Search in sources :

Example 1 with TokenRequest

use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.

the class TTokenRequest method requestToken.

private void requestToken(final String tokenPath, final String umaClientId, final String umaClientSecret, final String umaRedirectUri) throws Exception {
    if (token == null || StringUtils.isBlank(token.getAuthorizationCode())) {
        throw new IllegalArgumentException("Authorization code is not initialized.");
    }
    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(token.getAuthorizationCode());
    tokenRequest.setRedirectUri(umaRedirectUri);
    tokenRequest.setAuthUsername(umaClientId);
    tokenRequest.setAuthPassword(umaClientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    tokenRequest.setScope(token.getScope());
    Builder request = ResteasyClientBuilder.newClient().target(baseUri.toString() + tokenPath).request();
    request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);
    BaseTest.showResponse("TTokenClient.requestToken() :", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code.");
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
        assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
        assertTrue(jsonObj.has("refresh_token"), "Unexpected result: refresh_token not found");
        // assertTrue(jsonObj.has("id_token"), "Unexpected result: id_token
        // not found");
        String accessToken = jsonObj.getString("access_token");
        String refreshToken = jsonObj.getString("refresh_token");
        // String idToken = jsonObj.getString("id_token");
        token.setAccessToken(accessToken);
        token.setRefreshToken(refreshToken);
    // m_token.setIdToken(idToken);
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    } catch (Exception e) {
        e.printStackTrace();
        fail(e.getMessage());
    }
}
Also used : RPTResponse(org.gluu.oxauth.model.uma.RPTResponse) RptIntrospectionResponse(org.gluu.oxauth.model.uma.RptIntrospectionResponse) Response(javax.ws.rs.core.Response) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) TokenRequest(org.gluu.oxauth.client.TokenRequest) JSONException(org.json.JSONException) JSONException(org.json.JSONException) IOException(java.io.IOException)

Example 2 with TokenRequest

use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.

the class TokenRestWebServiceEmbeddedTest method requestAccessTokenClientCredentials.

@Parameters({ "tokenPath" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAccessTokenClientCredentials(final String tokenPath) throws Exception {
    // Testing with valid parameters
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
    TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
    tokenRequest.setScope("email read_stream manage_pages");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenClientCredentials", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code.");
    assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
    assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
        assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
        assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : RegisterResponse(org.gluu.oxauth.client.RegisterResponse) Response(javax.ws.rs.core.Response) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) TokenRequest(org.gluu.oxauth.client.TokenRequest) JSONException(org.json.JSONException) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 3 with TokenRequest

use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.

the class TokenRestWebServiceEmbeddedTest method requestAccessTokenWithClientSecretJwtFail.

@Parameters({ "tokenPath", "userId", "userSecret", "audience" })
@Test
public void requestAccessTokenWithClientSecretJwtFail(final String tokenPath, final String userId, final String userSecret, final String audience) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");
    tokenRequest.setAuthPassword("INVALID_SECRET");
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    tokenRequest.setAudience(audience);
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenWithClientSecretJwt Fail", response, entity);
    assertEquals(response.getStatus(), 401, "Unexpected response code.");
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("error"), "The error type is null");
        assertTrue(jsonObj.has("error_description"), "The error description is null");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : RegisterResponse(org.gluu.oxauth.client.RegisterResponse) Response(javax.ws.rs.core.Response) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) TokenRequest(org.gluu.oxauth.client.TokenRequest) JSONException(org.json.JSONException) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 4 with TokenRequest

use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.

the class TokenRestWebServiceEmbeddedTest method refreshingAccessTokenFail.

@Parameters({ "tokenPath" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void refreshingAccessTokenFail(final String tokenPath) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
    TokenRequest tokenRequest = new TokenRequest(GrantType.REFRESH_TOKEN);
    tokenRequest.setRefreshToken("tGzv3JOkF0XG5Qx2TlKWIA");
    tokenRequest.setScope("email read_stream manage_pages");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);
    showResponse("refreshingAccessTokenFail", response, entity);
    assertEquals(response.getStatus(), 400, "Unexpected response code.");
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("error"), "The error type is null");
        assertTrue(jsonObj.has("error_description"), "The error description is null");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : RegisterResponse(org.gluu.oxauth.client.RegisterResponse) Response(javax.ws.rs.core.Response) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) TokenRequest(org.gluu.oxauth.client.TokenRequest) JSONException(org.json.JSONException) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 5 with TokenRequest

use of org.gluu.oxauth.client.TokenRequest in project oxAuth by GluuFederation.

the class TokenRestWebServiceWithHSAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtHS512Step2.

@Parameters({ "tokenPath", "userId", "userSecret", "audience" })
@Test(dependsOnMethods = "requestAccessTokenWithClientSecretJwtHS512Step1")
public void requestAccessTokenWithClientSecretJwtHS512Step2(final String tokenPath, final String userId, final String userSecret, final String audience) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
    OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");
    tokenRequest.setAuthUsername(clientId3);
    tokenRequest.setAuthPassword(clientSecret3);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
    tokenRequest.setAudience(audience);
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenWithClientSecretJwtHS512Step2", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code.");
    assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
    assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
        assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
        assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}
Also used : OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider) Response(javax.ws.rs.core.Response) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) TokenRequest(org.gluu.oxauth.client.TokenRequest) JSONException(org.json.JSONException) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Aggregations

TokenRequest (org.gluu.oxauth.client.TokenRequest)281 Parameters (org.testng.annotations.Parameters)265 BaseTest (org.gluu.oxauth.BaseTest)264 Test (org.testng.annotations.Test)264 TokenClient (org.gluu.oxauth.client.TokenClient)235 TokenResponse (org.gluu.oxauth.client.TokenResponse)235 RegisterResponse (org.gluu.oxauth.client.RegisterResponse)230 RegisterClient (org.gluu.oxauth.client.RegisterClient)212 RegisterRequest (org.gluu.oxauth.client.RegisterRequest)212 OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)171 AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)167 ResponseType (org.gluu.oxauth.model.common.ResponseType)165 AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)154 GrantType (org.gluu.oxauth.model.common.GrantType)46 JSONObject (org.json.JSONObject)41 Builder (javax.ws.rs.client.Invocation.Builder)40 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)40 Response (javax.ws.rs.core.Response)40 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)40 JSONException (org.json.JSONException)40