Search in sources :

Example 1 with TokenResponse

use of org.xdi.oxauth.client.TokenResponse in project oxAuth by GluuFederation.

the class ObtainAatTokenFlowHttpTest method testObtainAatTokenUsingRefreshTokenFlow.

/**
     * Test for the obtaining UMA AAT token using refresh token
     */
//@Test(dependsOnMethods = {"testObtainAatTokenFlow"})
@Parameters({ "umaAatClientId", "umaAatClientSecret" })
public void testObtainAatTokenUsingRefreshTokenFlow(final String umaAatClientId, final String umaAatClientSecret) throws Exception {
    showTitle("testObtainAatTokenUsingRefreshTokenFlow");
    // Request new access token using the refresh token.
    TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
    TokenResponse response1 = tokenClient1.execRefreshToken(m_aat.getScope(), m_aat.getRefreshToken(), umaAatClientId, umaAatClientSecret);
    showClient(tokenClient1);
    assertEquals(response1.getStatus(), 200, "Unexpected response code: " + response1.getStatus());
    assertNotNull(response1.getEntity(), "The entity is null");
    assertNotNull(response1.getAccessToken(), "The access token is null");
    assertNotNull(response1.getTokenType(), "The token type is null");
    assertNotNull(response1.getRefreshToken(), "The refresh token is null");
    assertNotNull(response1.getScope(), "The scope is null");
}
Also used : TokenResponse(org.xdi.oxauth.client.TokenResponse) TokenClient(org.xdi.oxauth.client.TokenClient) Parameters(org.testng.annotations.Parameters)

Example 2 with TokenResponse

use of org.xdi.oxauth.client.TokenResponse in project oxAuth by GluuFederation.

the class TokenAction method exec.

public void exec() {
    try {
        TokenRequest request = new TokenRequest(grantType);
        request.setAuthUsername(clientId);
        request.setAuthPassword(clientSecret);
        request.setCode(code);
        request.setRedirectUri(redirectUri);
        request.setUsername(username);
        request.setPassword(password);
        request.setScope(scope);
        request.setAssertion(assertion);
        request.setRefreshToken(refreshToken);
        request.setAuthenticationMethod(authenticationMethod);
        if (authenticationMethod.equals(AuthenticationMethod.CLIENT_SECRET_JWT)) {
            request.setAudience(tokenEndpoint);
        }
        TokenClient client = new TokenClient(tokenEndpoint);
        client.setRequest(request);
        TokenResponse response = client.exec();
        if (response.getStatus() == 200) {
            userInfoAction.setAccessToken(response.getAccessToken());
        }
        showResults = true;
        requestString = client.getRequestAsString();
        responseString = client.getResponseAsString();
    } catch (Exception e) {
        log.error(e.getMessage(), e);
    }
}
Also used : TokenResponse(org.xdi.oxauth.client.TokenResponse) TokenRequest(org.xdi.oxauth.client.TokenRequest) TokenClient(org.xdi.oxauth.client.TokenClient)

Example 3 with TokenResponse

use of org.xdi.oxauth.client.TokenResponse in project oxAuth by GluuFederation.

the class ObtainAccessTokenLoadTest method obtainAccessToken.

// Think twice before invoking this test ;). Leads to OpenDJ (Berkley DB) failure
// Caused by: LDAPSearchException(resultCode=80 (other), numEntries=0, numReferences=0, errorMessage='Database exception: (JE 4.1.10) JAVA_ERROR: Java Error occurred, recovery may not be possible.')
// http://ox.gluu.org/doku.php?id=oxauth:profiling#obtain_access_token_-_2000_invocations_within_200_concurrent_threads
@Parameters({ "userId", "userSecret", "redirectUris" })
@Test(invocationCount = 1000, threadPoolSize = 100)
public void obtainAccessToken(final String userId, final String userSecret, String redirectUris) throws Exception {
    showTitle("requestClientAssociate1");
    redirectUris = "https://client.example.com/cb";
    final List<ResponseType> responseTypes = new ArrayList<ResponseType>();
    responseTypes.add(ResponseType.CODE);
    responseTypes.add(ResponseType.ID_TOKEN);
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse response = registerClient.exec();
    showClient(registerClient);
    assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
    assertNotNull(response.getClientId());
    assertNotNull(response.getClientSecret());
    assertNotNull(response.getRegistrationAccessToken());
    assertNotNull(response.getClientSecretExpiresAt());
    final String clientId = response.getClientId();
    final String clientSecret = response.getClientSecret();
    // 1. Request authorization and receive the authorization code.
    final List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    final AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUris, null);
    request.setState("af0ifjsldkj");
    request.setAuthUsername(userId);
    request.setAuthPassword(userSecret);
    request.getPrompts().add(Prompt.NONE);
    final AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(request);
    final AuthorizationResponse response1 = authorizeClient.exec();
    ClientUtils.showClient(authorizeClient);
    final String scope = response1.getScope();
    final String authorizationCode = response1.getCode();
    assertTrue(Util.allNotBlank(authorizationCode));
    // 2. Request access token using the authorization code.
    final TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode(authorizationCode);
    tokenRequest.setRedirectUri(redirectUris);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    tokenRequest.setScope(scope);
    final TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
    tokenClient1.setRequest(tokenRequest);
    final TokenResponse response2 = tokenClient1.exec();
    ClientUtils.showClient(authorizeClient);
    assertTrue(response2.getStatus() == 200);
    final String patToken = response2.getAccessToken();
    final String patRefreshToken = response2.getRefreshToken();
    assertTrue(Util.allNotBlank(patToken, patRefreshToken));
}
Also used : RegisterRequest(org.xdi.oxauth.client.RegisterRequest) AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest) ArrayList(java.util.ArrayList) ResponseType(org.xdi.oxauth.model.common.ResponseType) AuthorizationResponse(org.xdi.oxauth.client.AuthorizationResponse) RegisterResponse(org.xdi.oxauth.client.RegisterResponse) TokenResponse(org.xdi.oxauth.client.TokenResponse) RegisterClient(org.xdi.oxauth.client.RegisterClient) TokenRequest(org.xdi.oxauth.client.TokenRequest) AuthorizeClient(org.xdi.oxauth.client.AuthorizeClient) TokenClient(org.xdi.oxauth.client.TokenClient) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 4 with TokenResponse

use of org.xdi.oxauth.client.TokenResponse in project oxAuth by GluuFederation.

the class BenchmarkRequestAccessToken method requestAccessTokenPassword.

private void requestAccessTokenPassword(final String userId, final String userSecret, String clientId, String clientSecret) throws Exception {
    // Request Resource Owner Credentials Grant
    String scope = "openid";
    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    TokenResponse response1 = tokenClient.execResourceOwnerPasswordCredentialsGrant(userId, userSecret, scope, clientId, clientSecret);
    assertEquals(response1.getStatus(), 200, "Unexpected response code: " + response1.getStatus());
    assertNotNull(response1.getEntity(), "The entity is null");
    assertNotNull(response1.getAccessToken(), "The access token is null");
    assertNotNull(response1.getTokenType(), "The token type is null");
    assertNotNull(response1.getRefreshToken(), "The refresh token is null");
    assertNotNull(response1.getScope(), "The scope is null");
    assertNotNull(response1.getIdToken(), "The id token is null");
}
Also used : TokenResponse(org.xdi.oxauth.client.TokenResponse) TokenClient(org.xdi.oxauth.client.TokenClient)

Example 5 with TokenResponse

use of org.xdi.oxauth.client.TokenResponse in project oxAuth by GluuFederation.

the class UmaClient method request.

public static Token request(final String tokenUrl, final TokenRequest tokenRequest) throws Exception {
    if (tokenRequest.getGrantType() != GrantType.CLIENT_CREDENTIALS) {
        return null;
    }
    TokenClient tokenClient = new TokenClient(tokenUrl);
    tokenClient.setRequest(tokenRequest);
    TokenResponse response = tokenClient.exec();
    if (response.getStatus() == 200) {
        final String patToken = response.getAccessToken();
        final Integer expiresIn = response.getExpiresIn();
        if (Util.allNotBlank(patToken)) {
            return new Token(null, null, patToken, response.getScope(), expiresIn);
        }
    }
    return null;
}
Also used : TokenResponse(org.xdi.oxauth.client.TokenResponse) Token(org.xdi.oxauth.model.uma.wrapper.Token) TokenClient(org.xdi.oxauth.client.TokenClient)

Aggregations

TokenClient (org.xdi.oxauth.client.TokenClient)8 TokenResponse (org.xdi.oxauth.client.TokenResponse)8 Parameters (org.testng.annotations.Parameters)3 TokenRequest (org.xdi.oxauth.client.TokenRequest)2 Token (org.xdi.oxauth.model.uma.wrapper.Token)2 ArrayList (java.util.ArrayList)1 Test (org.testng.annotations.Test)1 BaseTest (org.xdi.oxauth.BaseTest)1 AuthorizationRequest (org.xdi.oxauth.client.AuthorizationRequest)1 AuthorizationResponse (org.xdi.oxauth.client.AuthorizationResponse)1 AuthorizeClient (org.xdi.oxauth.client.AuthorizeClient)1 RegisterClient (org.xdi.oxauth.client.RegisterClient)1 RegisterRequest (org.xdi.oxauth.client.RegisterRequest)1 RegisterResponse (org.xdi.oxauth.client.RegisterResponse)1 ResponseType (org.xdi.oxauth.model.common.ResponseType)1