Example 1 with JWTClientSecretCredentialsProvider
use of org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider in project keycloak by keycloak.
the class ClientAuthSecretSignedJWTTest method getClientSignedJWT.
private String getClientSignedJWT(String secret, int timeout, String algorithm) {
JWTClientSecretCredentialsProvider jwtProvider = new JWTClientSecretCredentialsProvider();
jwtProvider.setClientSecret(secret, algorithm);
return jwtProvider.createSignedRequestToken(oauth.getClientId(), getRealmInfoUrl(), algorithm);
}
Also used :
JWTClientSecretCredentialsProvider(org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider)
Example 2 with JWTClientSecretCredentialsProvider
use of org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider in project keycloak by keycloak.
the class FAPI1Test method getClientSecretSignedJWT.
private String getClientSecretSignedJWT(String secret, String algorithm) {
JWTClientSecretCredentialsProvider jwtProvider = new JWTClientSecretCredentialsProvider();
jwtProvider.setClientSecret(secret, algorithm);
return jwtProvider.createSignedRequestToken(oauth.getClientId(), getRealmInfoUrl(), algorithm);
}
Also used :
JWTClientSecretCredentialsProvider(org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider)
Example 3 with JWTClientSecretCredentialsProvider
use of org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider in project keycloak by keycloak.
the class ClientAuthSecretSignedJWTTest method testInvalidIssuer.
@Test
public void testInvalidIssuer() throws Exception {
oauth.clientId("test-app");
oauth.doLogin("test-user@localhost", "password");
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
JWTClientSecretCredentialsProvider jwtProvider = new JWTClientSecretCredentialsProvider() {
@Override
protected JsonWebToken createRequestToken(String clientId, String realmInfoUrl) {
JsonWebToken jwt = super.createRequestToken(clientId, realmInfoUrl);
jwt.issuer("bad-issuer");
return jwt;
}
};
String algorithm = Algorithm.HS256;
jwtProvider.setClientSecret("password", algorithm);
String jwt = jwtProvider.createSignedRequestToken(oauth.getClientId(), getRealmInfoUrl(), algorithm);
OAuthClient.AccessTokenResponse response = doAccessTokenRequest(code, jwt);
assertEquals(400, response.getStatusCode());
assertEquals("invalid_client", response.getError());
}
Also used :
JWTClientSecretCredentialsProvider(org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider)
OAuthClient(org.keycloak.testsuite.util.OAuthClient)
JsonWebToken(org.keycloak.representations.JsonWebToken)
AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest)
Test(org.junit.Test)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
Aggregations
JWTClientSecretCredentialsProvider (org.keycloak.adapters.authentication.JWTClientSecretCredentialsProvider)3
Test (org.junit.Test)1
JsonWebToken (org.keycloak.representations.JsonWebToken)1
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)1
AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)1
OAuthClient (org.keycloak.testsuite.util.OAuthClient)1
