Search in sources :

Example 1 with OAuth2ErrorRepresentation

use of org.keycloak.representations.idm.OAuth2ErrorRepresentation in project keycloak by keycloak.

the class TokenRevocationTest method testRevokeRequestParamsMoreThanOnce.

// KEYCLOAK-17300
@Test
public void testRevokeRequestParamsMoreThanOnce() throws Exception {
    oauth.clientId("test-app");
    OAuthClient.AccessTokenResponse tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
    isTokenEnabled(tokenResponse, "test-app");
    String revokeResponse = doTokenRevokeWithDuplicateParams(tokenResponse.getRefreshToken(), "refresh_token", "password");
    OAuth2ErrorRepresentation errorRep = JsonSerialization.readValue(revokeResponse, OAuth2ErrorRepresentation.class);
    assertEquals("duplicated parameter", errorRep.getErrorDescription());
    assertEquals(OAuthErrorException.INVALID_REQUEST, errorRep.getError());
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) OAuth2ErrorRepresentation(org.keycloak.representations.idm.OAuth2ErrorRepresentation) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 2 with OAuth2ErrorRepresentation

use of org.keycloak.representations.idm.OAuth2ErrorRepresentation in project keycloak by keycloak.

the class TokenIntrospectionTest method testInvalidClientCredentials.

@Test
public void testInvalidClientCredentials() throws Exception {
    oauth.doLogin("test-user@localhost", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse accessTokenResponse = oauth.doAccessTokenRequest(code, "password");
    String tokenResponse = oauth.introspectAccessTokenWithClientCredential("confidential-cli", "bad_credential", accessTokenResponse.getAccessToken());
    OAuth2ErrorRepresentation errorRep = JsonSerialization.readValue(tokenResponse, OAuth2ErrorRepresentation.class);
    Assert.assertEquals("Authentication failed.", errorRep.getErrorDescription());
    Assert.assertEquals(OAuthErrorException.INVALID_REQUEST, errorRep.getError());
}
Also used : OAuth2ErrorRepresentation(org.keycloak.representations.idm.OAuth2ErrorRepresentation) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) AbstractOIDCScopeTest(org.keycloak.testsuite.oidc.AbstractOIDCScopeTest) OIDCScopeTest(org.keycloak.testsuite.oidc.OIDCScopeTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 3 with OAuth2ErrorRepresentation

use of org.keycloak.representations.idm.OAuth2ErrorRepresentation in project keycloak by keycloak.

the class TokenIntrospectionTest method testPublicClientCredentialsNotAllowed.

@Test
public void testPublicClientCredentialsNotAllowed() throws Exception {
    oauth.doLogin("test-user@localhost", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse accessTokenResponse = oauth.doAccessTokenRequest(code, "password");
    String tokenResponse = oauth.introspectAccessTokenWithClientCredential("public-cli", "it_doesnt_matter", accessTokenResponse.getAccessToken());
    OAuth2ErrorRepresentation errorRep = JsonSerialization.readValue(tokenResponse, OAuth2ErrorRepresentation.class);
    Assert.assertEquals("Client not allowed.", errorRep.getErrorDescription());
    Assert.assertEquals(OAuthErrorException.INVALID_REQUEST, errorRep.getError());
}
Also used : OAuth2ErrorRepresentation(org.keycloak.representations.idm.OAuth2ErrorRepresentation) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) AbstractOIDCScopeTest(org.keycloak.testsuite.oidc.AbstractOIDCScopeTest) OIDCScopeTest(org.keycloak.testsuite.oidc.OIDCScopeTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 4 with OAuth2ErrorRepresentation

use of org.keycloak.representations.idm.OAuth2ErrorRepresentation in project keycloak by keycloak.

the class KcOidcBrokerTest method testIdPNotFound.

@Test
public void testIdPNotFound() {
    final String notExistingIdP = "not-exists";
    final String realmName = Optional.ofNullable(realmsResouce().realm(bc.providerRealmName()).toRepresentation().getRealm()).orElse(null);
    assertThat(realmName, notNullValue());
    final String LINK = OAuthClient.AUTH_SERVER_ROOT + "/realms/" + realmName + "/broker/" + notExistingIdP + "/endpoint";
    driver.navigate().to(LINK);
    errorPage.assertCurrent();
    assertThat(errorPage.getError(), is("Page not found"));
    try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
        SimpleHttp.Response simple = SimpleHttp.doGet(LINK, client).asResponse();
        assertThat(simple, notNullValue());
        assertThat(simple.getStatus(), is(Response.Status.NOT_FOUND.getStatusCode()));
        OAuth2ErrorRepresentation error = simple.asJson(OAuth2ErrorRepresentation.class);
        assertThat(error, notNullValue());
        assertThat(error.getError(), is("Identity Provider [" + notExistingIdP + "] not found."));
    } catch (IOException ex) {
        Assert.fail("Cannot create HTTP client. Details: " + ex.getMessage());
    }
}
Also used : CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp) OAuth2ErrorRepresentation(org.keycloak.representations.idm.OAuth2ErrorRepresentation) IOException(java.io.IOException) Test(org.junit.Test)

Example 5 with OAuth2ErrorRepresentation

use of org.keycloak.representations.idm.OAuth2ErrorRepresentation in project keycloak by keycloak.

the class ClientRegistrationTest method registerOrUpdateClientExpectingValidationErrors.

private void registerOrUpdateClientExpectingValidationErrors(ClientRepresentation rep, boolean register, boolean redirectUris, String... expectedErrors) {
    HttpErrorException errorException = null;
    try {
        if (register) {
            registerClient(rep);
        } else {
            reg.update(rep);
        }
        fail("Expected exception");
    } catch (ClientRegistrationException e) {
        errorException = (HttpErrorException) e.getCause();
    }
    expectedErrors = Arrays.stream(expectedErrors).filter(Objects::nonNull).toArray(String[]::new);
    assertEquals(errorException.getStatusLine().getStatusCode(), 400);
    OAuth2ErrorRepresentation errorRep;
    try {
        errorRep = JsonSerialization.readValue(errorException.getErrorResponse(), OAuth2ErrorRepresentation.class);
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
    List<String> actualErrors = asList(errorRep.getErrorDescription().split("; "));
    assertThat(actualErrors, containsInAnyOrder(expectedErrors));
    assertEquals(redirectUris ? INVALID_REDIRECT_URI : INVALID_CLIENT_METADATA, errorRep.getError());
}
Also used : Objects(java.util.Objects) ClientRegistrationException(org.keycloak.client.registration.ClientRegistrationException) OAuth2ErrorRepresentation(org.keycloak.representations.idm.OAuth2ErrorRepresentation) IOException(java.io.IOException) HttpErrorException(org.keycloak.client.registration.HttpErrorException)

Aggregations

OAuth2ErrorRepresentation (org.keycloak.representations.idm.OAuth2ErrorRepresentation)17 Test (org.junit.Test)8 AccessTokenResponse (org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)5 IOException (java.io.IOException)4 HttpPost (org.apache.http.client.methods.HttpPost)4 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)3 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)3 InputStream (java.io.InputStream)2 ArrayList (java.util.ArrayList)2 Objects (java.util.Objects)2 Response (javax.ws.rs.core.Response)2 HttpEntity (org.apache.http.HttpEntity)2 HttpResponse (org.apache.http.HttpResponse)2 NameValuePair (org.apache.http.NameValuePair)2 HttpClient (org.apache.http.client.HttpClient)2 UrlEncodedFormEntity (org.apache.http.client.entity.UrlEncodedFormEntity)2 CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)2 StringEntity (org.apache.http.entity.StringEntity)2 BasicNameValuePair (org.apache.http.message.BasicNameValuePair)2 BadRequestException (org.jboss.resteasy.spi.BadRequestException)2