Example 26 with Jwt
use of org.gluu.oxauth.model.jwt.Jwt in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method jwtStateHS384Test.
@Test
public void jwtStateHS384Test() throws Exception {
showTitle("jwtStateHS384Test");
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
String sharedKey = "shared_key";
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.HS384, sharedKey, cryptoProvider);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
assertNotNull(encodedState);
System.out.println("Signed JWS State: " + encodedState);
Jwt jwt = Jwt.parse(encodedState);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null, null, sharedKey, SignatureAlgorithm.HS384);
assertTrue(validJwt);
}
Also used :
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
JSONObject(org.json.JSONObject)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
JwtState(org.gluu.oxauth.client.model.JwtState)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 27 with Jwt
use of org.gluu.oxauth.model.jwt.Jwt in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method jwtStateNONETest.
@Test
public void jwtStateNONETest() throws Exception {
showTitle("jwtStateNONETest");
AbstractCryptoProvider cryptoProvider = createCryptoProviderWithAllowedNone();
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.NONE, cryptoProvider);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
assertNotNull(encodedState);
System.out.println("Encoded State: " + encodedState);
Jwt jwt = Jwt.parse(encodedState);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null, null, null, SignatureAlgorithm.NONE);
assertTrue(validJwt);
}
Also used :
JSONObject(org.json.JSONObject)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
AbstractCryptoProvider(org.gluu.oxauth.model.crypto.AbstractCryptoProvider)
JwtState(org.gluu.oxauth.client.model.JwtState)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 28 with Jwt
use of org.gluu.oxauth.model.jwt.Jwt in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method jwtStateRS384Test.
@Parameters({ "keyStoreFile", "keyStoreSecret", "dnName", "RS384_keyId" })
@Test
public void jwtStateRS384Test(final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId) throws Exception {
showTitle("jwtStateRS384Test");
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.RS384, cryptoProvider);
jwtState.setKeyId(keyId);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
assertNotNull(encodedState);
System.out.println("Signed JWS State: " + encodedState);
Jwt jwt = Jwt.parse(encodedState);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId, null, null, SignatureAlgorithm.RS384);
assertTrue(validJwt);
}
Also used :
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
JSONObject(org.json.JSONObject)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
JwtState(org.gluu.oxauth.client.model.JwtState)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 29 with Jwt
use of org.gluu.oxauth.model.jwt.Jwt in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method jwtStateRS512Test.
@Parameters({ "keyStoreFile", "keyStoreSecret", "dnName", "RS512_keyId" })
@Test
public void jwtStateRS512Test(final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId) throws Exception {
showTitle("jwtStateRS512Test");
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.RS512, cryptoProvider);
jwtState.setKeyId(keyId);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
assertNotNull(encodedState);
System.out.println("Signed JWS State: " + encodedState);
Jwt jwt = Jwt.parse(encodedState);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId, null, null, SignatureAlgorithm.RS512);
assertTrue(validJwt);
}
Also used :
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
JSONObject(org.json.JSONObject)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
JwtState(org.gluu.oxauth.client.model.JwtState)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Example 30 with Jwt
use of org.gluu.oxauth.model.jwt.Jwt in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method encodeClaimsInStateParameterES384.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "keyStoreFile", "keyStoreSecret", "dnName", "ES384_keyId" })
@Test
public void encodeClaimsInStateParameterES384(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri, final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId) throws Exception {
showTitle("encodeClaimsInStateParameterES384");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
// 2. Request authorization
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.ES384, cryptoProvider);
jwtState.setKeyId(keyId);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(encodedState);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation(), "The location is null");
assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
assertNotNull(authorizationResponse.getState(), "The state is null");
String state = authorizationResponse.getState();
// 3. Validate state
Jwt jwt = Jwt.parse(state);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId, null, null, SignatureAlgorithm.ES384);
assertTrue(validJwt);
}
Also used :
RegisterRequest(org.gluu.oxauth.client.RegisterRequest)
AuthorizationRequest(org.gluu.oxauth.client.AuthorizationRequest)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
ResponseType(org.gluu.oxauth.model.common.ResponseType)
AuthorizationResponse(org.gluu.oxauth.client.AuthorizationResponse)
OxAuthCryptoProvider(org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)
RegisterResponse(org.gluu.oxauth.client.RegisterResponse)
JSONObject(org.json.JSONObject)
RegisterClient(org.gluu.oxauth.client.RegisterClient)
JwtState(org.gluu.oxauth.client.model.JwtState)
Parameters(org.testng.annotations.Parameters)
BaseTest(org.gluu.oxauth.BaseTest)
Test(org.testng.annotations.Test)
Aggregations
Jwt (org.gluu.oxauth.model.jwt.Jwt)244
Test (org.testng.annotations.Test)217
BaseTest (org.gluu.oxauth.BaseTest)215
Parameters (org.testng.annotations.Parameters)210
AuthorizationResponse (org.gluu.oxauth.client.AuthorizationResponse)171
ResponseType (org.gluu.oxauth.model.common.ResponseType)170
RegisterResponse (org.gluu.oxauth.client.RegisterResponse)167
AuthorizationRequest (org.gluu.oxauth.client.AuthorizationRequest)162
RegisterClient (org.gluu.oxauth.client.RegisterClient)156
RegisterRequest (org.gluu.oxauth.client.RegisterRequest)156
OxAuthCryptoProvider (org.gluu.oxauth.model.crypto.OxAuthCryptoProvider)108
RSASigner (org.gluu.oxauth.model.jws.RSASigner)98
RSAPublicKey (org.gluu.oxauth.model.crypto.signature.RSAPublicKey)97
AuthorizeClient (org.gluu.oxauth.client.AuthorizeClient)92
UserInfoResponse (org.gluu.oxauth.client.UserInfoResponse)82
UserInfoClient (org.gluu.oxauth.client.UserInfoClient)81
JwtAuthorizationRequest (org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest)70
JSONObject (org.json.JSONObject)60
Claim (org.gluu.oxauth.client.model.authorize.Claim)46
UserInfoRequest (org.gluu.oxauth.client.UserInfoRequest)39
