use of org.xdi.oxauth.client.model.JwtState in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method encodeClaimsInStateParameterHS256.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void encodeClaimsInStateParameterHS256(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("encodeClaimsInStateParameterHS256");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(encodedState);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation(), "The location is null");
assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
assertNotNull(authorizationResponse.getState(), "The state is null");
String state = authorizationResponse.getState();
// 3. Validate state
Jwt jwt = Jwt.parse(state);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null, null, clientSecret, SignatureAlgorithm.HS256);
assertTrue(validJwt);
}
use of org.xdi.oxauth.client.model.JwtState in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method encodeClaimsInStateParameterHS512.
@Parameters({ "userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri" })
@Test
public void encodeClaimsInStateParameterHS512(final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
showTitle("encodeClaimsInStateParameterHS512");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setResponseTypes(responseTypes);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getClientId());
assertNotNull(registerResponse.getClientSecret());
assertNotNull(registerResponse.getRegistrationAccessToken());
assertNotNull(registerResponse.getClientIdIssuedAt());
assertNotNull(registerResponse.getClientSecretExpiresAt());
String clientId = registerResponse.getClientId();
String clientSecret = registerResponse.getClientSecret();
// 2. Request authorization
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
String nonce = UUID.randomUUID().toString();
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.HS512, clientSecret, cryptoProvider);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
authorizationRequest.setState(encodedState);
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(authorizationEndpoint, authorizationRequest, userId, userSecret);
assertNotNull(authorizationResponse.getLocation(), "The location is null");
assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
assertNotNull(authorizationResponse.getState(), "The state is null");
String state = authorizationResponse.getState();
// 3. Validate state
Jwt jwt = Jwt.parse(state);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null, null, clientSecret, SignatureAlgorithm.HS512);
assertTrue(validJwt);
}
use of org.xdi.oxauth.client.model.JwtState in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method jwtStateHS384Test.
@Test
public void jwtStateHS384Test() throws Exception {
showTitle("jwtStateHS384Test");
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
String sharedKey = "shared_key";
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.HS384, sharedKey, cryptoProvider);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
assertNotNull(encodedState);
System.out.println("Signed JWS State: " + encodedState);
Jwt jwt = Jwt.parse(encodedState);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null, null, sharedKey, SignatureAlgorithm.HS384);
assertTrue(validJwt);
}
use of org.xdi.oxauth.client.model.JwtState in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method jwtStateHS512Test.
@Test
public void jwtStateHS512Test() throws Exception {
showTitle("jwtStateHS512Test");
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
String sharedKey = "shared_key";
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.HS512, sharedKey, cryptoProvider);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
assertNotNull(encodedState);
System.out.println("Signed JWS State: " + encodedState);
Jwt jwt = Jwt.parse(encodedState);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null, null, sharedKey, SignatureAlgorithm.HS512);
assertTrue(validJwt);
}
use of org.xdi.oxauth.client.model.JwtState in project oxAuth by GluuFederation.
the class EncodeClaimsInStateParameter method jwtStateRS256Test.
@Parameters({ "keyStoreFile", "keyStoreSecret", "dnName", "RS256_keyId" })
@Test
public void jwtStateRS256Test(final String keyStoreFile, final String keyStoreSecret, final String dnName, final String keyId) throws Exception {
showTitle("jwtStateRS256Test");
OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
String rfp = UUID.randomUUID().toString();
String jti = UUID.randomUUID().toString();
JwtState jwtState = new JwtState(SignatureAlgorithm.RS256, cryptoProvider);
jwtState.setKeyId(keyId);
jwtState.setRfp(rfp);
jwtState.setJti(jti);
jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
String encodedState = jwtState.getEncodedJwt();
assertNotNull(encodedState);
System.out.println("Signed JWS State: " + encodedState);
Jwt jwt = Jwt.parse(encodedState);
boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId, null, null, SignatureAlgorithm.RS256);
assertTrue(validJwt);
}
Aggregations