Example 26 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class OPRegistrationJwks method opRegistrationJwks.
@Parameters({ "redirectUri", "postLogoutRedirectUri", "clientJwksUri", "userId", "userSecret", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test
public void opRegistrationJwks(final String redirectUri, final String postLogoutRedirectUri, final String clientJwksUri, final String userId, final String userSecret, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
showTitle("opRegistrationJwks");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<GrantType> grantTypes = Arrays.asList(GrantType.AUTHORIZATION_CODE);
List<String> contacts = Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com");
// 1. Register client
JwkClient jwkClient = new JwkClient(clientJwksUri);
JwkResponse jwkResponse = jwkClient.exec();
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUri));
registerRequest.setPostLogoutRedirectUris(Arrays.asList(postLogoutRedirectUri));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setGrantTypes(grantTypes);
registerRequest.setContacts(contacts);
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.setJwks(jwkResponse.getJwks().toString());
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getRegistrationClientUri());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
assertNotNull(registerResponse.getResponseTypes());
assertTrue(registerResponse.getResponseTypes().containsAll(responseTypes));
assertNotNull(registerResponse.getGrantTypes());
assertTrue(registerResponse.getGrantTypes().containsAll(grantTypes));
assertNotNull(registerResponse.getClaims().get(RegisterRequestParam.JWKS.getName()));
assertNotNull(registerResponse.getClaims().get(RegisterRequestParam.TOKEN_ENDPOINT_AUTH_METHOD.getName()));
assertEquals(AuthenticationMethod.PRIVATE_KEY_JWT.toString(), registerResponse.getClaims().get(RegisterRequestParam.TOKEN_ENDPOINT_AUTH_METHOD.getName()));
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation());
assertNotNull(authorizationResponse.getState());
assertNotNull(authorizationResponse.getScope());
String authorizationCode = authorizationResponse.getCode();
// 3. Request access token using the authorization code.
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(authorizationCode);
tokenRequest.setRedirectUri(redirectUri);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
tokenRequest.setCryptoProvider(cryptoProvider);
tokenRequest.setKeyId(keyId);
tokenRequest.setAudience(tokenEndpoint);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse tokenResponse = tokenClient.exec();
showClient(tokenClient);
assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
assertNotNull(tokenResponse.getEntity(), "The entity is null");
assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
assertNotNull(tokenResponse.getTokenType(), "The token type is null");
assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
assertNotNull(tokenResponse.getIdToken(), "The id token is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
GrantType(org.gluu.oxauth.model.common.GrantType)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
JwkClient(org.gluu.oxauth.client.JwkClient)
AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
JwkResponse(org.gluu.oxauth.client.JwkResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
TokenClient(org.gluu.oxauth.client.TokenClient)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 27 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class ClientAuthenticationByAccessTokenHttpTest method requestClientRegistrationWithCustomAttributes.
@Test
public void requestClientRegistrationWithCustomAttributes() throws Exception {
showTitle("requestClientRegistrationWithCustomAttributes");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.TOKEN, ResponseType.ID_TOKEN);
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", Collections.singletonList(REDIRECT_URI));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setGrantTypes(grantTypes);
registerRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientEngine(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
clientId = response.getClientId();
clientSecret = response.getClientSecret();
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
GrantType(org.gluu.oxauth.model.common.GrantType)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 28 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class UserAuthenticationFilterHttpTest method requestAccessTokenCustomAuth3.
@Parameters({ "redirectUris", "userInum", "userEmail", "sectorIdentifierUri" })
@Test
public void requestAccessTokenCustomAuth3(final String redirectUris, final String userInum, final String userEmail, final String sectorIdentifierUri) throws Exception {
showTitle("requestAccessTokenCustomAuth3");
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setGrantTypes(grantTypes);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.addCustomParameter("mail", userEmail);
tokenRequest.addCustomParameter("inum", userInum);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse response1 = tokenClient.exec();
showClient(tokenClient);
assertEquals(response1.getStatus(), 200, "Unexpected response code: " + response1.getStatus());
assertNotNull(response1.getEntity(), "The entity is null");
assertNotNull(response1.getAccessToken(), "The access token is null");
assertNotNull(response1.getTokenType(), "The token type is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
GrantType(org.gluu.oxauth.model.common.GrantType)
TokenClient(org.gluu.oxauth.client.TokenClient)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 29 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class UserAuthenticationFilterHttpTest method requestAccessTokenCustomAuth2.
@Parameters({ "redirectUris", "userId", "userSecret", "sectorIdentifierUri" })
@Test
public void requestAccessTokenCustomAuth2(final String redirectUris, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception {
showTitle("requestAccessTokenCustomAuth2");
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setGrantTypes(grantTypes);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.addCustomParameter("uid", userId);
tokenRequest.addCustomParameter("pwd", userSecret);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse response1 = tokenClient.exec();
showClient(tokenClient);
assertEquals(response1.getStatus(), 200, "Unexpected response code: " + response1.getStatus());
assertNotNull(response1.getEntity(), "The entity is null");
assertNotNull(response1.getAccessToken(), "The access token is null");
assertNotNull(response1.getTokenType(), "The token type is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
GrantType(org.gluu.oxauth.model.common.GrantType)
TokenClient(org.gluu.oxauth.client.TokenClient)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 30 with GrantType
use of org.gluu.oxauth.model.common.GrantType in project oxAuth by GluuFederation.
the class UserAuthenticationFilterHttpTest method requestAccessTokenCustomAuth1.
@Parameters({ "redirectUris", "userInum", "userEmail", "sectorIdentifierUri" })
@Test
public void requestAccessTokenCustomAuth1(final String redirectUris, final String userInum, final String userEmail, final String sectorIdentifierUri) throws Exception {
showTitle("requestAccessTokenCustomAuth1");
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setGrantTypes(grantTypes);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setAuthUsername(clientId);
tokenRequest.setAuthPassword(clientSecret);
tokenRequest.addCustomParameter("mail", userEmail);
tokenRequest.addCustomParameter("inum", userInum);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
TokenClient tokenClient = new TokenClient(tokenEndpoint);
tokenClient.setRequest(tokenRequest);
TokenResponse response1 = tokenClient.exec();
showClient(tokenClient);
assertEquals(response1.getStatus(), 200, "Unexpected response code: " + response1.getStatus());
assertNotNull(response1.getEntity(), "The entity is null");
assertNotNull(response1.getAccessToken(), "The access token is null");
assertNotNull(response1.getTokenType(), "The token type is null");
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
GrantType(org.gluu.oxauth.model.common.GrantType)
TokenClient(org.gluu.oxauth.client.TokenClient)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
GrantType (org.gluu.oxauth.model.common.GrantType)90
Parameters (org.testng.annotations.Parameters)85
BaseTest (org.gluu.oxauth.BaseTest)81
Test (org.testng.annotations.Test)81
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)71
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)64
RegisterClient (org.gluu.oxauth.client.RegisterClient)55
TokenClient (org.gluu.oxauth.client.TokenClient)53
TokenResponse (org.gluu.oxauth.client.TokenResponse)53
TokenRequest (org.gluu.oxauth.client.TokenRequest)46
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)38
ResponseType (org.gluu.oxauth.model.common.ResponseType)24
Builder (javax.ws.rs.client.Invocation.Builder)23
Response (javax.ws.rs.core.Response)23
ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)23
JSONException (org.json.JSONException)23
JSONObject (org.json.JSONObject)21
ClientInfoClient (org.gluu.oxauth.client.ClientInfoClient)16
ClientInfoResponse (org.gluu.oxauth.client.ClientInfoResponse)16
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)11
