Examples with TokenMetadataRepresentation org.keycloak.representations.oidc.TokenMetadataRepresentation used on opensource projects

Search in sources :

Example 11 with TokenMetadataRepresentation

use of org.keycloak.representations.oidc.TokenMetadataRepresentation in project keycloak by keycloak.

the class TokenIntrospectionTest method testIntrospectAccessTokenOfflineAccess.

// KEYCLOAK-4829
@Test
public void testIntrospectAccessTokenOfflineAccess() throws Exception {
    oauth.scope(OAuth2Constants.OFFLINE_ACCESS);
    oauth.doLogin("test-user@localhost", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse accessTokenResponse = oauth.doAccessTokenRequest(code, "password");
    setTimeOffset(86400);
    // "Online" session still exists, but is invalid
    accessTokenResponse = oauth.doRefreshTokenRequest(accessTokenResponse.getRefreshToken(), "password");
    String tokenResponse = oauth.introspectAccessTokenWithClientCredential("confidential-cli", "secret1", accessTokenResponse.getAccessToken());
    TokenMetadataRepresentation rep = JsonSerialization.readValue(tokenResponse, TokenMetadataRepresentation.class);
    assertTrue(rep.isActive());
    assertEquals("test-user@localhost", rep.getUserName());
    assertEquals("test-app", rep.getClientId());
    // "Online" session doesn't even exists
    testingClient.testing().removeExpired("test");
    accessTokenResponse = oauth.doRefreshTokenRequest(accessTokenResponse.getRefreshToken(), "password");
    tokenResponse = oauth.introspectAccessTokenWithClientCredential("confidential-cli", "secret1", accessTokenResponse.getAccessToken());
    rep = JsonSerialization.readValue(tokenResponse, TokenMetadataRepresentation.class);
    assertTrue(rep.isActive());
    assertEquals("test-user@localhost", rep.getUserName());
    assertEquals("test-app", rep.getClientId());
}
Also used : TokenMetadataRepresentation(org.keycloak.representations.oidc.TokenMetadataRepresentation) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) AbstractOIDCScopeTest(org.keycloak.testsuite.oidc.AbstractOIDCScopeTest) OIDCScopeTest(org.keycloak.testsuite.oidc.OIDCScopeTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 12 with TokenMetadataRepresentation

use of org.keycloak.representations.oidc.TokenMetadataRepresentation in project keycloak by keycloak.

the class TokenIntrospectionTest method testIntrospectAccessToken.

@Test
public void testIntrospectAccessToken() throws Exception {
    oauth.doLogin("test-user@localhost", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    EventRepresentation loginEvent = events.expectLogin().assertEvent();
    AccessTokenResponse accessTokenResponse = oauth.doAccessTokenRequest(code, "password");
    String tokenResponse = oauth.introspectAccessTokenWithClientCredential("confidential-cli", "secret1", accessTokenResponse.getAccessToken());
    TokenMetadataRepresentation rep = JsonSerialization.readValue(tokenResponse, TokenMetadataRepresentation.class);
    assertTrue(rep.isActive());
    assertEquals("test-user@localhost", rep.getUserName());
    assertEquals("test-app", rep.getClientId());
    assertEquals(loginEvent.getUserId(), rep.getSubject());
    // Assert expected scope
    AbstractOIDCScopeTest.assertScopes("openid email profile", rep.getScope());
}
Also used : TokenMetadataRepresentation(org.keycloak.representations.oidc.TokenMetadataRepresentation) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) AbstractOIDCScopeTest(org.keycloak.testsuite.oidc.AbstractOIDCScopeTest) OIDCScopeTest(org.keycloak.testsuite.oidc.OIDCScopeTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 13 with TokenMetadataRepresentation

use of org.keycloak.representations.oidc.TokenMetadataRepresentation in project keycloak by keycloak.

the class TokenIntrospectionTest method testIntrospectAccessTokenSessionInvalid.

@Test
public void testIntrospectAccessTokenSessionInvalid() throws Exception {
    oauth.doLogin("test-user@localhost", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse accessTokenResponse = oauth.doAccessTokenRequest(code, "password");
    oauth.doLogout(accessTokenResponse.getRefreshToken(), "password");
    String tokenResponse = oauth.introspectAccessTokenWithClientCredential("confidential-cli", "secret1", accessTokenResponse.getAccessToken());
    TokenMetadataRepresentation rep = JsonSerialization.readValue(tokenResponse, TokenMetadataRepresentation.class);
    assertFalse(rep.isActive());
    assertNull(rep.getUserName());
    assertNull(rep.getClientId());
    assertNull(rep.getSubject());
}
Also used : TokenMetadataRepresentation(org.keycloak.representations.oidc.TokenMetadataRepresentation) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) AbstractOIDCScopeTest(org.keycloak.testsuite.oidc.AbstractOIDCScopeTest) OIDCScopeTest(org.keycloak.testsuite.oidc.OIDCScopeTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 14 with TokenMetadataRepresentation

use of org.keycloak.representations.oidc.TokenMetadataRepresentation in project keycloak by keycloak.

the class TokenIntrospectionTest method testIntrospectDoesntExtendTokenLifespan.

@Test
public void testIntrospectDoesntExtendTokenLifespan() throws Exception {
    oauth.doLogin("test-user@localhost", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse accessTokenResponse = oauth.doAccessTokenRequest(code, "password");
    accessTokenResponse = oauth.doRefreshTokenRequest(accessTokenResponse.getRefreshToken(), "password");
    setTimeOffset(1200);
    String tokenResponse = oauth.introspectRefreshTokenWithClientCredential("confidential-cli", "secret1", accessTokenResponse.getRefreshToken());
    TokenMetadataRepresentation rep = JsonSerialization.readValue(tokenResponse, TokenMetadataRepresentation.class);
    assertTrue(rep.isActive());
    assertEquals("test-user@localhost", rep.getUserName());
    assertEquals("test-app", rep.getClientId());
    setTimeOffset(1200 + 1200);
    accessTokenResponse = oauth.doRefreshTokenRequest(accessTokenResponse.getRefreshToken(), "password");
    assertEquals(400, accessTokenResponse.getStatusCode());
    assertEquals("Token is not active", accessTokenResponse.getErrorDescription());
}
Also used : TokenMetadataRepresentation(org.keycloak.representations.oidc.TokenMetadataRepresentation) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) AbstractOIDCScopeTest(org.keycloak.testsuite.oidc.AbstractOIDCScopeTest) OIDCScopeTest(org.keycloak.testsuite.oidc.OIDCScopeTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 15 with TokenMetadataRepresentation

use of org.keycloak.representations.oidc.TokenMetadataRepresentation in project keycloak by keycloak.

the class TokenIntrospectionTest method testInactiveAccessToken.

@Test
public void testInactiveAccessToken() throws Exception {
    oauth.doLogin("test-user@localhost", "password");
    String inactiveAccessToken = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJGSjg2R2NGM2pUYk5MT2NvNE52WmtVQ0lVbWZZQ3FvcXRPUWVNZmJoTmxFIn0.eyJqdGkiOiI5NjgxZTRlOC01NzhlLTQ3M2ItOTIwNC0yZWE5OTdhYzMwMTgiLCJleHAiOjE0NzYxMDY4NDksIm5iZiI6MCwiaWF0IjoxNDc2MTA2NTQ5LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgxODAvYXV0aC9yZWFsbXMvdGVzdCIsImF1ZCI6InRlc3QtYXBwIiwic3ViIjoiZWYyYzk0NjAtZDRkYy00OTk5LWJlYmUtZWVmYWVkNmJmMGU3IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoidGVzdC1hcHAiLCJhdXRoX3RpbWUiOjE0NzYxMDY1NDksInNlc3Npb25fc3RhdGUiOiI1OGY4M2MzMi03MDhkLTQzNjktODhhNC05YjI5OGRjMDY5NzgiLCJhY3IiOiIxIiwiY2xpZW50X3Nlc3Npb24iOiI2NTYyOTVkZC1kZWNkLTQyZDAtYWJmYy0zZGJjZjJlMDE3NzIiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cDovL2xvY2FsaG9zdDo4MTgwIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJ1c2VyIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsidGVzdC1hcHAiOnsicm9sZXMiOlsiY3VzdG9tZXItdXNlciJdfSwiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsInZpZXctcHJvZmlsZSJdfX0sIm5hbWUiOiJUb20gQnJhZHkiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJ0ZXN0LXVzZXJAbG9jYWxob3N0IiwiZ2l2ZW5fbmFtZSI6IlRvbSIsImZhbWlseV9uYW1lIjoiQnJhZHkiLCJlbWFpbCI6InRlc3QtdXNlckBsb2NhbGhvc3QifQ.LYU7opqZsc9e-ZmdsIhcecjHL3kQkpP13VpwO4MHMqEVNeJsZI1WOkTM5HGVAihcPfQazhaYvcik0gFTF_6ZcKzDqanjx80TGhSIrV5FoCeUrbp7w_66VKDH7ImPc8T2kICQGHh2d521WFBnvXNifw7P6AR1rGg4qrUljHdf_KU";
    String tokenResponse = oauth.introspectAccessTokenWithClientCredential("confidential-cli", "secret1", inactiveAccessToken);
    ObjectMapper objectMapper = new ObjectMapper();
    JsonNode jsonNode = objectMapper.readTree(tokenResponse);
    assertFalse(jsonNode.get("active").asBoolean());
    TokenMetadataRepresentation rep = objectMapper.readValue(tokenResponse, TokenMetadataRepresentation.class);
    assertFalse(rep.isActive());
    assertNull(rep.getUserName());
    assertNull(rep.getClientId());
    assertNull(rep.getSubject());
}
Also used : TokenMetadataRepresentation(org.keycloak.representations.oidc.TokenMetadataRepresentation) JsonNode(com.fasterxml.jackson.databind.JsonNode) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) AbstractOIDCScopeTest(org.keycloak.testsuite.oidc.AbstractOIDCScopeTest) OIDCScopeTest(org.keycloak.testsuite.oidc.OIDCScopeTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

TokenMetadataRepresentation (org.keycloak.representations.oidc.TokenMetadataRepresentation)21 AccessTokenResponse (org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)14 Test (org.junit.Test)13 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)12 AbstractOIDCScopeTest (org.keycloak.testsuite.oidc.AbstractOIDCScopeTest)11 OIDCScopeTest (org.keycloak.testsuite.oidc.OIDCScopeTest)11 JsonNode (com.fasterxml.jackson.databind.JsonNode)6 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)5 EventRepresentation (org.keycloak.representations.idm.EventRepresentation)5 OAuthClient (org.keycloak.testsuite.util.OAuthClient)3 IOException (java.io.IOException)2 CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)2 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)2 JWSInput (org.keycloak.jose.jws.JWSInput)2 TextNode (com.fasterxml.jackson.databind.node.TextNode)1 ArrayList (java.util.ArrayList)1 NotAuthorizedException (javax.ws.rs.NotAuthorizedException)1 Response (javax.ws.rs.core.Response)1 Matchers.containsString (org.hamcrest.Matchers.containsString)1 Keycloak (org.keycloak.admin.client.Keycloak)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial