Java Code Examples for org.apache.cxf.rs.security.jose.jwt.JwtClaims#setProperty()
The following examples show how to use
org.apache.cxf.rs.security.jose.jwt.JwtClaims#setProperty() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DefaultJWTClaimsProvider.java From cxf with Apache License 2.0 | 6 votes |
protected void handleWSTrustClaims(JWTClaimsProviderParameters jwtClaimsProviderParameters, JwtClaims claims) { TokenProviderParameters providerParameters = jwtClaimsProviderParameters.getProviderParameters(); // Handle Claims ProcessedClaimCollection retrievedClaims = ClaimsUtils.processClaims(providerParameters); if (retrievedClaims != null) { Iterator<ProcessedClaim> claimIterator = retrievedClaims.iterator(); while (claimIterator.hasNext()) { ProcessedClaim claim = claimIterator.next(); if (claim.getClaimType() != null && claim.getValues() != null && !claim.getValues().isEmpty()) { Object claimValues = claim.getValues(); if (claim.getValues().size() == 1) { claimValues = claim.getValues().get(0); } claims.setProperty(translateClaim(claim.getClaimType().toString()), claimValues); } } } }
Example 2
Source File: BigQueryServer.java From cxf with Apache License 2.0 | 6 votes |
private static ClientAccessToken getAccessToken(PrivateKey privateKey, String issuer) { JwsHeaders headers = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.RS256); JwtClaims claims = new JwtClaims(); claims.setIssuer(issuer); claims.setAudience("https://www.googleapis.com/oauth2/v3/token"); long issuedAt = OAuthUtils.getIssuedAt(); claims.setIssuedAt(issuedAt); claims.setExpiryTime(issuedAt + 60 * 60); claims.setProperty("scope", "https://www.googleapis.com/auth/bigquery.readonly"); JwtToken token = new JwtToken(headers, claims); JwsJwtCompactProducer p = new JwsJwtCompactProducer(token); String base64UrlAssertion = p.signWith(privateKey); JwtBearerGrant grant = new JwtBearerGrant(base64UrlAssertion); WebClient accessTokenService = WebClient.create("https://www.googleapis.com/oauth2/v3/token", Arrays.asList(new OAuthJSONProvider(), new AccessTokenGrantWriter())); WebClient.getConfig(accessTokenService).getInInterceptors().add(new LoggingInInterceptor()); accessTokenService.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON); return accessTokenService.post(grant, ClientAccessToken.class); }
Example 3
Source File: TokenCache.java From g-suite-identity-sync with Apache License 2.0 | 5 votes |
private ClientAccessToken getAccessToken() throws NoPrivateKeyException { JwsHeaders headers = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.RS256); JwtClaims claims = new JwtClaims(); claims.setIssuer(config.getServiceAccountEmail()); claims.setAudience(config.getServiceAccountTokenUri()); claims.setSubject(config.getServiceAccountSubject()); long issuedAt = OAuthUtils.getIssuedAt(); long tokenTimeout = config.getServiceAccountTokenLifetime(); claims.setIssuedAt(issuedAt); claims.setExpiryTime(issuedAt + tokenTimeout); String scopes = String.join(" ", config.getServiceAccountScopes()); claims.setProperty("scope", scopes); JwtToken token = new JwtToken(headers, claims); JwsJwtCompactProducer p = new JwsJwtCompactProducer(token); String base64UrlAssertion = p.signWith(config.readServiceAccountKey()); JwtBearerGrant grant = new JwtBearerGrant(base64UrlAssertion); WebClient accessTokenService = WebClient.create(config.getServiceAccountTokenUri(), Arrays.asList(new OAuthJSONProvider(), new AccessTokenGrantWriter())); accessTokenService.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON); return accessTokenService.post(grant, ClientAccessToken.class); }
Example 4
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
@org.junit.Test public void testClaimsAuthorizationNoClaims() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/booksclaims"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "boss"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.post(new Book("book", 123L)); assertEquals(response.getStatus(), 403); }
Example 5
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
@org.junit.Test public void testClaimsAuthorizationWeakClaims() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/booksclaims"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "boss"); claims.setProperty("http://claims/authentication", "password"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.post(new Book("book", 123L)); assertEquals(response.getStatus(), 403); }
Example 6
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
@org.junit.Test public void testAuthorizationWrongRolesAllowedAnnotationHEAD() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "manager"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.head(); assertNotEquals(response.getStatus(), 200); }
Example 7
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
@org.junit.Test public void testAuthorizationWrongRolesAllowedAnnotationGET() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "manager"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.get(); assertNotEquals(response.getStatus(), 200); }
Example 8
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
@org.junit.Test public void testAuthorizationWrongRolesAllowedAnnotation() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "manager"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.post(new Book("book", 123L)); assertNotEquals(response.getStatus(), 200); }
Example 9
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
@org.junit.Test public void testAuthorizationRolesAllowedAnnotationHEAD() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "boss"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.head(); assertEquals(response.getStatus(), 200); }
Example 10
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
@org.junit.Test public void testAuthorizationWrongRole() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/books"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setProperty("role", "manager"); claims.setAudiences(toList(address)); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.post(new Book("book", 123L)); assertNotEquals(response.getStatus(), 200); }
Example 11
Source File: AuthTokenProcessorHandler.java From deprecated-security-advanced-modules with Apache License 2.0 | 5 votes |
private String createJwt(SamlResponse samlResponse) throws Exception { JwtClaims jwtClaims = new JwtClaims(); JwtToken jwt = new JwtToken(jwtClaims); jwtClaims.setNotBefore(System.currentTimeMillis() / 1000); jwtClaims.setExpiryTime(getJwtExpiration(samlResponse)); jwtClaims.setProperty(this.jwtSubjectKey, this.extractSubject(samlResponse)); if (this.samlSubjectKey != null) { jwtClaims.setProperty("saml_ni", samlResponse.getNameId()); } if (samlResponse.getNameIdFormat() != null) { jwtClaims.setProperty("saml_nif", SamlNameIdFormat.getByUri(samlResponse.getNameIdFormat()).getShortName()); } String sessionIndex = samlResponse.getSessionIndex(); if (sessionIndex != null) { jwtClaims.setProperty("saml_si", sessionIndex); } if (this.samlRolesKey != null && this.jwtRolesKey != null) { String[] roles = this.extractRoles(samlResponse); jwtClaims.setProperty(this.jwtRolesKey, roles); } String encodedJwt = this.jwtProducer.processJwt(jwt); if (token_log.isDebugEnabled()) { token_log.debug("Created JWT: " + encodedJwt + "\n" + jsonMapReaderWriter.toJson(jwt.getJwsHeaders()) + "\n" + JwtUtils.claimsToJson(jwt.getClaims())); } return encodedJwt; }
Example 12
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
@org.junit.Test public void testAuthorizationRolesAllowedAnnotationGET() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "boss"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.get(); assertEquals(response.getStatus(), 200); Book returnedBook = response.readEntity(Book.class); assertEquals(returnedBook.getName(), "book"); assertEquals(returnedBook.getId(), 123L); }
Example 13
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
@org.junit.Test public void testAuthorizationRolesAllowedAnnotation() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "boss"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.post(new Book("book", 123L)); assertEquals(response.getStatus(), 200); Book returnedBook = response.readEntity(Book.class); assertEquals(returnedBook.getName(), "book"); assertEquals(returnedBook.getId(), 123L); }
Example 14
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
@org.junit.Test public void testAuthorization() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/books"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "boss"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.post(new Book("book", 123L)); assertEquals(response.getStatus(), 200); Book returnedBook = response.readEntity(Book.class); assertEquals(returnedBook.getName(), "book"); assertEquals(returnedBook.getId(), 123L); }
Example 15
Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
@org.junit.Test public void testClaimsAuthorization() throws Exception { URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml"); List<Object> providers = new ArrayList<>(); providers.add(new JacksonJsonProvider()); providers.add(new JwtAuthenticationClientFilter()); String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/booksclaims"; WebClient client = WebClient.create(address, providers, busFile.toString()); client.type("application/json").accept("application/json"); // Create the JWT Token JwtClaims claims = new JwtClaims(); claims.setSubject("alice"); claims.setIssuer("DoubleItSTSIssuer"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences(toList(address)); // The endpoint requires a role of "boss" claims.setProperty("role", "boss"); // We also require a "smartcard" claim claims.setProperty("http://claims/authentication", "smartcard"); JwtToken token = new JwtToken(claims); Map<String, Object> properties = new HashMap<>(); properties.put("rs.security.keystore.type", "jwk"); properties.put("rs.security.keystore.alias", "2011-04-29"); properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt"); properties.put("rs.security.signature.algorithm", "RS256"); properties.put(JwtConstants.JWT_TOKEN, token); WebClient.getConfig(client).getRequestContext().putAll(properties); Response response = client.post(new Book("book", 123L)); assertEquals(response.getStatus(), 200); Book returnedBook = response.readEntity(Book.class); assertEquals(returnedBook.getName(), "book"); assertEquals(returnedBook.getId(), 123L); }
Example 16
Source File: OIDCNegativeTest.java From cxf with Apache License 2.0 | 4 votes |
@org.junit.Test public void testJWTRequestNonmatchingClientId() throws Exception { URL busFile = OIDCNegativeTest.class.getResource("client.xml"); String address = "https://localhost:" + port + "/unsignedjwtservices/"; WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "alice", "security", busFile.toString()); // Save the Cookie for the second request... WebClient.getConfig(client).getRequestContext().put( org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE); JwtClaims claims = new JwtClaims(); claims.setIssuer("consumer-id"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences( Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/")); claims.setProperty("client_id", "consumer-id2"); JwsHeaders headers = new JwsHeaders(); headers.setAlgorithm("none"); JwtToken token = new JwtToken(headers, claims); JwsJwtCompactProducer jws = new JwsJwtCompactProducer(token); String request = jws.getSignedEncodedJws(); AuthorizationCodeParameters parameters = new AuthorizationCodeParameters(); parameters.setConsumerId("consumer-id"); parameters.setScope("openid"); parameters.setResponseType("code"); parameters.setPath("authorize/"); parameters.setRequest(request); // Get Authorization Code try { OAuth2TestUtils.getLocation(client, parameters); fail("Failure expected on a non-matching client id"); } catch (ResponseProcessingException ex) { // expected } }
Example 17
Source File: OIDCNegativeTest.java From cxf with Apache License 2.0 | 4 votes |
@org.junit.Test public void testJWTRequestNonmatchingResponseType() throws Exception { URL busFile = OIDCNegativeTest.class.getResource("client.xml"); String address = "https://localhost:" + port + "/unsignedjwtservices/"; WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), "alice", "security", busFile.toString()); // Save the Cookie for the second request... WebClient.getConfig(client).getRequestContext().put( org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE); JwtClaims claims = new JwtClaims(); claims.setIssuer("consumer-id"); claims.setIssuedAt(Instant.now().getEpochSecond()); claims.setAudiences( Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/")); claims.setProperty("response_type", "token"); JwsHeaders headers = new JwsHeaders(); headers.setAlgorithm("none"); JwtToken token = new JwtToken(headers, claims); JwsJwtCompactProducer jws = new JwsJwtCompactProducer(token); String request = jws.getSignedEncodedJws(); AuthorizationCodeParameters parameters = new AuthorizationCodeParameters(); parameters.setConsumerId("consumer-id"); parameters.setScope("openid"); parameters.setResponseType("code"); parameters.setPath("authorize/"); parameters.setRequest(request); // Get Authorization Code try { OAuth2TestUtils.getLocation(client, parameters); fail("Failure expected on a non-matching response_type"); } catch (ResponseProcessingException ex) { // expected } }
Example 18
Source File: JWTTokenValidatorTest.java From cxf with Apache License 2.0 | 4 votes |
@Override public JwtClaims getJwtClaims(JWTClaimsProviderParameters jwtClaimsProviderParameters) { JwtClaims claims = super.getJwtClaims(jwtClaimsProviderParameters); claims.setProperty("role", role); return claims; }