, final String userSecret, final String audience) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setUsername(userId);
tokenRequest.setPassword(userSecret);
tokenRequest.setScope("email read_stream manage_pages");
tokenRequest.setAuthPassword("INVALID_SECRET");
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
tokenRequest.setAudience(audience);
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
showResponse("requestAccessTokenWithClientSecretJwt Fail", response, entity);
assertEquals(response.getStatus(), 401, "Unexpected response code.");
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("error"), "The error type is null");
assertTrue(jsonObj.has("error_description"), "The error description is null");
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.
the class TokenRestWebServiceEmbeddedTest method refreshingAccessTokenFail.
@Parameters({ "tokenPath" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void refreshingAccessTokenFail(final String tokenPath) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
TokenRequest tokenRequest = new TokenRequest(GrantType.REFRESH_TOKEN);
tokenRequest.setRefreshToken("tGzv3JOkF0XG5Qx2TlKWIA");
tokenRequest.setScope("email read_stream manage_pages");
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
showResponse("refreshingAccessTokenFail", response, entity);
assertEquals(response.getStatus(), 400, "Unexpected response code.");
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("error"), "The error type is null");
assertTrue(jsonObj.has("error_description"), "The error description is null");
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.
the class TokenRestWebServiceWithHSAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtHS512Step2.
@Parameters({ "tokenPath", "userId", "userSecret", "audience" })
@Test(dependsOnMethods = "requestAccessTokenWithClientSecretJwtHS512Step1")
public void requestAccessTokenWithClientSecretJwtHS512Step2(final String tokenPath, final String userId, final String userSecret, final String audience) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setUsername(userId);
tokenRequest.setPassword(userSecret);
tokenRequest.setScope("email read_stream manage_pages");
tokenRequest.setAuthUsername(clientId3);
tokenRequest.setAuthPassword(clientSecret3);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
tokenRequest.setCryptoProvider(cryptoProvider);
tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
tokenRequest.setAudience(audience);
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
showResponse("requestAccessTokenWithClientSecretJwtHS512Step2", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code.");
assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
} catch (Exception e) {
fail(e.getMessage(), e);
}
}
Aggregations