Example 1 with RegisterClient
use of org.xdi.oxauth.client.RegisterClient in project oxAuth by GluuFederation.
the class RegistrationRestWebServiceHttpTest method registerWithHttpFail.
@Parameters({ "redirectUris" })
@Test
public void registerWithHttpFail(final String redirectUris) throws Exception {
showTitle("registerWithHttpFail");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
// URI with HTTP schema
redirectUriList.add("http://www.example.com/cb");
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth web test app with HTTP schema in URI", redirectUriList);
registerRequest.setSubjectType(SubjectType.PUBLIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 400);
assertNotNull(response.getEntity());
assertNotNull(response.getErrorType());
assertNotNull(response.getErrorDescription());
}
Also used :
RegisterRequest(org.xdi.oxauth.client.RegisterRequest)
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
RegisterClient(org.xdi.oxauth.client.RegisterClient)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 2 with RegisterClient
use of org.xdi.oxauth.client.RegisterClient in project oxAuth by GluuFederation.
the class RegistrationRestWebServiceHttpTest method registerWithHttp2.
@Parameters({ "redirectUris" })
@Test
public void registerWithHttp2(final String redirectUris) throws Exception {
showTitle("registerWithHttp2");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
// URI with HTTP schema
redirectUriList.add("http://127.0.0.1/cb");
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth web test app with HTTP schema in URI", redirectUriList);
registerRequest.setSubjectType(SubjectType.PUBLIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
}
Also used :
RegisterRequest(org.xdi.oxauth.client.RegisterRequest)
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
RegisterClient(org.xdi.oxauth.client.RegisterClient)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 3 with RegisterClient
use of org.xdi.oxauth.client.RegisterClient in project oxAuth by GluuFederation.
the class RegistrationRestWebServiceHttpTest method requestClientRegistrationWithCustomAttributes.
@Parameters({ "redirectUris", "sectorIdentifierUri" })
@Test
public // is loaded by ldap server.
void requestClientRegistrationWithCustomAttributes(final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("requestClientRegistrationWithCustomAttributes");
final RegisterRequest request = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
// custom attribute must be declared in oxauth-config.xml in dynamic-registration-custom-attribute tag
request.addCustomAttribute("myCustomAttr1", "customAttrValue1");
request.addCustomAttribute("myCustomAttr2", "customAttrValue2");
request.setSectorIdentifierUri(sectorIdentifierUri);
final RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(request);
final RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
}
Also used :
RegisterRequest(org.xdi.oxauth.client.RegisterRequest)
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
RegisterClient(org.xdi.oxauth.client.RegisterClient)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 4 with RegisterClient
use of org.xdi.oxauth.client.RegisterClient in project oxAuth by GluuFederation.
the class RegistrationRestWebServiceHttpTest method registerWithCustomURI.
@Parameters({ "redirectUris" })
@Test
public void registerWithCustomURI(final String redirectUris) throws Exception {
showTitle("requestClientAssociate1");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
// URI with custom schema
redirectUriList.add("myschema://client.example.com/cb");
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.NATIVE, "oxAuth native test app with custom schema in URI", redirectUriList);
registerRequest.setSubjectType(SubjectType.PUBLIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
}
Also used :
RegisterRequest(org.xdi.oxauth.client.RegisterRequest)
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
RegisterClient(org.xdi.oxauth.client.RegisterClient)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 5 with RegisterClient
use of org.xdi.oxauth.client.RegisterClient in project oxAuth by GluuFederation.
the class RegistrationRestWebServiceHttpTest method requestClientAssociate2.
@Parameters({ "redirectUris", "sectorIdentifierUri", "logoutUri" })
@Test
public void requestClientAssociate2(final String redirectUris, final String sectorIdentifierUri, final String logoutUri) throws Exception {
showTitle("requestClientAssociate2");
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
registerRequest.setScopes(Arrays.asList("openid", "address", "profile", "email", "phone", "clientinfo", "invalid_scope"));
registerRequest.setLogoUri("http://www.gluu.org/wp-content/themes/gluursn/images/logo.png");
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
registerRequest.setPolicyUri("http://www.gluu.org/policy");
registerRequest.setJwksUri("http://www.gluu.org/jwks");
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setSubjectType(SubjectType.PAIRWISE);
registerRequest.setRequestUris(Arrays.asList("http://www.gluu.org/request"));
registerRequest.setFrontChannelLogoutUris(Lists.newArrayList(logoutUri));
registerRequest.setFrontChannelLogoutSessionRequired(true);
registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.RS512);
registerRequest.setIdTokenEncryptedResponseAlg(KeyEncryptionAlgorithm.RSA1_5);
registerRequest.setIdTokenEncryptedResponseEnc(BlockEncryptionAlgorithm.A128CBC_PLUS_HS256);
registerRequest.setUserInfoSignedResponseAlg(SignatureAlgorithm.RS384);
registerRequest.setUserInfoEncryptedResponseAlg(KeyEncryptionAlgorithm.A128KW);
registerRequest.setUserInfoEncryptedResponseEnc(BlockEncryptionAlgorithm.A128GCM);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
registerRequest.setRequestObjectEncryptionAlg(KeyEncryptionAlgorithm.A256KW);
registerRequest.setRequestObjectEncryptionEnc(BlockEncryptionAlgorithm.A256CBC_PLUS_HS512);
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES256);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
registerClient.setExecutor(clientExecutor(true));
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
assertNotNull(response.getClaims().get(SCOPES.toString()));
assertNotNull(response.getClaims().get(FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED.toString()));
assertTrue(Boolean.parseBoolean(response.getClaims().get(FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED.toString())));
assertNotNull(response.getClaims().get(FRONT_CHANNEL_LOGOUT_URI.toString()));
assertTrue(new JSONArray(response.getClaims().get(FRONT_CHANNEL_LOGOUT_URI.toString())).getString(0).equals(logoutUri));
assertNotNull(response.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
assertEquals(SignatureAlgorithm.RS512, SignatureAlgorithm.fromString(response.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString())));
assertNotNull(response.getClaims().get(ID_TOKEN_ENCRYPTED_RESPONSE_ALG.toString()));
assertEquals(KeyEncryptionAlgorithm.RSA1_5, KeyEncryptionAlgorithm.fromName(response.getClaims().get(ID_TOKEN_ENCRYPTED_RESPONSE_ALG.toString())));
assertNotNull(response.getClaims().get(ID_TOKEN_ENCRYPTED_RESPONSE_ENC.toString()));
assertEquals(BlockEncryptionAlgorithm.A128CBC_PLUS_HS256, BlockEncryptionAlgorithm.fromName(response.getClaims().get(ID_TOKEN_ENCRYPTED_RESPONSE_ENC.toString())));
assertNotNull(response.getClaims().get(USERINFO_SIGNED_RESPONSE_ALG.toString()));
assertEquals(SignatureAlgorithm.RS384, SignatureAlgorithm.fromString(response.getClaims().get(USERINFO_SIGNED_RESPONSE_ALG.toString())));
assertNotNull(response.getClaims().get(USERINFO_ENCRYPTED_RESPONSE_ALG.toString()));
assertEquals(KeyEncryptionAlgorithm.A128KW, KeyEncryptionAlgorithm.fromName(response.getClaims().get(USERINFO_ENCRYPTED_RESPONSE_ALG.toString())));
assertNotNull(response.getClaims().get(USERINFO_ENCRYPTED_RESPONSE_ENC.toString()));
assertEquals(BlockEncryptionAlgorithm.A128GCM, BlockEncryptionAlgorithm.fromName(response.getClaims().get(USERINFO_ENCRYPTED_RESPONSE_ENC.toString())));
assertNotNull(response.getClaims().get(REQUEST_OBJECT_SIGNING_ALG.toString()));
assertEquals(SignatureAlgorithm.RS256, SignatureAlgorithm.fromString(response.getClaims().get(REQUEST_OBJECT_SIGNING_ALG.toString())));
assertNotNull(response.getClaims().get(REQUEST_OBJECT_ENCRYPTION_ALG.toString()));
assertEquals(KeyEncryptionAlgorithm.A256KW, KeyEncryptionAlgorithm.fromName(response.getClaims().get(REQUEST_OBJECT_ENCRYPTION_ALG.toString())));
assertNotNull(response.getClaims().get(REQUEST_OBJECT_ENCRYPTION_ENC.toString()));
assertEquals(BlockEncryptionAlgorithm.A256CBC_PLUS_HS512, BlockEncryptionAlgorithm.fromName(response.getClaims().get(REQUEST_OBJECT_ENCRYPTION_ENC.toString())));
assertNotNull(response.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
assertEquals(AuthenticationMethod.CLIENT_SECRET_JWT, AuthenticationMethod.fromString(response.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString())));
assertNotNull(response.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
assertEquals(SignatureAlgorithm.ES256, SignatureAlgorithm.fromString(response.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString())));
JSONArray scopesJsonArray = new JSONArray(response.getClaims().get(SCOPES.toString()));
List<String> scopes = new ArrayList<String>();
for (int i = 0; i < scopesJsonArray.length(); i++) {
scopes.add(scopesJsonArray.get(i).toString());
}
assertTrue(scopes.contains("openid"));
assertTrue(scopes.contains("address"));
assertTrue(scopes.contains("email"));
assertTrue(scopes.contains("profile"));
assertTrue(scopes.contains("phone"));
assertTrue(scopes.contains("clientinfo"));
clientId1 = response.getClientId();
registrationAccessToken1 = response.getRegistrationAccessToken();
registrationClientUri1 = response.getRegistrationClientUri();
}
Also used :
RegisterRequest(org.xdi.oxauth.client.RegisterRequest)
RegisterResponse(org.xdi.oxauth.client.RegisterResponse)
RegisterClient(org.xdi.oxauth.client.RegisterClient)
JSONArray(org.codehaus.jettison.json.JSONArray)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Aggregations
RegisterClient (org.xdi.oxauth.client.RegisterClient)27
RegisterResponse (org.xdi.oxauth.client.RegisterResponse)26
Test (org.testng.annotations.Test)24
BaseTest (org.xdi.oxauth.BaseTest)24
RegisterRequest (org.xdi.oxauth.client.RegisterRequest)23
Parameters (org.testng.annotations.Parameters)18
ResponseType (org.xdi.oxauth.model.common.ResponseType)5
ArrayList (java.util.ArrayList)2
JSONArray (org.codehaus.jettison.json.JSONArray)1
BeforeClass (org.testng.annotations.BeforeClass)1
AuthorizationRequest (org.xdi.oxauth.client.AuthorizationRequest)1
AuthorizationResponse (org.xdi.oxauth.client.AuthorizationResponse)1
AuthorizeClient (org.xdi.oxauth.client.AuthorizeClient)1
TokenClient (org.xdi.oxauth.client.TokenClient)1
TokenRequest (org.xdi.oxauth.client.TokenRequest)1
TokenResponse (org.xdi.oxauth.client.TokenResponse)1
