use of org.owasp.oag.services.login.drivers.LoginDriverResult in project Application-Gateway by gianlucafrei.
the class GitHubDriverTest method getCallbackTest.
@Test
public void getCallbackTest() throws ParseException {
// Arrange
var settings = GitHubDriverSettingsTest.getValidSettings();
var driver = GitHubDriverSettingsTest.getDriver(settings);
var callbackUri = URI.create("https://example/callback");
// Act
LoginDriverResult loginDriverResult1 = driver.startLogin(callbackUri);
LoginDriverResult loginDriverResult2 = driver.startLogin(callbackUri);
// Assert
// Check if the values from the oauth2 request are expected
AuthorizationRequest req1 = AuthorizationRequest.parse(loginDriverResult1.getAuthURI());
assertEquals(req1.getState().toString(), loginDriverResult1.getState());
assertEquals(req1.getClientID().toString(), settings.get("clientId"));
assertTrue(req1.getScope().contains("email"));
assertEquals(req1.getRedirectionURI(), callbackUri);
// Check if the login states are not the same
assertNotEquals(loginDriverResult1.getState(), loginDriverResult2.getState(), "State variables must not be equal");
}
use of org.owasp.oag.services.login.drivers.LoginDriverResult in project Application-Gateway by gianlucafrei.
the class Oauth2Driver method startLogin.
@Override
public LoginDriverResult startLogin(URI callbackUri) {
var settings = getSettings();
// Preprare Oauth2 request
URI authzEndpoint = getAuthEndpoint(settings);
ClientID clientID = getClientId(settings);
Scope scope = getScopes(settings);
// Generate random state string for pairing the response to the request
State state = new State();
// Build the request
AuthorizationRequest request = new AuthorizationRequest.Builder(new ResponseType(ResponseType.Value.CODE), clientID).scope(scope).state(state).redirectionURI(callbackUri).endpointURI(authzEndpoint).build();
// Use this URI to send the end-user's browser to the server
URI requestURI = request.toURI();
return new LoginDriverResult(requestURI, state.toString());
}
Aggregations