Example 16 with OxAuthCryptoProvider
use of org.gluu.oxauth.model.crypto.OxAuthCryptoProvider in project oxAuth by GluuFederation.
the class OpenIDRequestObjectEmbeddedTest method requestParameterMethodFail4.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestParameterMethodFail4(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
Builder request = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.SUBJECT_IDENTIFIER, ClaimValue.createSingleValue("INVALID_USER_ID")));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
System.out.println("Request JWT: " + authJwt);
request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
} catch (Exception e) {
fail(e.getMessage(), e);
}
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodFail4", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Fragment is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get("error"), "The error value is null");
assertNotNull(params.get("error_description"), "The errorDescription value is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
}
Also used :
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
Claim(org.gluu.oxauth.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 17 with OxAuthCryptoProvider
use of org.gluu.oxauth.model.crypto.OxAuthCryptoProvider in project oxAuth by GluuFederation.
the class TokenRestWebServiceWithHSAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtHS512Step2.
@Parameters({ "tokenPath", "userId", "userSecret", "audience" })
@Test(dependsOnMethods = "requestAccessTokenWithClientSecretJwtHS512Step1")
public void requestAccessTokenWithClientSecretJwtHS512Step2(final String tokenPath, final String userId, final String userSecret, final String audience) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setUsername(userId);
tokenRequest.setPassword(userSecret);
tokenRequest.setScope("email read_stream manage_pages");
tokenRequest.setAuthUsername(clientId3);
tokenRequest.setAuthPassword(clientSecret3);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
tokenRequest.setCryptoProvider(cryptoProvider);
tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
tokenRequest.setAudience(audience);
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
showResponse("requestAccessTokenWithClientSecretJwtHS512Step2", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code.");
assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
} catch (Exception e) {
fail(e.getMessage(), e);
}
}
Also used :
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap)
JSONObject(org.json.JSONObject)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
JSONException(org.json.JSONException)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 18 with OxAuthCryptoProvider
use of org.gluu.oxauth.model.crypto.OxAuthCryptoProvider in project oxAuth by GluuFederation.
the class TokenRestWebServiceWithHSAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtHS256Step2.
@Parameters({ "tokenPath", "userId", "userSecret", "audience" })
@Test(dependsOnMethods = "requestAccessTokenWithClientSecretJwtHS256Step1")
public void requestAccessTokenWithClientSecretJwtHS256Step2(final String tokenPath, final String userId, final String userSecret, final String audience) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setUsername(userId);
tokenRequest.setPassword(userSecret);
tokenRequest.setScope("email read_stream manage_pages");
tokenRequest.setAuthUsername(clientId1);
tokenRequest.setAuthPassword(clientSecret1);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
tokenRequest.setCryptoProvider(cryptoProvider);
tokenRequest.setAudience(audience);
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
showResponse("requestAccessTokenWithClientSecretJwtHS256Step2", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code.");
assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
} catch (Exception e) {
fail(e.getMessage(), e);
}
}
Also used :
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap)
JSONObject(org.json.JSONObject)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
JSONException(org.json.JSONException)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 19 with OxAuthCryptoProvider
use of org.gluu.oxauth.model.crypto.OxAuthCryptoProvider in project oxAuth by GluuFederation.
the class TokenRestWebServiceWithHSAlgEmbeddedTest method requestAccessTokenWithClientSecretJwtHS384Step2.
@Parameters({ "tokenPath", "userId", "userSecret", "audience" })
@Test(dependsOnMethods = "requestAccessTokenWithClientSecretJwtHS384Step1")
public void requestAccessTokenWithClientSecretJwtHS384Step2(final String tokenPath, final String userId, final String userSecret, final String audience) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
tokenRequest.setUsername(userId);
tokenRequest.setPassword(userSecret);
tokenRequest.setScope("email read_stream manage_pages");
tokenRequest.setAuthUsername(clientId2);
tokenRequest.setAuthPassword(clientSecret2);
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
tokenRequest.setCryptoProvider(cryptoProvider);
tokenRequest.setAlgorithm(SignatureAlgorithm.HS384);
tokenRequest.setAudience(audience);
Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
String entity = response.readEntity(String.class);
showResponse("requestAccessTokenWithClientSecretJwtHS384Step2", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code.");
assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
} catch (Exception e) {
fail(e.getMessage(), e);
}
}
Also used :
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap)
JSONObject(org.json.JSONObject)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
TokenRequest(org.gluu.oxauth.client.TokenRequest)
JSONException(org.json.JSONException)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 20 with OxAuthCryptoProvider
use of org.gluu.oxauth.model.crypto.OxAuthCryptoProvider in project oxAuth by GluuFederation.
the class OpenIDRequestObjectWithESAlgEmbeddedTest method requestParameterMethodES512Step2.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret" })
@Test(dependsOnMethods = "requestParameterMethodES512Step1")
public void requestParameterMethodES512Step2(final String authorizePath, final String userId, final String userSecret, final String redirectUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws Exception {
Builder request = null;
try {
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
List<String> scopes = Arrays.asList("openid");
String nonce = UUID.randomUUID().toString();
String state = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId3, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.ES512, cryptoProvider);
jwtAuthorizationRequest.setKeyId(keyId);
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[] { ACR_VALUE })));
String authJwt = jwtAuthorizationRequest.getEncodedJwt();
authorizationRequest.setRequest(authJwt);
System.out.println("Request JWT: " + authJwt);
request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
} catch (Exception ex) {
fail(ex.getMessage(), ex);
}
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES512Step2", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Query string is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get("access_token"), "The accessToken is null");
assertNotNull(params.get("scope"), "The scope is null");
assertNotNull(params.get("state"), "The state is null");
} catch (URISyntaxException e) {
fail(e.getMessage(), e);
}
}
Also used :
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
Response(javax.ws.rs.core.Response)
JwtAuthorizationRequest(org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)
Claim(org.gluu.oxauth.client.model.authorize.Claim)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)430
BaseTest (org.gluu.oxauth.BaseTest)421
Test (org.testng.annotations.Test)421
Parameters (org.testng.annotations.Parameters)418
RegisterClient (org.gluu.oxauth.client.RegisterClient)313
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)313
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)313
ResponseType (org.gluu.oxauth.model.common.ResponseType)274
AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)262
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)238
TokenRequest (org.gluu.oxauth.client.TokenRequest)171
TokenClient (org.gluu.oxauth.client.TokenClient)150
TokenResponse (org.gluu.oxauth.client.TokenResponse)150
JwtAuthorizationRequest (org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)132
Claim (org.gluu.oxauth.client.model.authorize.Claim)125
Jwt (org.gluu.oxauth.model.jwt.Jwt)108
JSONObject (org.json.JSONObject)93
AuthorizeClient (org.gluu.oxauth.client.AuthorizeClient)92
UserInfoClient (org.gluu.oxauth.client.UserInfoClient)84
UserInfoResponse (org.gluu.oxauth.client.UserInfoResponse)84
