Search in sources :

Example 1 with AuthorizeClient

use of org.xdi.oxauth.client.AuthorizeClient in project oxAuth by GluuFederation.

the class ObtainAccessTokenLoadTest method obtainAccessToken.

// Think twice before invoking this test ;). Leads to OpenDJ (Berkley DB) failure
// Caused by: LDAPSearchException(resultCode=80 (other), numEntries=0, numReferences=0, errorMessage='Database exception: (JE 4.1.10) JAVA_ERROR: Java Error occurred, recovery may not be possible.')
// http://ox.gluu.org/doku.php?id=oxauth:profiling#obtain_access_token_-_2000_invocations_within_200_concurrent_threads
@Parameters({ "userId", "userSecret", "redirectUris" })
@Test(invocationCount = 1000, threadPoolSize = 100)
public void obtainAccessToken(final String userId, final String userSecret, String redirectUris) throws Exception {
    showTitle("requestClientAssociate1");
    redirectUris = "https://client.example.com/cb";
    final List<ResponseType> responseTypes = new ArrayList<ResponseType>();
    responseTypes.add(ResponseType.CODE);
    responseTypes.add(ResponseType.ID_TOKEN);
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse response = registerClient.exec();
    showClient(registerClient);
    assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
    assertNotNull(response.getClientId());
    assertNotNull(response.getClientSecret());
    assertNotNull(response.getRegistrationAccessToken());
    assertNotNull(response.getClientSecretExpiresAt());
    final String clientId = response.getClientId();
    final String clientSecret = response.getClientSecret();
    // 1. Request authorization and receive the authorization code.
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    final AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUris, null);
    request.setState("af0ifjsldkj");
    request.setAuthUsername(userId);
    request.setAuthPassword(userSecret);
    request.getPrompts().add(Prompt.NONE);
    final AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(request);
    final AuthorizationResponse response1 = authorizeClient.exec();
    ClientUtils.showClient(authorizeClient);
    final String scope = response1.getScope();
    final String authorizationCode = response1.getCode();
    assertTrue(Util.allNotBlank(authorizationCode));
    // 2. Request access token using the authorization code.
    final TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUris);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    tokenRequest.setScope(scope);
    final TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
    tokenClient1.setRequest(tokenRequest);
    final TokenResponse response2 = tokenClient1.exec();
    ClientUtils.showClient(authorizeClient);
    assertTrue(response2.getStatus() == 200);
    final String patToken = response2.getAccessToken();
    final String patRefreshToken = response2.getRefreshToken();
    assertTrue(Util.allNotBlank(patToken, patRefreshToken));
}
Also used : RegisterRequest(org.xdi.oxauth.client.RegisterRequest) AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest) ArrayList(java.util.ArrayList) ResponseType(org.xdi.oxauth.model.common.ResponseType) AuthorizationResponse(org.xdi.oxauth.client.AuthorizationResponse) RegisterResponse(org.xdi.oxauth.client.RegisterResponse) TokenResponse(org.xdi.oxauth.client.TokenResponse) RegisterClient(org.xdi.oxauth.client.RegisterClient) TokenRequest(org.xdi.oxauth.client.TokenRequest) AuthorizeClient(org.xdi.oxauth.client.AuthorizeClient) TokenClient(org.xdi.oxauth.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 2 with AuthorizeClient

use of org.xdi.oxauth.client.AuthorizeClient in project oxAuth by GluuFederation.

the class RejectRequestWithoutResponseType method rejectRequestWithoutResponseType.

@Parameters({ "userId", "userSecret" })
@Test
public void rejectRequestWithoutResponseType(final String userId, final String userSecret) throws Exception {
    showTitle("OC5:FeatureTest-Reject Request Without response type");
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(null, null, null, null, null);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);
    AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(authorizationRequest);
    AuthorizationResponse authorizationResponse = authorizeClient.exec();
    showClient(authorizeClient);
    assertEquals(authorizationResponse.getStatus(), 400, "Unexpected response code: " + authorizationResponse.getStatus());
    assertNotNull(authorizationResponse.getErrorType(), "The error type is null");
    assertNotNull(authorizationResponse.getErrorDescription(), "The error description is null");
}
Also used : AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest) AuthorizeClient(org.xdi.oxauth.client.AuthorizeClient) AuthorizationResponse(org.xdi.oxauth.client.AuthorizationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Aggregations

Parameters (org.testng.annotations.Parameters)2 Test (org.testng.annotations.Test)2 BaseTest (org.xdi.oxauth.BaseTest)2 AuthorizationRequest (org.xdi.oxauth.client.AuthorizationRequest)2 AuthorizationResponse (org.xdi.oxauth.client.AuthorizationResponse)2 AuthorizeClient (org.xdi.oxauth.client.AuthorizeClient)2 ArrayList (java.util.ArrayList)1 RegisterClient (org.xdi.oxauth.client.RegisterClient)1 RegisterRequest (org.xdi.oxauth.client.RegisterRequest)1 RegisterResponse (org.xdi.oxauth.client.RegisterResponse)1 TokenClient (org.xdi.oxauth.client.TokenClient)1 TokenRequest (org.xdi.oxauth.client.TokenRequest)1 TokenResponse (org.xdi.oxauth.client.TokenResponse)1 ResponseType (org.xdi.oxauth.model.common.ResponseType)1