Example 31 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class TTokenRequest method requestAuthorizationCode.
private void requestAuthorizationCode(final String authorizePath, final String userId, final String userSecret, final String umaClientId, final String umaRedirectUri, final String p_scopeType) throws Exception {
List<ResponseType> responseTypes = new ArrayList<ResponseType>();
responseTypes.add(ResponseType.CODE);
responseTypes.add(ResponseType.ID_TOKEN);
List<String> scopes = new ArrayList<String>();
scopes.add(p_scopeType);
String state = UUID.randomUUID().toString();
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, umaClientId, scopes, umaRedirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
authorizationRequest.getPrompts().add(Prompt.NONE);
Builder request = ResteasyClientBuilder.newClient().target(baseUri.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
BaseTest.showResponse("TTokenClient.requestAuthorizationCode() : ", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
final String location = response.getLocation().toString();
final int fragmentIndex = location.indexOf("#");
Map<String, String> params = new HashMap<String, String>();
if (fragmentIndex != -1) {
String fragment = location.substring(fragmentIndex + 1);
params = QueryStringDecoder.decode(fragment);
} else {
int queryStringIndex = location.indexOf("?");
if (queryStringIndex != -1) {
String queryString = location.substring(queryStringIndex + 1);
params = QueryStringDecoder.decode(queryString);
}
}
assertNotNull(params.get("code"), "The code is null");
assertNotNull(params.get("scope"), "The scope is null");
assertNotNull(params.get("state"), "The state is null");
token.setAuthorizationCode(params.get("code"));
token.setScope(params.get("scope"));
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
}
}
Also used :
RPTResponse(org.gluu.oxauth.model.uma.RPTResponse)
RptIntrospectionResponse(org.gluu.oxauth.model.uma.RptIntrospectionResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
HashMap(java.util.HashMap)
MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
ArrayList(java.util.ArrayList)
JSONException(org.json.JSONException)
IOException(java.io.IOException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Example 32 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class SectorIdentifierUrlVerificationEmbeddedTest method requestAuthorizationCodeWithSectorIdentifierStep2.
// This test requires a place to publish a sector identifier JSON array of
// redirect URIs via HTTPS
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "requestAuthorizationCodeWithSectorIdentifierStep1")
public void requestAuthorizationCodeWithSectorIdentifierStep2(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String state = UUID.randomUUID().toString();
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationCodeWithSectorIdentifierStep2", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment());
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
assertNotNull(params.get(AuthorizeResponseParam.ID_TOKEN), "The ID Token is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
String idToken = params.get(AuthorizeResponseParam.ID_TOKEN);
Jwt jwt = Jwt.parse(idToken);
assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
} catch (InvalidJwtException e) {
e.printStackTrace();
fail("Invalid JWT");
}
}
Also used :
Response(javax.ws.rs.core.Response)
InvalidJwtException(org.gluu.oxauth.model.exception.InvalidJwtException)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
REGISTRATION_CLIENT_URI(org.gluu.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 33 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class ClientInfoRestWebServiceEmbeddedTest method requestClientInfoStep1ImplicitFlow.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestClientInfoStep1ImplicitFlow(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
List<String> scopes = Arrays.asList("clientinfo");
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestClientInfo step 1 Implicit Flow", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Fragment is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get(AuthorizeResponseParam.ACCESS_TOKEN), "The access token is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertNotNull(params.get(AuthorizeResponseParam.TOKEN_TYPE), "The token type is null");
assertNotNull(params.get(AuthorizeResponseParam.EXPIRES_IN), "The expires in value is null");
assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope must be null");
assertNull(params.get("refresh_token"), "The refresh_token must be null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
accessToken1 = params.get(AuthorizeResponseParam.ACCESS_TOKEN);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
} catch (Exception e) {
e.printStackTrace();
fail("Unexpected error");
}
}
}
Also used :
Response(javax.ws.rs.core.Response)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 34 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class ClientInfoRestWebServiceEmbeddedTest method dynamicClientRegistration.
@Parameters({ "registerPath", "redirectUris" })
@Test
public void dynamicClientRegistration(final String registerPath, final String redirectUris) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
List<GrantType> grantTypes = Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
registerRequest.setGrantTypes(grantTypes);
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("dynamicClientRegistration", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
final RegisterResponse registerResponse = RegisterResponse.valueOf(entity);
ClientTestUtil.assert_(registerResponse);
clientId = registerResponse.getClientId();
clientSecret = registerResponse.getClientSecret();
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
Also used :
Response(javax.ws.rs.core.Response)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
JSONException(org.json.JSONException)
GrantType(org.gluu.oxauth.model.common.GrantType)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 35 with ResponseType
use of org.gluu.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.
the class OpenIDRequestObjectWithESAlgEmbeddedTest method requestParameterMethodES512Step2.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "requestParameterMethodES512Step1")
public void requestParameterMethodES512Step2(final String authorizePath, final String userId, final String userSecret, final String redirectUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
Builder request = null;
try {
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId3, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.ES512, cryptoProvider);
jwtAuthorizationRequest.setKeyId(keyId);
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[] { ACR_VALUE })));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
System.out.println("Request JWT: " + authJwt);
request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
} catch (Exception ex) {
fail(ex.getMessage(), ex);
}
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES512Step2", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Query string is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get("access_token"), "The accessToken is null");
assertNotNull(params.get("scope"), "The scope is null");
assertNotNull(params.get("state"), "The state is null");
} catch (URISyntaxException e) {
fail(e.getMessage(), e);
}
}
Also used :
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
Claim(org.gluu.oxauth.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
ResponseType (org.gluu.oxauth.model.common.ResponseType)661
Parameters (org.testng.annotations.Parameters)648
BaseTest (org.gluu.oxauth.BaseTest)646
Test (org.testng.annotations.Test)646
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)541
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)528
AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)526
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)525
RegisterClient (org.gluu.oxauth.client.RegisterClient)508
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)274
JwtAuthorizationRequest (org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)204
AuthorizeClient (org.gluu.oxauth.client.AuthorizeClient)198
UserInfoResponse (org.gluu.oxauth.client.UserInfoResponse)179
UserInfoClient (org.gluu.oxauth.client.UserInfoClient)178
TokenClient (org.gluu.oxauth.client.TokenClient)176
TokenResponse (org.gluu.oxauth.client.TokenResponse)176
Jwt (org.gluu.oxauth.model.jwt.Jwt)170
TokenRequest (org.gluu.oxauth.client.TokenRequest)165
Claim (org.gluu.oxauth.client.model.authorize.Claim)133
Response (javax.ws.rs.core.Response)111
