Examples with IDToken org.keycloak.representations.IDToken used on opensource projects

Search in sources :

Example 61 with IDToken

use of org.keycloak.representations.IDToken in project keycloak by keycloak.

the class AbstractOIDCResponseTypeTest method initialSessionStateUsedInRedirect.

@Test
public void initialSessionStateUsedInRedirect() {
    EventRepresentation loginEvent = loginUserWithRedirect("abcdef123456", OAuthClient.APP_ROOT + "/auth?session_state=foo");
    OAuthClient.AuthorizationEndpointResponse authzResponse = new OAuthClient.AuthorizationEndpointResponse(oauth, isFragment());
    Assert.assertNotNull(authzResponse.getSessionState());
    List<IDToken> idTokens = testAuthzResponseAndRetrieveIDTokens(authzResponse, loginEvent);
    for (IDToken idToken : idTokens) {
        Assert.assertEquals(authzResponse.getSessionState(), idToken.getSessionState());
    }
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) IDToken(org.keycloak.representations.IDToken) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 62 with IDToken

use of org.keycloak.representations.IDToken in project keycloak by keycloak.

the class AbstractOIDCResponseTypeTest method oidcFlow.

private void oidcFlow(String expectedAccessAlg, String expectedIdTokenAlg) throws Exception {
    EventRepresentation loginEvent = loginUser("abcdef123456");
    OAuthClient.AuthorizationEndpointResponse authzResponse = new OAuthClient.AuthorizationEndpointResponse(oauth, isFragment());
    Assert.assertNotNull(authzResponse.getSessionState());
    JWSHeader header = null;
    String idToken = authzResponse.getIdToken();
    String accessToken = authzResponse.getAccessToken();
    if (idToken != null) {
        header = new JWSInput(idToken).getHeader();
        assertEquals(expectedIdTokenAlg, header.getAlgorithm().name());
        assertEquals("JWT", header.getType());
        assertNull(header.getContentType());
    }
    if (accessToken != null) {
        header = new JWSInput(accessToken).getHeader();
        assertEquals(expectedAccessAlg, header.getAlgorithm().name());
        assertEquals("JWT", header.getType());
        assertNull(header.getContentType());
    }
    List<IDToken> idTokens = testAuthzResponseAndRetrieveIDTokens(authzResponse, loginEvent);
    for (IDToken idt : idTokens) {
        Assert.assertEquals("abcdef123456", idt.getNonce());
        Assert.assertEquals(authzResponse.getSessionState(), idt.getSessionState());
    }
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) IDToken(org.keycloak.representations.IDToken) JWSInput(org.keycloak.jose.jws.JWSInput) JWSHeader(org.keycloak.jose.jws.JWSHeader)

Example 63 with IDToken

use of org.keycloak.representations.IDToken in project keycloak by keycloak.

the class AuthorizationTokenResponseModeTest method authorizationRequestJWTResponseModeIdTokenResponseType.

@Test
public void authorizationRequestJWTResponseModeIdTokenResponseType() throws Exception {
    ClientManager.realm(adminClient.realm("test")).clientId("test-app").implicitFlow(true);
    // jwt response_mode. It should fallback to fragment.jwt when its hybrid flow
    oauth.responseMode("jwt");
    oauth.responseType("code id_token");
    oauth.stateParamHardcoded("OpenIdConnect.AuthenticationProperties=2302984sdlk");
    oauth.nonce("123456");
    OAuthClient.AuthorizationEndpointResponse response = oauth.doLogin("test-user@localhost", "password");
    assertTrue(response.isRedirected());
    AuthorizationResponseToken responseToken = oauth.verifyAuthorizationResponseToken(response.getResponse());
    assertEquals("test-app", responseToken.getAudience()[0]);
    Assert.assertNotNull(responseToken.getOtherClaims().get("code"));
    assertEquals("OpenIdConnect.AuthenticationProperties=2302984sdlk", responseToken.getOtherClaims().get("state"));
    Assert.assertNull(responseToken.getOtherClaims().get("error"));
    Assert.assertNotNull(responseToken.getOtherClaims().get("id_token"));
    String idTokenEncoded = (String) responseToken.getOtherClaims().get("id_token");
    IDToken idToken = oauth.verifyIDToken(idTokenEncoded);
    assertEquals("123456", idToken.getNonce());
    URI currentUri = new URI(driver.getCurrentUrl());
    Assert.assertNull(currentUri.getRawQuery());
    Assert.assertNotNull(currentUri.getRawFragment());
    String codeId = events.expectLogin().assertEvent().getDetails().get(Details.CODE_ID);
}
Also used : AuthorizationResponseToken(org.keycloak.representations.AuthorizationResponseToken) OAuthClient(org.keycloak.testsuite.util.OAuthClient) IDToken(org.keycloak.representations.IDToken) URI(java.net.URI) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 64 with IDToken

use of org.keycloak.representations.IDToken in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method promptNoneSuccess.

@Test
public void promptNoneSuccess() {
    // Login user
    loginPage.open();
    loginPage.login("test-user@localhost", "password");
    Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
    EventRepresentation loginEvent = events.expectLogin().detail(Details.USERNAME, "test-user@localhost").assertEvent();
    IDToken idToken = sendTokenRequestAndGetIDToken(loginEvent);
    int authTime = idToken.getAuthTime();
    // Set time offset
    setTimeOffset(10);
    // Assert user still logged with previous authTime
    driver.navigate().to(oauth.getLoginFormUrl() + "&prompt=none");
    Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
    loginEvent = events.expectLogin().removeDetail(Details.USERNAME).assertEvent();
    idToken = sendTokenRequestAndGetIDToken(loginEvent);
    int authTime2 = idToken.getAuthTime();
    Assert.assertEquals(authTime, authTime2);
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation) IDToken(org.keycloak.representations.IDToken) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 65 with IDToken

use of org.keycloak.representations.IDToken in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method testMaxAge1.

// Max_age
@Test
public void testMaxAge1() {
    // Open login form and login successfully
    oauth.doLogin("test-user@localhost", "password");
    EventRepresentation loginEvent = events.expectLogin().assertEvent();
    IDToken idToken = sendTokenRequestAndGetIDToken(loginEvent);
    // Check that authTime is available and set to current time
    int authTime = idToken.getAuthTime();
    int currentTime = Time.currentTime();
    Assert.assertTrue(authTime <= currentTime && authTime + 3 >= currentTime);
    // Set time offset
    setTimeOffset(10);
    // Now open login form with maxAge=1
    oauth.maxAge("1");
    // Assert I need to login again through the login form. But username field is not present
    oauth.openLoginForm();
    loginPage.assertCurrent();
    Assert.assertThat(false, is(loginPage.isUsernameInputPresent()));
    loginPage.login("password");
    loginEvent = events.expectLogin().assertEvent();
    idToken = sendTokenRequestAndGetIDToken(loginEvent);
    // Assert that authTime was updated
    int authTimeUpdated = idToken.getAuthTime();
    Assert.assertTrue(authTime + 10 <= authTimeUpdated);
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation) IDToken(org.keycloak.representations.IDToken) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

IDToken (org.keycloak.representations.IDToken)89 Test (org.junit.Test)57 OAuthClient (org.keycloak.testsuite.util.OAuthClient)53 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)25 EventRepresentation (org.keycloak.representations.idm.EventRepresentation)23 ProtocolMappersResource (org.keycloak.admin.client.resource.ProtocolMappersResource)18 AccessToken (org.keycloak.representations.AccessToken)18 HashMap (java.util.HashMap)16 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)16 ClientResource (org.keycloak.admin.client.resource.ClientResource)15 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)14 Matchers.isEmptyOrNullString (org.hamcrest.Matchers.isEmptyOrNullString)13 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)12 List (java.util.List)11 Map (java.util.Map)11 UserResource (org.keycloak.admin.client.resource.UserResource)11 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)10 OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)10 AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)9 RefreshToken (org.keycloak.representations.RefreshToken)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial