Example 41 with AccessToken
use of org.keycloak.representations.AccessToken in project keycloak by keycloak.
the class OfflineTokenTest method testRefreshWithOfflineToken.
private String testRefreshWithOfflineToken(AccessToken oldToken, RefreshToken offlineToken, String offlineTokenString, final String sessionId, String userId) {
// Change offset to big value to ensure userSession expired
setTimeOffset(99999);
assertFalse(oldToken.isActive());
assertTrue(offlineToken.isActive());
// Assert userSession expired
testingClient.testing().removeExpired("test");
try {
testingClient.testing().removeUserSession("test", sessionId);
} catch (NotFoundException nfe) {
// Ignore
}
OAuthClient.AccessTokenResponse response = oauth.doRefreshTokenRequest(offlineTokenString, "secret1");
AccessToken refreshedToken = oauth.verifyToken(response.getAccessToken());
Assert.assertEquals(200, response.getStatusCode());
// Assert new refreshToken in the response
String newRefreshToken = response.getRefreshToken();
Assert.assertNotNull(newRefreshToken);
Assert.assertNotEquals(oldToken.getId(), refreshedToken.getId());
// Assert scope parameter contains "offline_access"
assertTrue(response.getScope().contains(OAuth2Constants.OFFLINE_ACCESS));
Assert.assertEquals(userId, refreshedToken.getSubject());
assertTrue(refreshedToken.getRealmAccess().isUserInRole("user"));
assertTrue(refreshedToken.getRealmAccess().isUserInRole(Constants.OFFLINE_ACCESS_ROLE));
Assert.assertEquals(1, refreshedToken.getResourceAccess("test-app").getRoles().size());
assertTrue(refreshedToken.getResourceAccess("test-app").isUserInRole("customer-user"));
EventRepresentation refreshEvent = events.expectRefresh(offlineToken.getId(), sessionId).client("offline-client").user(userId).removeDetail(Details.UPDATED_REFRESH_TOKEN_ID).detail(Details.REFRESH_TOKEN_TYPE, TokenUtil.TOKEN_TYPE_OFFLINE).assertEvent();
Assert.assertNotEquals(oldToken.getId(), refreshEvent.getDetails().get(Details.TOKEN_ID));
setTimeOffset(0);
return newRefreshToken;
}
Also used :
OAuthClient(org.keycloak.testsuite.util.OAuthClient)
AccessToken(org.keycloak.representations.AccessToken)
EventRepresentation(org.keycloak.representations.idm.EventRepresentation)
NotFoundException(javax.ws.rs.NotFoundException)
Example 42 with AccessToken
use of org.keycloak.representations.AccessToken in project keycloak by keycloak.
the class RSAVerifierTest method testExpirationBad.
@Test
public void testExpirationBad() {
token.expiration(Time.currentTime() - 100);
String encoded = new JWSBuilder().jsonContent(token).rsa256(idpPair.getPrivate());
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
Assert.fail();
} catch (VerificationException ignored) {
}
}
Also used :
AccessToken(org.keycloak.representations.AccessToken)
VerificationException(org.keycloak.common.VerificationException)
JWSBuilder(org.keycloak.jose.jws.JWSBuilder)
Test(org.junit.Test)
Example 43 with AccessToken
use of org.keycloak.representations.AccessToken in project keycloak by keycloak.
the class RSAVerifierTest method testNotBeforeBad.
@Test
public void testNotBeforeBad() {
token.notBefore(Time.currentTime() + 100);
String encoded = new JWSBuilder().jsonContent(token).rsa256(idpPair.getPrivate());
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
Assert.fail();
} catch (VerificationException ignored) {
System.out.println(ignored.getMessage());
}
}
Also used :
AccessToken(org.keycloak.representations.AccessToken)
VerificationException(org.keycloak.common.VerificationException)
JWSBuilder(org.keycloak.jose.jws.JWSBuilder)
Test(org.junit.Test)
Example 44 with AccessToken
use of org.keycloak.representations.AccessToken in project keycloak by keycloak.
the class RSAVerifierTest method testExpirationGood.
@Test
public void testExpirationGood() throws Exception {
token.expiration(Time.currentTime() + 100);
String encoded = new JWSBuilder().jsonContent(token).rsa256(idpPair.getPrivate());
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
} catch (VerificationException ignored) {
throw ignored;
}
}
Also used :
AccessToken(org.keycloak.representations.AccessToken)
VerificationException(org.keycloak.common.VerificationException)
JWSBuilder(org.keycloak.jose.jws.JWSBuilder)
Test(org.junit.Test)
Example 45 with AccessToken
use of org.keycloak.representations.AccessToken in project keycloak by keycloak.
the class RSAVerifierTest method testTokenAuth.
@Test
public void testTokenAuth() {
token = new AccessToken();
token.subject("CN=Client").issuer("http://localhost:8080/auth/realms/demo").addAccess("service").addRole("admin").verifyCaller(true);
token.setEmail("bill@jboss.org");
String encoded = new JWSBuilder().jsonContent(token).rsa256(idpPair.getPrivate());
System.out.println("token size: " + encoded.length());
AccessToken v = null;
try {
v = verifySkeletonKeyToken(encoded);
Assert.fail();
} catch (VerificationException ignored) {
}
}
Also used :
AccessToken(org.keycloak.representations.AccessToken)
VerificationException(org.keycloak.common.VerificationException)
JWSBuilder(org.keycloak.jose.jws.JWSBuilder)
Test(org.junit.Test)
Aggregations
AccessToken (org.keycloak.representations.AccessToken)230
Test (org.junit.Test)129
OAuthClient (org.keycloak.testsuite.util.OAuthClient)104
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)54
RefreshToken (org.keycloak.representations.RefreshToken)45
AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)37
JWSInput (org.keycloak.jose.jws.JWSInput)29
Permission (org.keycloak.representations.idm.authorization.Permission)28
EventRepresentation (org.keycloak.representations.idm.EventRepresentation)27
Response (javax.ws.rs.core.Response)26
ClientResource (org.keycloak.admin.client.resource.ClientResource)22
VerificationException (org.keycloak.common.VerificationException)19
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)19
AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)18
IDToken (org.keycloak.representations.IDToken)18
AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)17
IOException (java.io.IOException)15
AuthzClient (org.keycloak.authorization.client.AuthzClient)15
ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)14
ArrayList (java.util.ArrayList)13
