Examples with ResponseType org.xdi.oxauth.model.common.ResponseType used on opensource projects

Search in sources :

Example 46 with ResponseType

use of org.xdi.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.

the class AuthorizeRestWebServiceEmbeddedTest method requestAuthorizationToken.

@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationToken(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
    final String state = UUID.randomUUID().toString();
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
    request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
    request.header("Accept", MediaType.TEXT_PLAIN);
    Response response = request.get();
    String entity = response.readEntity(String.class);
    showResponse("requestAuthorizationToken", response, entity);
    assertEquals(response.getStatus(), 302, "Unexpected response code.");
    assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
    if (response.getLocation() != null) {
        try {
            URI uri = new URI(response.getLocation().toString());
            assertNotNull(uri.getFragment(), "Fragment is null");
            Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
            assertNotNull(params.get("access_token"), "The access token is null");
            assertNotNull(params.get("state"), "The state is null");
            assertNotNull(params.get("token_type"), "The token type is null");
            assertNotNull(params.get("expires_in"), "The expires in value is null");
            assertNotNull(params.get("scope"), "The scope must be null");
            assertNull(params.get("refresh_token"), "The refresh_token must be null");
            assertEquals(params.get(AuthorizeResponseParam.STATE), state);
        } catch (URISyntaxException e) {
            e.printStackTrace();
            fail("Response URI is not well formed");
        }
    }
}
Also used : RegisterResponse(org.xdi.oxauth.client.RegisterResponse) Response(javax.ws.rs.core.Response) AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) URISyntaxException(java.net.URISyntaxException) REGISTRATION_CLIENT_URI(org.xdi.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI) URI(java.net.URI) ResponseType(org.xdi.oxauth.model.common.ResponseType) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 47 with ResponseType

use of org.xdi.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.

the class AuthorizeRestWebServiceEmbeddedTest method requestAuthorizationWithoutScope.

@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationWithoutScope(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
    final String state = UUID.randomUUID().toString();
    final String nonce = UUID.randomUUID().toString();
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> scopes = new ArrayList<String>();
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
    request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
    request.header("Accept", MediaType.TEXT_PLAIN);
    Response response = request.get();
    String entity = response.readEntity(String.class);
    showResponse("requestAuthorizationWithoutScope", response, entity);
    assertEquals(response.getStatus(), 302, "Unexpected response code.");
    assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
    try {
        URI uri = new URI(response.getLocation().toString());
        assertNotNull(uri.getFragment(), "Query string is null");
        Map<String, String> params = QueryStringDecoder.decode(uri.getFragment());
        assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
        assertNotNull(params.get(AuthorizeResponseParam.ID_TOKEN), "The id token is null");
        assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
        assertEquals(params.get(AuthorizeResponseParam.STATE), state);
    } catch (URISyntaxException e) {
        e.printStackTrace();
        fail("Response URI is not well formed");
    }
}
Also used : RegisterResponse(org.xdi.oxauth.client.RegisterResponse) Response(javax.ws.rs.core.Response) AuthorizationRequest(org.xdi.oxauth.client.AuthorizationRequest) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) ArrayList(java.util.ArrayList) URISyntaxException(java.net.URISyntaxException) REGISTRATION_CLIENT_URI(org.xdi.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI) URI(java.net.URI) ResponseType(org.xdi.oxauth.model.common.ResponseType) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 48 with ResponseType

use of org.xdi.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.

the class RegisterRestWebServiceImpl method updateClientFromRequestObject.

// yuriyz - ATTENTION : this method is used for both registration and update client metadata cases, therefore any logic here
// will be applied for both cases.
private void updateClientFromRequestObject(Client p_client, RegisterRequest requestObject) throws JSONException {
    List<String> redirectUris = requestObject.getRedirectUris();
    if (redirectUris != null && !redirectUris.isEmpty()) {
        // Remove repeated elements
        redirectUris = new ArrayList<String>(new HashSet<String>(redirectUris));
        p_client.setRedirectUris(redirectUris.toArray(new String[redirectUris.size()]));
    }
    if (requestObject.getApplicationType() != null) {
        p_client.setApplicationType(requestObject.getApplicationType().toString());
    }
    if (StringUtils.isNotBlank(requestObject.getClientName())) {
        p_client.setClientName(requestObject.getClientName());
    }
    if (StringUtils.isNotBlank(requestObject.getSectorIdentifierUri())) {
        p_client.setSectorIdentifierUri(requestObject.getSectorIdentifierUri());
    }
    List<ResponseType> responseTypes = requestObject.getResponseTypes();
    if (responseTypes != null && !responseTypes.isEmpty()) {
        // Remove repeated elements
        responseTypes = new ArrayList<ResponseType>(new HashSet<ResponseType>(responseTypes));
        p_client.setResponseTypes(responseTypes.toArray(new ResponseType[responseTypes.size()]));
    }
    List<String> contacts = requestObject.getContacts();
    if (contacts != null && !contacts.isEmpty()) {
        // Remove repeated elements
        contacts = new ArrayList<String>(new HashSet<String>(contacts));
        p_client.setContacts(contacts.toArray(new String[contacts.size()]));
    }
    if (StringUtils.isNotBlank(requestObject.getLogoUri())) {
        p_client.setLogoUri(requestObject.getLogoUri());
    }
    if (StringUtils.isNotBlank(requestObject.getClientUri())) {
        p_client.setClientUri(requestObject.getClientUri());
    }
    if (StringUtils.isNotBlank(requestObject.getPolicyUri())) {
        p_client.setPolicyUri(requestObject.getPolicyUri());
    }
    if (StringUtils.isNotBlank(requestObject.getTosUri())) {
        p_client.setTosUri(requestObject.getTosUri());
    }
    if (StringUtils.isNotBlank(requestObject.getJwksUri())) {
        p_client.setJwksUri(requestObject.getJwksUri());
    }
    if (StringUtils.isNotBlank(requestObject.getJwks())) {
        p_client.setJwks(requestObject.getJwks());
    }
    if (requestObject.getSubjectType() != null) {
        p_client.setSubjectType(requestObject.getSubjectType().toString());
    }
    if (requestObject.getIdTokenSignedResponseAlg() != null && requestObject.getIdTokenSignedResponseAlg() != SignatureAlgorithm.NONE) {
        p_client.setIdTokenSignedResponseAlg(requestObject.getIdTokenSignedResponseAlg().toString());
    }
    if (requestObject.getIdTokenEncryptedResponseAlg() != null) {
        p_client.setIdTokenEncryptedResponseAlg(requestObject.getIdTokenEncryptedResponseAlg().toString());
    }
    if (requestObject.getIdTokenEncryptedResponseEnc() != null) {
        p_client.setIdTokenEncryptedResponseEnc(requestObject.getIdTokenEncryptedResponseEnc().toString());
    }
    if (requestObject.getUserInfoSignedResponseAlg() != null) {
        p_client.setUserInfoSignedResponseAlg(requestObject.getUserInfoSignedResponseAlg().toString());
    }
    if (requestObject.getUserInfoEncryptedResponseAlg() != null) {
        p_client.setUserInfoEncryptedResponseAlg(requestObject.getUserInfoEncryptedResponseAlg().toString());
    }
    if (requestObject.getUserInfoEncryptedResponseEnc() != null) {
        p_client.setUserInfoEncryptedResponseEnc(requestObject.getUserInfoEncryptedResponseEnc().toString());
    }
    if (requestObject.getRequestObjectSigningAlg() != null) {
        p_client.setRequestObjectSigningAlg(requestObject.getRequestObjectSigningAlg().toString());
    }
    if (requestObject.getRequestObjectEncryptionAlg() != null) {
        p_client.setRequestObjectEncryptionAlg(requestObject.getRequestObjectEncryptionAlg().toString());
    }
    if (requestObject.getRequestObjectEncryptionEnc() != null) {
        p_client.setRequestObjectEncryptionEnc(requestObject.getRequestObjectEncryptionEnc().toString());
    }
    if (requestObject.getTokenEndpointAuthMethod() != null) {
        p_client.setTokenEndpointAuthMethod(requestObject.getTokenEndpointAuthMethod().toString());
    } else {
        // If omitted, the default is client_secret_basic
        p_client.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
    }
    if (requestObject.getTokenEndpointAuthSigningAlg() != null) {
        p_client.setTokenEndpointAuthSigningAlg(requestObject.getTokenEndpointAuthSigningAlg().toString());
    }
    if (requestObject.getDefaultMaxAge() != null) {
        p_client.setDefaultMaxAge(requestObject.getDefaultMaxAge());
    }
    if (requestObject.getRequireAuthTime() != null) {
        p_client.setRequireAuthTime(requestObject.getRequireAuthTime());
    }
    List<String> defaultAcrValues = requestObject.getDefaultAcrValues();
    if (defaultAcrValues != null && !defaultAcrValues.isEmpty()) {
        // Remove repeated elements
        defaultAcrValues = new ArrayList<String>(new HashSet<String>(defaultAcrValues));
        p_client.setDefaultAcrValues(defaultAcrValues.toArray(new String[defaultAcrValues.size()]));
    }
    if (StringUtils.isNotBlank(requestObject.getInitiateLoginUri())) {
        p_client.setInitiateLoginUri(requestObject.getInitiateLoginUri());
    }
    List<String> postLogoutRedirectUris = requestObject.getPostLogoutRedirectUris();
    if (postLogoutRedirectUris != null && !postLogoutRedirectUris.isEmpty()) {
        // Remove repeated elements
        postLogoutRedirectUris = new ArrayList<String>(new HashSet<String>(postLogoutRedirectUris));
        p_client.setPostLogoutRedirectUris(postLogoutRedirectUris.toArray(new String[postLogoutRedirectUris.size()]));
    }
    if (requestObject.getFrontChannelLogoutUris() != null && !requestObject.getFrontChannelLogoutUris().isEmpty()) {
        p_client.setFrontChannelLogoutUri(requestObject.getFrontChannelLogoutUris().toArray(new String[requestObject.getFrontChannelLogoutUris().size()]));
    }
    p_client.setFrontChannelLogoutSessionRequired(requestObject.getFrontChannelLogoutSessionRequired());
    List<String> requestUris = requestObject.getRequestUris();
    if (requestUris != null && !requestUris.isEmpty()) {
        // Remove repeated elements
        requestUris = new ArrayList<String>(new HashSet<String>(requestUris));
        p_client.setRequestUris(requestUris.toArray(new String[requestUris.size()]));
    }
    List<String> scopes = requestObject.getScopes();
    List<String> scopesDn;
    if (scopes != null && !scopes.isEmpty() && appConfiguration.getDynamicRegistrationScopesParamEnabled() != null && appConfiguration.getDynamicRegistrationScopesParamEnabled()) {
        List<String> defaultScopes = scopeService.getDefaultScopesDn();
        List<String> requestedScopes = scopeService.getScopesDn(scopes);
        if (defaultScopes.containsAll(requestedScopes)) {
            scopesDn = requestedScopes;
            p_client.setScopes(scopesDn.toArray(new String[scopesDn.size()]));
        } else {
            scopesDn = defaultScopes;
            p_client.setScopes(scopesDn.toArray(new String[scopesDn.size()]));
        }
    } else {
        scopesDn = scopeService.getDefaultScopesDn();
        p_client.setScopes(scopesDn.toArray(new String[scopesDn.size()]));
    }
    Date clientSecretExpiresAt = requestObject.getClientSecretExpiresAt();
    if (clientSecretExpiresAt != null) {
        p_client.setClientSecretExpiresAt(clientSecretExpiresAt);
    }
    if (requestObject.getJsonObject() != null) {
        // Custom params
        putCustomStuffIntoObject(p_client, requestObject.getJsonObject());
    }
}
Also used : Date(java.util.Date) HashSet(java.util.HashSet) ResponseType(org.xdi.oxauth.model.common.ResponseType) RegisterErrorResponseType(org.xdi.oxauth.model.register.RegisterErrorResponseType)

Example 49 with ResponseType

use of org.xdi.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.

the class UserAuthenticationFilterEmbeddedTest method dynamicClientRegistration.

@Parameters({ "registerPath", "redirectUris" })
@Test
public void dynamicClientRegistration(final String registerPath, final String redirectUris) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.TOKEN, ResponseType.ID_TOKEN);
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    String registerRequestContent = registerRequest.getJSONParameters().toString(4);
    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);
    showResponse("dynamicClientRegistration", response, entity);
    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        final RegisterResponse registerResponse = RegisterResponse.valueOf(entity);
        ClientTestUtil.assert_(registerResponse);
        clientId = registerResponse.getClientId();
        clientSecret = registerResponse.getClientSecret();
    } catch (Exception e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
Also used : Response(javax.ws.rs.core.Response) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) URISyntaxException(java.net.URISyntaxException) JSONException(org.codehaus.jettison.json.JSONException) ResponseType(org.xdi.oxauth.model.common.ResponseType) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 50 with ResponseType

use of org.xdi.oxauth.model.common.ResponseType in project oxAuth by GluuFederation.

the class UserAuthenticationFilterEmbeddedTest method requestAccessTokenCustomAuthStep1.

@Parameters({ "authorizePath", "userId", "userSecret", "redirectUri" })
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAccessTokenCustomAuthStep1(final String authorizePath, final String userId, final String userSecret, final String redirectUri) throws Exception {
    final String state = UUID.randomUUID().toString();
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + authorizePath).request();
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
    List<ResponseType> responseTypes = new ArrayList<ResponseType>();
    responseTypes.add(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
    authorizationRequest.setState(state);
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.addCustomParameter("uid", userId);
    authorizationRequest.addCustomParameter("pwd", userSecret);
    Response response = request.post(Entity.form(new MultivaluedHashMap<String, String>(authorizationRequest.getParameters())));
    String entity = response.readEntity(String.class);
    showResponse("requestAccessTokenCustomAuthStep1", response, entity);
    assertEquals(response.getStatus(), 302, "Unexpected response code.");
    assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
    if (response.getLocation() != null) {
        try {
            URI uri = new URI(response.getLocation().toString());
            assertNotNull(uri.getQuery(), "The query string is null");
            Map<String, String> params = QueryStringDecoder.decode(uri.getQuery());
            assertNotNull(params.get(AuthorizeResponseParam.CODE), "The code is null");
            assertNotNull(params.get(AuthorizeResponseParam.SCOPE), "The scope is null");
            assertNotNull(params.get(AuthorizeResponseParam.STATE), "The state is null");
            assertEquals(params.get(AuthorizeResponseParam.STATE), state);
            authorizationCode1 = params.get(AuthorizeResponseParam.CODE);
        } catch (URISyntaxException e) {
            e.printStackTrace();
            fail("Response URI is not well formed");
        } catch (Exception e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
    }
}
Also used : ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) Builder(javax.ws.rs.client.Invocation.Builder) URISyntaxException(java.net.URISyntaxException) URI(java.net.URI) URISyntaxException(java.net.URISyntaxException) JSONException(org.codehaus.jettison.json.JSONException) ResponseType(org.xdi.oxauth.model.common.ResponseType) Response(javax.ws.rs.core.Response) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Aggregations

ResponseType (org.xdi.oxauth.model.common.ResponseType)267 Parameters (org.testng.annotations.Parameters)259 Test (org.testng.annotations.Test)258 BaseTest (org.xdi.oxauth.BaseTest)258 OxAuthCryptoProvider (org.xdi.oxauth.model.crypto.OxAuthCryptoProvider)124 Builder (javax.ws.rs.client.Invocation.Builder)120 Response (javax.ws.rs.core.Response)120 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)120 JSONException (org.codehaus.jettison.json.JSONException)95 JwtAuthorizationRequest (org.xdi.oxauth.client.model.authorize.JwtAuthorizationRequest)92 URISyntaxException (java.net.URISyntaxException)91 AuthorizationRequest (org.xdi.oxauth.client.AuthorizationRequest)86 URI (java.net.URI)85 Claim (org.xdi.oxauth.client.model.authorize.Claim)80 REGISTRATION_CLIENT_URI (org.xdi.oxauth.model.register.RegisterResponseParam.REGISTRATION_CLIENT_URI)73 RegisterResponse (org.xdi.oxauth.client.RegisterResponse)64 Jwt (org.xdi.oxauth.model.jwt.Jwt)64 JSONObject (org.codehaus.jettison.json.JSONObject)51 RegisterRequest (org.xdi.oxauth.client.RegisterRequest)35 RSAPublicKey (org.xdi.oxauth.model.crypto.signature.RSAPublicKey)33
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial