Examples with MutualTLSUtils - org.keycloak.testsuite.util.MutualTLSUtils

Example 1 with MutualTLSUtils

use of org.keycloak.testsuite.util.MutualTLSUtils in project keycloak by keycloak.

the class HoKTest method serviceAccountWithClientCertificate.

@Test
public void serviceAccountWithClientCertificate() throws Exception {
    oauth.clientId("service-account-client");
    AccessTokenResponse response;
    Supplier<CloseableHttpClient> previous = oauth.getHttpClient();
    try {
        // Request without HoK should fail
        oauth.httpClient(MutualTLSUtils::newCloseableHttpClientWithoutKeyStoreAndTrustStore);
        response = oauth.doClientCredentialsGrantAccessTokenRequest("secret1");
        assertEquals(400, response.getStatusCode());
        assertEquals(OAuthErrorException.INVALID_REQUEST, response.getError());
        assertEquals("Client Certification missing for MTLS HoK Token Binding", response.getErrorDescription());
        // Request with HoK - success
        oauth.httpClient(MutualTLSUtils::newCloseableHttpClientWithDefaultKeyStoreAndTrustStore);
        response = oauth.doClientCredentialsGrantAccessTokenRequest("secret1");
        assertEquals(200, response.getStatusCode());
        // Success Pattern
        verifyHoKTokenCertThumbPrint(response, MutualTLSUtils.getThumbprintFromDefaultClientCert(), false);
    } catch (IOException ioe) {
        throw new RuntimeException(ioe);
    } finally {
        oauth.httpClient(previous);
    }
}

Also used : CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) MutualTLSUtils(org.keycloak.testsuite.util.MutualTLSUtils) IOException(java.io.IOException) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) RefreshTokenTest(org.keycloak.testsuite.oauth.RefreshTokenTest) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

IOException (java.io.IOException)1 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)1 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)1 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)1 RefreshTokenTest (org.keycloak.testsuite.oauth.RefreshTokenTest)1 MutualTLSUtils (org.keycloak.testsuite.util.MutualTLSUtils)1 AccessTokenResponse (org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)1