Examples with TestOIDCEndpointsApplicationResource org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource used on opensource projects

Search in sources :

Example 16 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method requestUriParamWithAllowedRequestUris.

@Test
public void requestUriParamWithAllowedRequestUris() throws Exception {
    String validRedirectUri = oauth.getRedirectUri();
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", validRedirectUri, "10", "mystate1", Algorithm.none.toString());
    ClientManager.ClientManagerBuilder clientMgrBuilder = ClientManager.realm(adminClient.realm("test")).clientId("test-app");
    oauth.requestUri(TestApplicationResourceUrls.clientRequestUri());
    // Test with the relative allowed request_uri - should pass
    String absoluteRequestUri = TestApplicationResourceUrls.clientRequestUri();
    String requestUri = absoluteRequestUri.substring(UriUtils.getOrigin(absoluteRequestUri).length());
    clientMgrBuilder.setRequestUris(requestUri);
    oauth.openLoginForm();
    Assert.assertFalse(errorPage.isCurrent());
    loginPage.assertCurrent();
    // Test with the relative and star at the end - should pass
    requestUri = requestUri.replace("/get-oidc-request", "/*");
    clientMgrBuilder.setRequestUris(requestUri);
    oauth.openLoginForm();
    Assert.assertFalse(errorPage.isCurrent());
    loginPage.assertCurrent();
    // Test absolute and wildcard at the end - should pass
    requestUri = absoluteRequestUri.replace("/get-oidc-request", "/*");
    clientMgrBuilder.setRequestUris(requestUri);
    oauth.openLoginForm();
    Assert.assertFalse(errorPage.isCurrent());
    loginPage.assertCurrent();
    // Test star only as wildcard - should pass
    clientMgrBuilder.setRequestUris("*");
    oauth.openLoginForm();
    Assert.assertFalse(errorPage.isCurrent());
    loginPage.assertCurrent();
    // Test with multiple request_uris - should pass
    clientMgrBuilder.setRequestUris("/foo", requestUri);
    oauth.openLoginForm();
    Assert.assertFalse(errorPage.isCurrent());
    loginPage.assertCurrent();
    // Test invalid request_uris - should fail
    clientMgrBuilder.setRequestUris("/foo", requestUri.replace("/*", "/foo"));
    oauth.openLoginForm();
    errorPage.assertCurrent();
    // Test with no request_uri set at all - should fail
    clientMgrBuilder.setRequestUris();
    oauth.openLoginForm();
    errorPage.assertCurrent();
    // Revert
    clientMgrBuilder.setRequestUris(TestApplicationResourceUrls.clientRequestUri());
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) ClientManager(org.keycloak.testsuite.util.ClientManager) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 17 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method requestObjectRequiredAsRequestParamProvidedInRequestParam.

@Test
public void requestObjectRequiredAsRequestParamProvidedInRequestParam() throws Exception {
    oauth.stateParamHardcoded("mystate2");
    // Set request object not required for client
    ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
    ClientRepresentation clientRep = clientResource.toRepresentation();
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(OIDCConfigAttributes.REQUEST_OBJECT_REQUIRED_REQUEST);
    clientResource.update(clientRep);
    // Set up a request object
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", oauth.getRedirectUri(), "10", "mystate2", Algorithm.none.toString());
    // Send request object in "request" param
    oauth.request(oidcClientEndpointsResource.getOIDCRequest());
    // Assert that the request is accepted
    OAuthClient.AuthorizationEndpointResponse response1 = oauth.doLogin("test-user@localhost", "password");
    Assert.assertNotNull(response1.getCode());
    Assert.assertEquals("mystate2", response1.getState());
    assertTrue(appPage.isCurrent());
    // Revert requiring request object for client
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(null);
    clientResource.update(clientRep);
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OAuthClient(org.keycloak.testsuite.util.OAuthClient) ClientResource(org.keycloak.admin.client.resource.ClientResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 18 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCAdvancedRequestParamsTest method requestParamUnsigned.

@Test
public void requestParamUnsigned() throws Exception {
    oauth.stateParamHardcoded("mystate2");
    String validRedirectUri = oauth.getRedirectUri();
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    // Send request object with invalid redirect uri.
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", "http://invalid", null, Algorithm.none.toString());
    String requestStr = oidcClientEndpointsResource.getOIDCRequest();
    oauth.request(requestStr);
    oauth.openLoginForm();
    Assert.assertTrue(errorPage.isCurrent());
    assertEquals("Invalid parameter: redirect_uri", errorPage.getError());
    // Assert the value from request object has bigger priority then from the query parameter.
    oauth.redirectUri("http://invalid");
    oidcClientEndpointsResource.setOIDCRequest("test", "test-app", validRedirectUri, "10", "mystate2", Algorithm.none.toString());
    requestStr = oidcClientEndpointsResource.getOIDCRequest();
    oauth.request(requestStr);
    OAuthClient.AuthorizationEndpointResponse response = oauth.doLogin("test-user@localhost", "password");
    Assert.assertNotNull(response.getCode());
    Assert.assertEquals("mystate2", response.getState());
    assertTrue(appPage.isCurrent());
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OAuthClient(org.keycloak.testsuite.util.OAuthClient) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 19 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class OIDCPairwiseClientRegistrationTest method updateToPairwiseThroughAdminRESTSuccess.

@Test
public void updateToPairwiseThroughAdminRESTSuccess() throws Exception {
    OIDCClientRepresentation response = create();
    Assert.assertEquals("public", response.getSubjectType());
    Assert.assertNull(response.getSectorIdentifierUri());
    // Push redirect uris to the sector identifier URI
    List<String> sectorRedirects = new ArrayList<>();
    sectorRedirects.addAll(response.getRedirectUris());
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    oidcClientEndpointsResource.setSectorIdentifierRedirectUris(sectorRedirects);
    String sectorIdentifierUri = TestApplicationResourceUrls.pairwiseSectorIdentifierUri();
    // Add protocolMapper through admin REST endpoint
    String clientId = response.getClientId();
    ProtocolMapperRepresentation pairwiseProtMapper = SHA256PairwiseSubMapper.createPairwiseMapper(sectorIdentifierUri, null);
    RealmResource realmResource = realmsResouce().realm("test");
    ClientManager.realm(realmResource).clientId(clientId).addProtocolMapper(pairwiseProtMapper);
    reg.auth(Auth.token(response));
    OIDCClientRepresentation rep = reg.oidc().get(response.getClientId());
    Assert.assertEquals("pairwise", rep.getSubjectType());
    Assert.assertEquals(sectorIdentifierUri, rep.getSectorIdentifierUri());
}
Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ArrayList(java.util.ArrayList) Test(org.junit.Test)

Example 20 with TestOIDCEndpointsApplicationResource

use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.

the class ClientAuthSignedJWTTest method setupJwksUrl.

private KeyPair setupJwksUrl(String algorithm, boolean advertiseJWKAlgorithm, ClientRepresentation clientRepresentation, ClientResource clientResource) throws Exception {
    // generate and register client keypair
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    oidcClientEndpointsResource.generateKeys(algorithm, advertiseJWKAlgorithm);
    Map<String, String> generatedKeys = oidcClientEndpointsResource.getKeysAsBase64();
    KeyPair keyPair = getKeyPairFromGeneratedBase64(generatedKeys, algorithm);
    // use and set jwks_url
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRepresentation).setUseJwksUrl(true);
    String jwksUrl = TestApplicationResourceUrls.clientJwksUri();
    OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRepresentation).setJwksUrl(jwksUrl);
    clientResource.update(clientRepresentation);
    // set time offset, so that new keys are downloaded
    setTimeOffset(20);
    return keyPair;
}
Also used : KeyPair(java.security.KeyPair) TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)

Aggregations

TestOIDCEndpointsApplicationResource (org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)48 Test (org.junit.Test)33 ClientResource (org.keycloak.admin.client.resource.ClientResource)28 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27 OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)22 OAuthClient (org.keycloak.testsuite.util.OAuthClient)21 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)14 AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)13 KeyPair (java.security.KeyPair)6 ArrayList (java.util.ArrayList)6 Matchers.containsString (org.hamcrest.Matchers.containsString)6 TestingOIDCEndpointsApplicationResource (org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource)6 PrivateKey (java.security.PrivateKey)5 TestAuthenticationChannelRequest (org.keycloak.testsuite.rest.representation.TestAuthenticationChannelRequest)5 JSONWebKeySet (org.keycloak.jose.jwk.JSONWebKeySet)4 IDToken (org.keycloak.representations.IDToken)4 AbstractClientPoliciesTest (org.keycloak.testsuite.client.AbstractClientPoliciesTest)4 ParResponse (org.keycloak.testsuite.util.OAuthClient.ParResponse)4 PublicKey (java.security.PublicKey)3 AuthenticationRequestAcknowledgement (org.keycloak.testsuite.util.OAuthClient.AuthenticationRequestAcknowledgement)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial