Examples with TestOIDCEndpointsApplicationResource org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource used on opensource projects

Search in sources :

Example 11 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method createAndSignRequestObject.

private String createAndSignRequestObject() throws IOException {
    TestingOIDCEndpointsApplicationResource.AuthorizationEndpointRequestObject requestObject = new TestingOIDCEndpointsApplicationResource.AuthorizationEndpointRequestObject();
    requestObject.id(KeycloakModelUtils.generateId());
    requestObject.iat(Long.valueOf(Time.currentTime()));
    requestObject.exp(requestObject.getIat() + Long.valueOf(300));
    requestObject.nbf(requestObject.getIat());
    requestObject.setClientId(oauth.getClientId());
    requestObject.setResponseType("code");
    requestObject.setRedirectUriParam(oauth.getRedirectUri());
    requestObject.setScope("openid");
    byte[] contentBytes = JsonSerialization.writeValueAsBytes(requestObject);
    String encodedRequestObject = Base64Url.encode(contentBytes);
    TestOIDCEndpointsApplicationResource client = testingClient.testApp().oidcClientEndpoints();
    // use and set jwks_url
    ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm(oauth.getRealm()), oauth.getClientId());
    ClientRepresentation clientRep = clientResource.toRepresentation();
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setUseJwksUrl(true);
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setJwksUrl(TestApplicationResourceUrls.clientJwksUri());
    clientResource.update(clientRep);
    client.generateKeys(org.keycloak.crypto.Algorithm.RS256);
    client.registerOIDCRequest(encodedRequestObject, org.keycloak.crypto.Algorithm.RS256);
    String oidcRequest = client.getOIDCRequest();
    return oidcRequest;
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) ClientResource(org.keycloak.admin.client.resource.ClientResource) TestingOIDCEndpointsApplicationResource(org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)

Example 12 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method requestObjectNotRequiredProvidedInRequestParam.

@Test
public void requestObjectNotRequiredProvidedInRequestParam() throws Exception {
    oauth.stateParamHardcoded("mystate2");
    // Set request object not required for client
    ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
    ClientRepresentation clientRep = clientResource.toRepresentation();
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(null);
    clientResource.update(clientRep);
    // Set up a request object
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", oauth.getRedirectUri(), "10", "mystate2", Algorithm.none.toString());
    // Send request object in "request" param
    oauth.request(oidcClientEndpointsResource.getOIDCRequest());
    // Assert that the request is accepted
    OAuthClient.AuthorizationEndpointResponse response1 = oauth.doLogin("test-user@localhost", "password");
    Assert.assertNotNull(response1.getCode());
    Assert.assertEquals("mystate2", response1.getState());
    assertTrue(appPage.isCurrent());
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OAuthClient(org.keycloak.testsuite.util.OAuthClient) ClientResource(org.keycloak.admin.client.resource.ClientResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 13 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method requestUriParamSigned.

@Test
public void requestUriParamSigned() throws Exception {
    String validRedirectUri = oauth.getRedirectUri();
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    // Set required signature for request_uri
    ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
    ClientRepresentation clientRep = clientResource.toRepresentation();
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectSignatureAlg(Algorithm.RS256);
    clientResource.update(clientRep);
    // Verify unsigned request_uri will fail
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", validRedirectUri, "10", Algorithm.none.toString());
    oauth.requestUri(TestApplicationResourceUrls.clientRequestUri());
    oauth.openLoginForm();
    Assert.assertTrue(errorPage.isCurrent());
    assertEquals("Invalid Request", errorPage.getError());
    // Generate keypair for client
    String clientPublicKeyPem = oidcClientEndpointsResource.generateKeys("RS256").get(TestingOIDCEndpointsApplicationResource.PUBLIC_KEY);
    // Verify signed request_uri will fail due to failed signature validation
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", validRedirectUri, "10", "mystate3", Algorithm.RS256.toString());
    oauth.openLoginForm();
    Assert.assertTrue(errorPage.isCurrent());
    assertEquals("Invalid Request", errorPage.getError());
    // Update clientModel with publicKey for signing
    clientRep = clientResource.toRepresentation();
    CertificateRepresentation cert = new CertificateRepresentation();
    cert.setPublicKey(clientPublicKeyPem);
    CertificateInfoHelper.updateClientRepresentationCertificateInfo(clientRep, cert, JWTClientAuthenticator.ATTR_PREFIX);
    clientResource.update(clientRep);
    // set time offset, so that new keys are downloaded
    setTimeOffset(20);
    // Check signed request_uri will pass
    OAuthClient.AuthorizationEndpointResponse response = oauth.doLogin("test-user@localhost", "password");
    Assert.assertNotNull(response.getCode());
    Assert.assertEquals("mystate3", response.getState());
    assertTrue(appPage.isCurrent());
    // Revert requiring signature for client
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectSignatureAlg(null);
    clientResource.update(clientRep);
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OAuthClient(org.keycloak.testsuite.util.OAuthClient) CertificateRepresentation(org.keycloak.representations.idm.CertificateRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 14 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method requestObjectRequiredProvidedInRequestParam.

@Test
public void requestObjectRequiredProvidedInRequestParam() throws Exception {
    oauth.stateParamHardcoded("mystate2");
    // Set request object not required for client
    ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
    ClientRepresentation clientRep = clientResource.toRepresentation();
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(OIDCConfigAttributes.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI);
    clientResource.update(clientRep);
    // Set up a request object
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", oauth.getRedirectUri(), "10", "mystate2", Algorithm.none.toString());
    // Send request object in "request" param
    oauth.request(oidcClientEndpointsResource.getOIDCRequest());
    // Assert that the request is accepted
    OAuthClient.AuthorizationEndpointResponse response1 = oauth.doLogin("test-user@localhost", "password");
    Assert.assertNotNull(response1.getCode());
    Assert.assertEquals("mystate2", response1.getState());
    assertTrue(appPage.isCurrent());
    // Revert requiring request object for client
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(null);
    clientResource.update(clientRep);
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OAuthClient(org.keycloak.testsuite.util.OAuthClient) ClientResource(org.keycloak.admin.client.resource.ClientResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 15 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method requestUriParamUnsigned.

@Test
public void requestUriParamUnsigned() throws Exception {
    String validRedirectUri = oauth.getRedirectUri();
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    // Send request object with invalid redirect uri.
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", "http://invalid", null, "mystate1", Algorithm.none.toString());
    oauth.requestUri(TestApplicationResourceUrls.clientRequestUri());
    oauth.openLoginForm();
    Assert.assertTrue(errorPage.isCurrent());
    assertEquals("Invalid parameter: redirect_uri", errorPage.getError());
    // Assert the value from request object has bigger priority then from the query parameter.
    oauth.redirectUri("http://invalid");
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", validRedirectUri, "10", "mystate1", Algorithm.none.toString());
    OAuthClient.AuthorizationEndpointResponse response = oauth.doLogin("test-user@localhost", "password");
    Assert.assertNotNull(response.getCode());
    Assert.assertEquals("mystate1", response.getState());
    assertTrue(appPage.isCurrent());
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OAuthClient(org.keycloak.testsuite.util.OAuthClient) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

TestOIDCEndpointsApplicationResource (org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)48 Test (org.junit.Test)33 ClientResource (org.keycloak.admin.client.resource.ClientResource)28 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27 OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)22 OAuthClient (org.keycloak.testsuite.util.OAuthClient)21 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)14 AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)13 KeyPair (java.security.KeyPair)6 ArrayList (java.util.ArrayList)6 Matchers.containsString (org.hamcrest.Matchers.containsString)6 TestingOIDCEndpointsApplicationResource (org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource)6 PrivateKey (java.security.PrivateKey)5 TestAuthenticationChannelRequest (org.keycloak.testsuite.rest.representation.TestAuthenticationChannelRequest)5 JSONWebKeySet (org.keycloak.jose.jwk.JSONWebKeySet)4 IDToken (org.keycloak.representations.IDToken)4 AbstractClientPoliciesTest (org.keycloak.testsuite.client.AbstractClientPoliciesTest)4 ParResponse (org.keycloak.testsuite.util.OAuthClient.ParResponse)4 PublicKey (java.security.PublicKey)3 AuthenticationRequestAcknowledgement (org.keycloak.testsuite.util.OAuthClient.AuthenticationRequestAcknowledgement)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial