Example 21 with TokenMetadataRepresentation
use of org.keycloak.representations.oidc.TokenMetadataRepresentation in project keycloak by keycloak.
the class TokenRevocationTest method isAccessTokenDisabled.
private void isAccessTokenDisabled(String accessTokenString, String clientId) throws IOException {
// Test introspection endpoint not possible
String introspectionResponse = oauth.introspectAccessTokenWithClientCredential(clientId, "password", accessTokenString);
TokenMetadataRepresentation rep = JsonSerialization.readValue(introspectionResponse, TokenMetadataRepresentation.class);
assertFalse(rep.isActive());
// Test userInfo endpoint not possible
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(userInfoClient, accessTokenString);
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
// Test account REST not possible
String accountUrl = OAuthClient.AUTH_SERVER_ROOT + "/realms/test/account";
SimpleHttp accountRequest = SimpleHttp.doGet(accountUrl, restHttpClient).auth(accessTokenString).acceptJson();
assertEquals(Status.UNAUTHORIZED.getStatusCode(), accountRequest.asStatus());
// Test admin REST not possible
try (Keycloak adminClient = Keycloak.getInstance(OAuthClient.AUTH_SERVER_ROOT, "test", "test-app", accessTokenString)) {
try {
adminClient.realms().realm("test").toRepresentation();
Assert.fail("Not expected to obtain realm");
} catch (NotAuthorizedException nae) {
// Expected
}
}
}
Also used :
AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)
Response(javax.ws.rs.core.Response)
CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse)
TokenMetadataRepresentation(org.keycloak.representations.oidc.TokenMetadataRepresentation)
SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp)
NotAuthorizedException(javax.ws.rs.NotAuthorizedException)
Keycloak(org.keycloak.admin.client.Keycloak)
Aggregations
TokenMetadataRepresentation (org.keycloak.representations.oidc.TokenMetadataRepresentation)21
AccessTokenResponse (org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)14
Test (org.junit.Test)13
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)12
AbstractOIDCScopeTest (org.keycloak.testsuite.oidc.AbstractOIDCScopeTest)11
OIDCScopeTest (org.keycloak.testsuite.oidc.OIDCScopeTest)11
JsonNode (com.fasterxml.jackson.databind.JsonNode)6
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)5
EventRepresentation (org.keycloak.representations.idm.EventRepresentation)5
OAuthClient (org.keycloak.testsuite.util.OAuthClient)3
IOException (java.io.IOException)2
CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)2
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)2
JWSInput (org.keycloak.jose.jws.JWSInput)2
TextNode (com.fasterxml.jackson.databind.node.TextNode)1
ArrayList (java.util.ArrayList)1
NotAuthorizedException (javax.ws.rs.NotAuthorizedException)1
Response (javax.ws.rs.core.Response)1
Matchers.containsString (org.hamcrest.Matchers.containsString)1
Keycloak (org.keycloak.admin.client.Keycloak)1
