Example 76 with AuthorizationRequest
use of org.xdi.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class AuthorizeRestWebServiceEmbeddedTest method requestAuthorizationCodeWithoutRedirectUriFail.
@Parameters({ "authorizePath", "userId", "userSecret" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationCodeWithoutRedirectUriFail(final String authorizePath, final String userId, final String userSecret) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, null, null);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationCodeWithoutRedirectUriFailStep", response, entity);
assertEquals(response.getStatus(), 400, "Unexpected response code.");
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("error"), "The error type is null");
assertTrue(jsonObj.has("error_description"), "The error description is null");
assertEquals(jsonObj.get(AuthorizeResponseParam.STATE), state);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
Also used :
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest)
JSONObject(org.codehaus.jettison.json.JSONObject)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
JSONException(org.codehaus.jettison.json.JSONException)
ResponseType(org.xdi.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 77 with AuthorizationRequest
use of org.xdi.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class AuthorizeRestWebServiceEmbeddedTest method requestAuthorizationAccessTokenFail.
@Parameters({ "authorizePath", "redirectUri" })
@Test(dependsOnMethods = "requestAuthorizationAccessTokenStep1")
public void requestAuthorizationAccessTokenFail(final String authorizePath, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, null);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAccessToken("INVALID_ACCESS_TOKEN");
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationAccessTokenFail", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getQuery(), "The query string is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getQuery());
assertNotNull(params.get("error"), "The error value is null");
assertNotNull(params.get("error_description"), "The errorDescription value is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
}
Also used :
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
REGISTRATION_CLIENT_URI(org.xdi.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI)
URI(java.net.URI)
ResponseType(org.xdi.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 78 with AuthorizationRequest
use of org.xdi.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class AuthorizeRestWebServiceEmbeddedTest method requestAuthorizationPromptLogin.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationPromptLogin(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, null);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.LOGIN);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationPromptLogin", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getQuery(), "The query string is null");
assertEquals(uri.getPath(), "/authorize");
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
}
}
Also used :
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
REGISTRATION_CLIENT_URI(org.xdi.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.codehaus.jettison.json.JSONException)
ResponseType(org.xdi.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 79 with AuthorizationRequest
use of org.xdi.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class AuthorizeRestWebServiceEmbeddedTest method requestAuthorizationTokenCodeIdToken.
@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationTokenCodeIdToken(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.CODE, ResponseType.ID_TOKEN);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationTokenCodeIdToken", response, entity);
assertEquals(response.getStatus(), 302, "Unexpected response code.");
assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
if (response.getLocation() != null) {
try {
URI uri = new URI(response.getLocation().toString());
assertNotNull(uri.getFragment(), "Fragment is null");
Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
assertNotNull(params.get(AuthorizeResponseParam.ACCESS_TOKEN), "The access token is null");
assertNotNull(params.get(AuthorizeResponseParam.TOKEN_TYPE), "The token type is null");
assertNotNull(params.get(AuthorizeResponseParam.ID_TOKEN), "The id token is null");
assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
assertEquals(params.get(AuthorizeResponseParam.STATE), state);
} catch (URISyntaxException e) {
e.printStackTrace();
fail("Response URI is not well formed");
}
}
}
Also used :
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
URISyntaxException(java.net.URISyntaxException)
REGISTRATION_CLIENT_URI(org.xdi.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI)
URI(java.net.URI)
ResponseType(org.xdi.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 80 with AuthorizationRequest
use of org.xdi.oxauth.client.AuthorizationRequest in project oxAuth by GluuFederation.
the class AuthorizeRestWebServiceEmbeddedTest method requestAuthorizationCodeFail2.
@Parameters({ "authorizePath", "userId", "userSecret" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationCodeFail2(final String authorizePath, final String userId, final String userSecret) throws Exception {
final String state = UUID.randomUUID().toString();
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, "https://INVALID_REDIRECT_URI", null);
authorizationRequest.setState(state);
authorizationRequest.getPrompts().add(Prompt.NONE);
authorizationRequest.setAuthUsername(userId);
authorizationRequest.setAuthPassword(userSecret);
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
request.header("Accept", MediaType.TEXT_PLAIN);
Response response = request.get();
String entity = response.readEntity(String.class);
showResponse("requestAuthorizationCodeFail2", response, entity);
assertEquals(response.getStatus(), 400, "Unexpected response code.");
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has("error"), "The error type is null");
assertTrue(jsonObj.has("error_description"), "The error description is null");
assertEquals(jsonObj.get(AuthorizeResponseParam.STATE), state);
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
Also used :
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
Response(javax.ws.rs.core.Response)
AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest)
JSONObject(org.codehaus.jettison.json.JSONObject)
ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)
Builder(javax.ws.rs.client.Invocation.Builder)
JSONException(org.codehaus.jettison.json.JSONException)
ResponseType(org.xdi.oxauth.model.common.ResponseType)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Aggregations
AuthorizationRequest (org.xdi.oxauth.client.AuthorizationRequest)94
Test (org.testng.annotations.Test)89
BaseTest (org.xdi.oxauth.BaseTest)89
Builder (javax.ws.rs.client.Invocation.Builder)88
Response (javax.ws.rs.core.Response)88
ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)88
Parameters (org.testng.annotations.Parameters)86
ResponseType (org.xdi.oxauth.model.common.ResponseType)86
URI (java.net.URI)79
URISyntaxException (java.net.URISyntaxException)79
REGISTRATION_CLIENT_URI (org.xdi.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI)73
JSONException (org.codehaus.jettison.json.JSONException)62
RegisterResponse (org.xdi.oxauth.client.RegisterResponse)50
JwtAuthorizationRequest (org.xdi.oxauth.client.model.authorize.JwtAuthorizationRequest)46
OxAuthCryptoProvider (org.xdi.oxauth.model.crypto.OxAuthCryptoProvider)42
Claim (org.xdi.oxauth.client.model.authorize.Claim)40
ArrayList (java.util.ArrayList)11
JSONObject (org.codehaus.jettison.json.JSONObject)11
InvalidJwtException (org.xdi.oxauth.model.exception.InvalidJwtException)4
BufferedWriter (java.io.BufferedWriter)2
