use of org.gluu.oxauth.client.UserInfoClient in project oxAuth by GluuFederation.
the class UserInfoRestWebServiceHttpTest method requestUserInfoES256.
@Parameters({ "redirectUris", "redirectUri", "userId", "userSecret", "sectorIdentifierUri" })
@Test
public void requestUserInfoES256(final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) {
showTitle("requestUserInfoES256");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Dynamic Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setUserInfoSignedResponseAlg(SignatureAlgorithm.ES256);
registerRequest.setSubjectType(SubjectType.PAIRWISE);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, clientId);
String accessToken = authorizationResponse.getAccessToken();
// 3. Request user info
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setJwksUri(jwksUri);
UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ISSUER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.AUDIENCE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PICTURE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.LOCALE));
}
use of org.gluu.oxauth.client.UserInfoClient in project oxAuth by GluuFederation.
the class UserInfoRestWebServiceHttpTest method claimsRequestWithEssentialNameClaim.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "postLogoutRedirectUri" })
@Test
public void claimsRequestWithEssentialNameClaim(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri, final String clientJwksUri, final String postLogoutRedirectUri) throws Exception {
showTitle("claimsRequestWithEssentialNameClaim");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<GrantType> grantTypes = Arrays.asList(GrantType.AUTHORIZATION_CODE);
// 1. Dynamic Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setGrantTypes(grantTypes);
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setPostLogoutRedirectUris(Arrays.asList(postLogoutRedirectUri));
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setSubjectType(SubjectType.PAIRWISE);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
JSONObject claimsObj = new JSONObject();
UserInfoMember userInfoMember = new UserInfoMember();
userInfoMember.getClaims().add(new Claim("name", ClaimValue.createEssential(true)));
claimsObj.put("userinfo", userInfoMember.toJSONObject());
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.setClaims(claimsObj);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation());
assertNotNull(authorizationResponse.getCode());
assertNotNull(authorizationResponse.getState());
assertNotNull(authorizationResponse.getScope());
String authorizationCode = authorizationResponse.getCode();
// 3. Request access token using the authorization code.
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
assertNotNull(tokenResponse.getEntity(), "The entity is null");
assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
assertNotNull(tokenResponse.getTokenType(), "The token type is null");
assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
String accessToken = tokenResponse.getAccessToken();
// 4. Request user info
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
}
use of org.gluu.oxauth.client.UserInfoClient in project oxAuth by GluuFederation.
the class UserInfoRestWebServiceHttpTest method requestUserInfoDynamicScopesImplicitFlow.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestUserInfoDynamicScopesImplicitFlow(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) {
showTitle("requestUserInfoDynamicScopesImplicitFlow");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "org_name", "work_phone");
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, grantTypes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
// 2. Request authorization
AuthorizationResponse response1 = requestAuthorization(userId, userSecret, redirectUri, responseTypes, clientId, scopes);
String accessToken = response1.getAccessToken();
// 3. Request user info
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
UserInfoResponse response2 = userInfoClient.execUserInfo(accessToken);
showClient(userInfoClient);
assertEquals(response2.getStatus(), 200, "Unexpected response code: " + response2.getStatus());
assertNotNull(response2.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(response2.getClaim(JwtClaimName.NAME));
assertNotNull(response2.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(response2.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(response2.getClaim(JwtClaimName.EMAIL));
assertNotNull(response2.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(response2.getClaim(JwtClaimName.LOCALE));
assertNotNull(response2.getClaim(JwtClaimName.ADDRESS));
assertNotNull(response2.getClaim("org_name"));
assertNotNull(response2.getClaim("work_phone"));
}
use of org.gluu.oxauth.client.UserInfoClient in project oxAuth by GluuFederation.
the class TokenRevocationTest method requestTokenRevocationFail2.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestTokenRevocationFail2(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) {
showTitle("requestTokenRevocationFail2");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization and receive the authorization code.
String nonce = UUID.randomUUID().toString();
AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
String authorizationCode = authorizationResponse.getCode();
// 3. Request access token using the authorization code.
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
assertNotNull(tokenResponse.getEntity(), "The entity is null");
assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
assertNotNull(tokenResponse.getTokenType(), "The token type is null");
assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
String accessToken = tokenResponse.getAccessToken();
// 4. Request refresh token revocation: Invalid tokens do not cause an error.
TokenRevocationRequest tokenRevocationRequest = new TokenRevocationRequest();
tokenRevocationRequest.setToken("INVALID_ACCESS_TOKEN");
tokenRevocationRequest.setTokenTypeHint(TokenTypeHint.ACCESS_TOKEN);
tokenRevocationRequest.setAuthUsername(clientId);
tokenRevocationRequest.setAuthPassword(clientSecret);
TokenRevocationClient tokenRevocationClient = new TokenRevocationClient(tokenRevocationEndpoint);
tokenRevocationClient.setRequest(tokenRevocationRequest);
TokenRevocationResponse tokenRevocationResponse = tokenRevocationClient.exec();
showClient(tokenRevocationClient);
assertEquals(tokenRevocationResponse.getStatus(), 200, "Unexpected response code: " + tokenRevocationResponse.getStatus());
// 5. Request user info
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.BIRTHDATE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.GENDER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.MIDDLE_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NICKNAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PICTURE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PREFERRED_USERNAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PROFILE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.WEBSITE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL_VERIFIED));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.LOCALE));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.USER_NAME));
assertNull(userInfoResponse.getClaim("org_name"));
assertNull(userInfoResponse.getClaim("work_phone"));
}
use of org.gluu.oxauth.client.UserInfoClient in project oxAuth by GluuFederation.
the class TokenRevocationTest method requestTokenRevocation_withPublicClient.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestTokenRevocation_withPublicClient(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) {
showTitle("requestTokenRevocation_withPublicClient");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN, ResponseType.TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
// 1. Register client
RegisterResponse registerResponse = registerPublicClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
// 2. Request authorization and receive the authorization code.
String nonce = UUID.randomUUID().toString();
AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);
String accessToken = authorizationResponse.getAccessToken();
// 3. Request user info
UserInfoClient userInfoClient1 = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse1 = userInfoClient1.execUserInfo(accessToken);
showClient(userInfoClient1);
assertEquals(userInfoResponse1.getStatus(), 200, "Unexpected response code: " + userInfoResponse1.getStatus());
assertNotNull(userInfoResponse1.getClaim(JwtClaimName.NAME));
// 4. Request token revocation
TokenRevocationRequest revocationRequest = new TokenRevocationRequest();
revocationRequest.setToken(accessToken);
revocationRequest.setTokenTypeHint(TokenTypeHint.ACCESS_TOKEN);
revocationRequest.setAuthUsername(clientId);
TokenRevocationClient revocationClient = new TokenRevocationClient(tokenRevocationEndpoint);
revocationClient.setRequest(revocationRequest);
TokenRevocationResponse revocationResponse = revocationClient.exec();
showClient(revocationClient);
assertEquals(revocationResponse.getStatus(), 200, "Unexpected response code: " + revocationResponse.getStatus());
// 5. Request user info with the revoked access token should fail
UserInfoClient userInfoClient2 = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse2 = userInfoClient2.execUserInfo(accessToken);
showClient(userInfoClient2);
assertEquals(userInfoResponse2.getStatus(), 401, "Unexpected response code: " + userInfoResponse2.getStatus());
assertNotNull(userInfoResponse2.getErrorType(), "Unexpected result: errorType not found");
assertNotNull(userInfoResponse2.getErrorDescription(), "Unexpected result: errorDescription not found");
}
Aggregations