Search in sources :

Example 16 with GrantType

use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.

the class TokenRestWebServiceWithESAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtES512X509CertStep1.

@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestAccessTokenWithClientSecretJwtES512X509CertStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    registerRequest.setGrantTypes(grantTypes);
    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenWithClientSecretJwtES512X509CertStep1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId6 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret6 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.gluu.oxauth.client.RegisterRequest) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.json.JSONException) GrantType(org.gluu.oxauth.model.common.GrantType) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 17 with GrantType

use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.

the class TokenRestWebServiceWithESAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtES512Step1.

@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestAccessTokenWithClientSecretJwtES512Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    registerRequest.setGrantTypes(grantTypes);
    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenWithClientSecretJwtES384Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.gluu.oxauth.client.RegisterRequest) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.json.JSONException) GrantType(org.gluu.oxauth.model.common.GrantType) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 18 with GrantType

use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.

the class TokenRestWebServiceWithESAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtES384Step1.

@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestAccessTokenWithClientSecretJwtES384Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    registerRequest.setGrantTypes(grantTypes);
    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenWithClientSecretJwtES384Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret2 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.gluu.oxauth.client.RegisterRequest) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.json.JSONException) GrantType(org.gluu.oxauth.model.common.GrantType) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 19 with GrantType

use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.

the class TokenRestWebServiceWithRSAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtRS512Step1.

@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestAccessTokenWithClientSecretJwtRS512Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    registerRequest.setGrantTypes(grantTypes);
    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenWithClientSecretJwtRS512Step1", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
        clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) RegisterRequest(org.gluu.oxauth.client.RegisterRequest) JSONObject(org.json.JSONObject) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) JSONException(org.json.JSONException) GrantType(org.gluu.oxauth.model.common.GrantType) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Example 20 with GrantType

use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.

the class TokenBindingHttpTest method tokenBindingWithImplicitFlow.

@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void tokenBindingWithImplicitFlow(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("tokenBindingWithImplicitFlow");
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
    List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    // 1. Register client
    RegisterResponse registerResponse = registerClient(redirectUri, responseTypes, grantTypes, sectorIdentifierUri);
    String clientId = registerResponse.getClientId();
    // 2. Request authorization
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, clientId);
    Jwt jwt = Jwt.parse(authorizationResponse.getIdToken());
    Assert.assertEquals(EXPECTED_ID_HASH, jwt.getClaims().getClaimAsJSON(JwtClaimName.CNF).optString(JwtClaimName.TOKEN_BINDING_HASH));
}
Also used : RegisterResponse(org.gluu.oxauth.client.RegisterResponse) Jwt(org.gluu.oxauth.model.jwt.Jwt) GrantType(org.gluu.oxauth.model.common.GrantType) ResponseType(org.gluu.oxauth.model.common.ResponseType) AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) BaseTest(org.gluu.oxauth.BaseTest) Test(org.testng.annotations.Test)

Aggregations

GrantType (org.gluu.oxauth.model.common.GrantType)90 Parameters (org.testng.annotations.Parameters)85 BaseTest (org.gluu.oxauth.BaseTest)81 Test (org.testng.annotations.Test)81 RegisterRequest (org.gluu.oxauth.client.RegisterRequest)71 RegisterResponse (org.gluu.oxauth.client.RegisterResponse)64 RegisterClient (org.gluu.oxauth.client.RegisterClient)55 TokenClient (org.gluu.oxauth.client.TokenClient)53 TokenResponse (org.gluu.oxauth.client.TokenResponse)53 TokenRequest (org.gluu.oxauth.client.TokenRequest)46 OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)38 ResponseType (org.gluu.oxauth.model.common.ResponseType)24 Builder (javax.ws.rs.client.Invocation.Builder)23 Response (javax.ws.rs.core.Response)23 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)23 JSONException (org.json.JSONException)23 JSONObject (org.json.JSONObject)21 ClientInfoClient (org.gluu.oxauth.client.ClientInfoClient)16 ClientInfoResponse (org.gluu.oxauth.client.ClientInfoResponse)16 AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)11