Example 61 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class UserInfoRestWebServiceHttpTest method requestUserInfoAdditionalClaims.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestUserInfoAdditionalClaims(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("requestUserInfoAdditionalClaims");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
// 1. Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setGrantTypes(grantTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setSubjectType(SubjectType.PAIRWISE);
registerRequest.setClaims(Arrays.asList("iname", "o"));
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
jwtAuthorizationRequest.addUserInfoClaim(new Claim("invalid", ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim("iname", ClaimValue.createNull()));
// jwtAuthorizationRequest.addUserInfoClaim(new Claim("gluuStatus", ClaimValue.createEssential(true)));
// jwtAuthorizationRequest.addUserInfoClaim(new Claim("gluuWhitePagesListed", ClaimValue.createEssential(true)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim("o", ClaimValue.createEssential(true)));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation(), "The location is null");
assertNotNull(authorizationResponse.getAccessToken(), "The access token is null");
assertNotNull(authorizationResponse.getState(), "The state is null");
assertNotNull(authorizationResponse.getTokenType(), "The token type is null");
assertNotNull(authorizationResponse.getExpiresIn(), "The expires in value is null");
assertNotNull(authorizationResponse.getScope(), "The scope must be null");
String accessToken = authorizationResponse.getAccessToken();
// 3. Request user info (AUTHORIZATION_REQUEST_HEADER_FIELD)
UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
userInfoRequest.setAuthorizationMethod(AuthorizationMethod.AUTHORIZATION_REQUEST_HEADER_FIELD);
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
userInfoClient.setRequest(userInfoRequest);
UserInfoResponse userInfoResponse = userInfoClient.exec();
showClient(userInfoClient);
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(userInfoResponse.getClaim(JwtClaimName.LOCALE));
// Custom Claims
assertNotNull(userInfoResponse.getClaim("iname"), "Unexpected result: iname not found");
// assertNotNull(response2.getClaim("gluuStatus"), "Unexpected result: gluuStatus not found");
// assertNotNull(response2.getClaim("gluuWhitePagesListed"), "Unexpected result: gluuWhitePagesListed not found");
assertNotNull(userInfoResponse.getClaim("o"), "Unexpected result: organization not found");
// 4. Request user info (FORM_ENCODED_BODY_PARAMETER)
UserInfoRequest userInfoRequest2 = new UserInfoRequest(accessToken);
userInfoRequest2.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER);
UserInfoClient userInfoClient2 = new UserInfoClient(userInfoEndpoint);
userInfoClient2.setRequest(userInfoRequest2);
UserInfoResponse response3 = userInfoClient2.exec();
showClient(userInfoClient2);
assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(response3.getClaim(JwtClaimName.NAME));
assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
// 5. Request user info (URL_QUERY_PARAMETER)
UserInfoRequest userInfoRequest3 = new UserInfoRequest(accessToken);
userInfoRequest3.setAuthorizationMethod(AuthorizationMethod.URL_QUERY_PARAMETER);
UserInfoClient userInfoClient3 = new UserInfoClient(userInfoEndpoint);
userInfoClient3.setRequest(userInfoRequest3);
UserInfoResponse response4 = userInfoClient3.exec();
showClient(userInfoClient3);
assertEquals(response4.getStatus(), 200, "Unexpected response code: " + response4.getStatus());
assertNotNull(response4.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(response4.getClaim(JwtClaimName.NAME));
assertNotNull(response4.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(response4.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(response4.getClaim(JwtClaimName.EMAIL));
assertNotNull(response4.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(response4.getClaim(JwtClaimName.LOCALE));
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
GrantType(org.gluu.oxauth.model.common.GrantType)
UserInfoRequest(org.gluu.oxauth.client.UserInfoRequest)
UserInfoClient(org.gluu.oxauth.client.UserInfoClient)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
UserInfoResponse(org.gluu.oxauth.client.UserInfoResponse)
Claim(org.gluu.oxauth.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 62 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class UserInfoRestWebServiceHttpTest method requestUserInfoDynamicScopesPasswordFlow.
@Parameters({ "userId", "userSecret", "redirectUris", "sectorIdentifierUri" })
@Test
public void requestUserInfoDynamicScopesPasswordFlow(final String userId, final String userSecret, final String redirectUris, final String sectorIdentifierUri) {
showTitle("requestUserInfoDynamicScopesPasswordFlow");
List<ResponseType> responseTypes = new ArrayList<ResponseType>();
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, grantTypes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
String username = userId;
String password = userSecret;
String scope = "openid profile address email org_name work_phone";
TokenClient tokenClient = new TokenClient(tokenEndpoint);
TokenResponse response1 = tokenClient.execResourceOwnerPasswordCredentialsGrant(username, password, scope, clientId, clientSecret);
showClient(tokenClient);
assertEquals(response1.getStatus(), 200, "Unexpected response code: " + response1.getStatus());
assertNotNull(response1.getEntity(), "The entity is null");
assertNotNull(response1.getAccessToken(), "The access token is null");
assertNotNull(response1.getTokenType(), "The token type is null");
assertNotNull(response1.getScope(), "The scope is null");
String accessToken = response1.getAccessToken();
// 3. Request user info
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
UserInfoResponse response2 = userInfoClient.execUserInfo(accessToken);
showClient(userInfoClient);
assertEquals(response2.getStatus(), 200, "Unexpected response code: " + response2.getStatus());
assertNotNull(response2.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(response2.getClaim(JwtClaimName.NAME));
assertNotNull(response2.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(response2.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(response2.getClaim(JwtClaimName.EMAIL));
assertNotNull(response2.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(response2.getClaim(JwtClaimName.LOCALE));
assertNotNull(response2.getClaim("org_name"));
assertNotNull(response2.getClaim("work_phone"));
}
Also used :
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
ArrayList(java.util.ArrayList)
GrantType(org.gluu.oxauth.model.common.GrantType)
UserInfoResponse(org.gluu.oxauth.client.UserInfoResponse)
TokenClient(org.gluu.oxauth.client.TokenClient)
UserInfoClient(org.gluu.oxauth.client.UserInfoClient)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 63 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class UserInfoRestWebServiceHttpTest method requestUserInfoWithNotAllowedScopeImplicitFlow.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void requestUserInfoWithNotAllowedScopeImplicitFlow(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) {
showTitle("requestUserInfoWithNotAllowedScopeImplicitFlow");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
// 1. Register client
RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, grantTypes, sectorIdentifierUri);
String clientId = registerResponse.getClientId();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "mobile_phone");
AuthorizationResponse response1 = requestAuthorization(userId, userSecret, redirectUri, responseTypes, clientId, scopes);
String accessToken = response1.getAccessToken();
// 3. Request user info
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
UserInfoResponse response2 = userInfoClient.execUserInfo(accessToken);
showClient(userInfoClient);
assertEquals(response2.getStatus(), 200, "Unexpected response code: " + response2.getStatus());
assertNotNull(response2.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(response2.getClaim(JwtClaimName.NAME));
assertNotNull(response2.getClaim(JwtClaimName.GIVEN_NAME));
assertNotNull(response2.getClaim(JwtClaimName.FAMILY_NAME));
assertNotNull(response2.getClaim(JwtClaimName.EMAIL));
assertNotNull(response2.getClaim(JwtClaimName.ZONEINFO));
assertNotNull(response2.getClaim(JwtClaimName.LOCALE));
assertNotNull(response2.getClaim(JwtClaimName.ADDRESS));
assertNull(response2.getClaim("phone_mobile_number"));
}
Also used :
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
GrantType(org.gluu.oxauth.model.common.GrantType)
UserInfoResponse(org.gluu.oxauth.client.UserInfoResponse)
UserInfoClient(org.gluu.oxauth.client.UserInfoClient)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 64 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class TokenRestWebServiceHttpTest method requestAccessTokenWithClientSecretJwtRS256.
@Parameters({ "userId", "userSecret", "redirectUris", "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri" })
@Test
public void requestAccessTokenWithClientSecretJwtRS256(final String userId, final String userSecret, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
showTitle("requestAccessTokenWithClientSecretJwtRS256");
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
// 1. Dynamic Client Registration
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setGrantTypes(grantTypes);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setUsername(userId);
tokenRequest.setPassword(userSecret);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
tokenRequest.setCryptoProvider(cryptoProvider);
tokenRequest.setKeyId(keyId);
tokenRequest.setAudience(tokenEndpoint);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
assertNotNull(tokenResponse.getEntity(), "The entity is null");
assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse.getTokenType(), "The token type is null");
}
Also used :
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
GrantType(org.gluu.oxauth.model.common.GrantType)
TokenClient(org.gluu.oxauth.client.TokenClient)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 65 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class TokenRestWebServiceHttpTest method requestAccessTokenPasswordFail.
@Parameters({ "userId", "userSecret", "redirectUris", "sectorIdentifierUri" })
@Test
public void requestAccessTokenPasswordFail(final String userId, final String userSecret, final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("requestAccessTokenPasswordFail");
List<ResponseType> responseTypes = new ArrayList<ResponseType>();
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setGrantTypes(grantTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request Resource Owner Credentials Grant
String username = userId;
String password = "BAD_PASSWORD";
TokenClient tokenClient = new TokenClient(tokenEndpoint);
TokenResponse tokenResponse = tokenClient.execResourceOwnerPasswordCredentialsGrant(username, password, null, clientId, clientSecret);
showClient(tokenClient);
assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
assertNotNull(tokenResponse.getEntity(), "The entity is null");
assertNotNull(tokenResponse.getErrorType(), "The error type is null");
assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
ArrayList(java.util.ArrayList)
GrantType(org.gluu.oxauth.model.common.GrantType)
TokenClient(org.gluu.oxauth.client.TokenClient)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
GrantType (org.gluu.oxauth.model.common.GrantType)90
Parameters (org.testng.annotations.Parameters)85
BaseTest (org.gluu.oxauth.BaseTest)81
Test (org.testng.annotations.Test)81
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)71
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)64
RegisterClient (org.gluu.oxauth.client.RegisterClient)55
TokenClient (org.gluu.oxauth.client.TokenClient)53
TokenResponse (org.gluu.oxauth.client.TokenResponse)53
TokenRequest (org.gluu.oxauth.client.TokenRequest)46
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)38
ResponseType (org.gluu.oxauth.model.common.ResponseType)24
Builder (javax.ws.rs.client.Invocation.Builder)23
Response (javax.ws.rs.core.Response)23
ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)23
JSONException (org.json.JSONException)23
JSONObject (org.json.JSONObject)21
ClientInfoClient (org.gluu.oxauth.client.ClientInfoClient)16
ClientInfoResponse (org.gluu.oxauth.client.ClientInfoResponse)16
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)11
