Example 36 with TestOIDCEndpointsApplicationResource
use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.
the class OIDCAdvancedRequestParamsTest method requestObjectRequiredAsRequestParamProvidedInRequestUriParam.
@Test
public void requestObjectRequiredAsRequestParamProvidedInRequestUriParam() throws Exception {
oauth.stateParamHardcoded("mystate2");
// Set request object not required for client
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
ClientRepresentation clientRep = clientResource.toRepresentation();
OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(OIDCConfigAttributes.REQUEST_OBJECT_REQUIRED_REQUEST);
clientResource.update(clientRep);
// Set up a request object
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
oidcClientEndpointsResource.setOIDCRequest("test", "test-app", oauth.getRedirectUri(), "10", Algorithm.none.toString());
// Send request object reference in "request_uri" param
oauth.requestUri(TestApplicationResourceUrls.clientRequestUri());
// Assert that the request is accepted
oauth.openLoginForm();
Assert.assertTrue(errorPage.isCurrent());
assertEquals("Invalid Request", errorPage.getError());
// Revert requiring request object for client
OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(null);
clientResource.update(clientRep);
}
Also used :
TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Example 37 with TestOIDCEndpointsApplicationResource
use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.
the class OIDCAdvancedRequestParamsTest method requestObjectRequiredProvidedInRequestUriParam.
@Test
public void requestObjectRequiredProvidedInRequestUriParam() throws Exception {
oauth.stateParamHardcoded("mystate2");
// Set request object not required for client
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
ClientRepresentation clientRep = clientResource.toRepresentation();
OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(OIDCConfigAttributes.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI);
clientResource.update(clientRep);
// Set up a request object
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
oidcClientEndpointsResource.setOIDCRequest("test", "test-app", oauth.getRedirectUri(), "10", "mystate2", Algorithm.none.toString());
// Send request object reference in "request_uri" param
oauth.requestUri(TestApplicationResourceUrls.clientRequestUri());
// Assert that the request is accepted
OAuthClient.AuthorizationEndpointResponse response2 = oauth.doLogin("test-user@localhost", "password");
Assert.assertNotNull(response2.getCode());
Assert.assertEquals("mystate2", response2.getState());
assertTrue(appPage.isCurrent());
// Revert requiring request object for client
OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setRequestObjectRequired(null);
clientResource.update(clientRep);
}
Also used :
TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)
OAuthClient(org.keycloak.testsuite.util.OAuthClient)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Example 38 with TestOIDCEndpointsApplicationResource
use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.
the class OIDCJwksClientRegistrationTest method createClientWithJWKSURI.
@Test
public void createClientWithJWKSURI() throws Exception {
OIDCClientRepresentation clientRep = createRep();
clientRep.setGrantTypes(Collections.singletonList(OAuth2Constants.CLIENT_CREDENTIALS));
clientRep.setTokenEndpointAuthMethod(OIDCLoginProtocol.PRIVATE_KEY_JWT);
// Generate keys for client
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
Map<String, String> generatedKeys = oidcClientEndpointsResource.generateKeys("RS256");
clientRep.setJwksUri(TestApplicationResourceUrls.clientJwksUri());
OIDCClientRepresentation response = reg.oidc().create(clientRep);
Assert.assertEquals(OIDCLoginProtocol.PRIVATE_KEY_JWT, response.getTokenEndpointAuthMethod());
Assert.assertNull(response.getClientSecret());
Assert.assertNull(response.getClientSecretExpiresAt());
Assert.assertEquals(response.getJwksUri(), TestApplicationResourceUrls.clientJwksUri());
// Tries to authenticate client with privateKey JWT
assertAuthenticateClientSuccess(generatedKeys, response, KEEP_GENERATED_KID);
}
Also used :
TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
Test(org.junit.Test)
Example 39 with TestOIDCEndpointsApplicationResource
use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.
the class OIDCJwksClientRegistrationTest method createClientWithJWKS_nullKid.
// The "kid" is null in the signed JWT. This is backwards compatibility test as in versions prior to 2.3.0, the "kid" wasn't set by JWTClientCredentialsProvider
@Test
public void createClientWithJWKS_nullKid() throws Exception {
OIDCClientRepresentation clientRep = createRep();
clientRep.setGrantTypes(Collections.singletonList(OAuth2Constants.CLIENT_CREDENTIALS));
clientRep.setTokenEndpointAuthMethod(OIDCLoginProtocol.PRIVATE_KEY_JWT);
// Generate keys for client
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
Map<String, String> generatedKeys = oidcClientEndpointsResource.generateKeys("RS256");
JSONWebKeySet keySet = oidcClientEndpointsResource.getJwks();
clientRep.setJwks(keySet);
OIDCClientRepresentation response = reg.oidc().create(clientRep);
// Tries to authenticate client with privateKey JWT
assertAuthenticateClientSuccess(generatedKeys, response, null);
}
Also used :
TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
JSONWebKeySet(org.keycloak.jose.jwk.JSONWebKeySet)
Test(org.junit.Test)
Example 40 with TestOIDCEndpointsApplicationResource
use of org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource in project keycloak by keycloak.
the class OIDCJwksClientRegistrationTest method createClientWithManuallySetKid.
private OIDCClientRepresentation createClientWithManuallySetKid(String kid) throws Exception {
OIDCClientRepresentation clientRep = createRep();
clientRep.setGrantTypes(Collections.singletonList(OAuth2Constants.CLIENT_CREDENTIALS));
clientRep.setTokenEndpointAuthMethod(OIDCLoginProtocol.PRIVATE_KEY_JWT);
// Generate keys for client
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
oidcClientEndpointsResource.generateKeys("RS256");
JSONWebKeySet keySet = oidcClientEndpointsResource.getJwks();
// Override kid with custom value
keySet.getKeys()[0].setKeyId(kid);
clientRep.setJwks(keySet);
return reg.oidc().create(clientRep);
}
Also used :
TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
JSONWebKeySet(org.keycloak.jose.jwk.JSONWebKeySet)
Aggregations
TestOIDCEndpointsApplicationResource (org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)48
Test (org.junit.Test)33
ClientResource (org.keycloak.admin.client.resource.ClientResource)28
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27
OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)22
OAuthClient (org.keycloak.testsuite.util.OAuthClient)21
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)14
AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)13
KeyPair (java.security.KeyPair)6
ArrayList (java.util.ArrayList)6
Matchers.containsString (org.hamcrest.Matchers.containsString)6
TestingOIDCEndpointsApplicationResource (org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource)6
PrivateKey (java.security.PrivateKey)5
TestAuthenticationChannelRequest (org.keycloak.testsuite.rest.representation.TestAuthenticationChannelRequest)5
JSONWebKeySet (org.keycloak.jose.jwk.JSONWebKeySet)4
IDToken (org.keycloak.representations.IDToken)4
AbstractClientPoliciesTest (org.keycloak.testsuite.client.AbstractClientPoliciesTest)4
ParResponse (org.keycloak.testsuite.util.OAuthClient.ParResponse)4
PublicKey (java.security.PublicKey)3
AuthenticationRequestAcknowledgement (org.keycloak.testsuite.util.OAuthClient.AuthenticationRequestAcknowledgement)3
