Example 11 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class RequestObjectSigningAlgRestrictionEmbeddedTest method omittedRequestObjectSigningAlgStep3HS512.
/**
* Request authorization with Request Object Signing Alg <code>HS512</code>.
*/
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "omittedRequestObjectSigningAlgStep2")
public void omittedRequestObjectSigningAlgStep3HS512(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
Builder request = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS512, clientSecret1, cryptoProvider);
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[] { ACR_VALUE })));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
System.out.println("Request JWT: " + authJwt);
request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
} catch (Exception e) {
fail(e.getMessage(), e);
}
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("omittedRequestObjectSigningAlgStep3HS512", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Query string is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get("access_token"), "The accessToken is null");
assertNotNull(params.get("id_token"), "The idToken is null");
assertNotNull(params.get("scope"), "The scope is null");
assertNotNull(params.get("state"), "The state is null");
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
Also used :
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
Claim(org.gluu.oxauth.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 12 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class RequestObjectSigningAlgRestrictionEmbeddedTest method omittedRequestObjectSigningAlgStep3ES256.
/**
* Request authorization with Request Object Signing Alg <code>ES256</code>.
*/
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri", "ES256_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "omittedRequestObjectSigningAlgStep2")
public void omittedRequestObjectSigningAlgStep3ES256(final String authorizePath, final String userId, final String userSecret, final String redirectUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
Builder request = null;
try {
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.ES256, cryptoProvider);
jwtAuthorizationRequest.setKeyId(keyId);
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[] { ACR_VALUE })));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
System.out.println("Request JWT: " + authJwt);
request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
} catch (Exception e) {
fail(e.getMessage(), e);
}
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("omittedRequestObjectSigningAlgStep3ES256", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Query string is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get("access_token"), "The accessToken is null");
assertNotNull(params.get("scope"), "The scope is null");
assertNotNull(params.get("state"), "The state is null");
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
Also used :
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
Claim(org.gluu.oxauth.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 13 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class AuthorizationCodeFlowEmbeddedTest method completeFlowStep1.
/**
* Test for the complete Authorization Code Flow: 1. Request authorization
* and receive the authorization code. 2. Request access token using the
* authorization code. 3. Validate access token. 4. Request new access token
* using the refresh token.
*/
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration", priority = 10)
public void completeFlowStep1(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
org.gluu.oxauth.client.AuthorizationRequest authorizationRequest = new org.gluu.oxauth.client.AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("completeFlowStep1", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getQuery(), "The query string is null");
Map<String, String> params = org.gluu.oxauth.client.QueryStringDecoder.decode(uri.getQuery());
assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
authorizationCode1 = params.get(AuthorizeResponseParam.CODE);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
}
}
Also used :
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Response(javax.ws.rs.core.Response)
org.gluu.oxauth.client(org.gluu.oxauth.client)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 14 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class AuthorizationCodeFlowEmbeddedTest method revokeTokensStep1.
/**
* When an authorization code is used more than once, all the tokens issued
* for that authorization code must be revoked: 1. Request authorization and
* receive the authorization code. 2. Request access token using the
* authorization code. 3. Request access token using the same authorization
* code one more time. This call must fail. 4. Request new access token
* using the refresh token. This call must fail too. 5. Request user info
* must fail.
*/
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration", priority = 30)
public void revokeTokensStep1(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
org.gluu.oxauth.client.AuthorizationRequest authorizationRequest = new org.gluu.oxauth.client.AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
authorizationRequest.setState(state);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("revokeTokensStep1", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getQuery(), "The query string is null");
Map<String, String> params = org.gluu.oxauth.client.QueryStringDecoder.decode(uri.getQuery());
assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
authorizationCode2 = params.get(AuthorizeResponseParam.CODE);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
}
}
Also used :
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Response(javax.ws.rs.core.Response)
org.gluu.oxauth.client(org.gluu.oxauth.client)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 15 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class AuthorizeWithResponseModeEmbeddedTest method requestAuthorizationCodeWithResponseModeFragment.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationCodeWithResponseModeFragment(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = new ArrayList<ResponseType>();
responseTypes.add(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
authorizationRequest.setResponseMode(ResponseMode.FRAGMENT);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationCodeWithResponseModeFragment", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Fragment is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
Also used :
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
ArrayList(java.util.ArrayList)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
ResponseType (org.gluu.oxauth.model.common.ResponseType)661
Parameters (org.testng.annotations.Parameters)648
BaseTest (org.gluu.oxauth.BaseTest)646
Test (org.testng.annotations.Test)646
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)541
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)528
AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)526
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)525
RegisterClient (org.gluu.oxauth.client.RegisterClient)508
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)274
JwtAuthorizationRequest (org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)204
AuthorizeClient (org.gluu.oxauth.client.AuthorizeClient)198
UserInfoResponse (org.gluu.oxauth.client.UserInfoResponse)179
UserInfoClient (org.gluu.oxauth.client.UserInfoClient)178
TokenClient (org.gluu.oxauth.client.TokenClient)176
TokenResponse (org.gluu.oxauth.client.TokenResponse)176
Jwt (org.gluu.oxauth.model.jwt.Jwt)170
TokenRequest (org.gluu.oxauth.client.TokenRequest)165
Claim (org.gluu.oxauth.client.model.authorize.Claim)133
Response (javax.ws.rs.core.Response)111
