Java Code Examples for org.gluu.oxauth.client.RegisterRequest#setJwksUri()

The following examples show how to use org.gluu.oxauth.client.RegisterRequest#setJwksUri() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Supports3rdPartyInitLoginNoHttps.java    From oxAuth with MIT License 6 votes vote down vote up
@Parameters({"redirectUri", "clientJwksUri", "postLogoutRedirectUri"})
@Test
public void supports3rdPartyInitLoginNoHttps(final String redirectUri, final String clientJwksUri, final String postLogoutRedirectUri) throws Exception {
    showTitle("supports3rdPartyInitLoginNoHttps");

    // 1. Register Client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUri));
    registerRequest.setContacts(Arrays.asList("[email protected]"));
    registerRequest.setGrantTypes(Arrays.asList(AUTHORIZATION_CODE));
    registerRequest.setResponseTypes(Arrays.asList(CODE));
    registerRequest.setInitiateLoginUri("http://client.example.com/start-3rd-party-initiated-sso");
    registerRequest.setJwksUri(clientJwksUri);
    registerRequest.setPostLogoutRedirectUris(Arrays.asList(postLogoutRedirectUri));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 400, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getEntity(), "The entity is null");
    assertNotNull(registerResponse.getErrorType(), "The error type is null");
    assertNotNull(registerResponse.getErrorDescription(), "The error description is null");
}
 
Example 2
Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES256X509CertStep1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {

		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		fail(e.getMessage(), e);
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodES256X509CertStep1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId4 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 3
Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS512X509CertStep1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodRS512X509CertStep1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId6 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 4
Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
/**
 * Register a client with Token Endpoint Auth Method
 * <code>private_key_jwt</code>.
 */
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void tokenEndpointAuthMethodPrivateKeyJwtStep1(final String registerPath, final String redirectUris,
                                                      final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.setJwksUri(jwksUri);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("tokenEndpointAuthMethodPrivateKeyJwtStep1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId5 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret5 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
        registrationAccessToken5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        registrationClientUri5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 5
Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS256Step1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodRS256Step1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId1 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 6
Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES384X509CertStep1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {

	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {

		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		fail(e.getMessage(), e);
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodES384X509CertStep1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId5 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 7
Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS256X509CertStep1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodRS256X509CertStep1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId4 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 8
Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES384Step1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {

	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodES384Step1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId2 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 9
Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES512X509CertStep1(final String registerPath, final String redirectUris,
		final String jwkUri) throws Exception {

	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {

		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwkUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES512);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		fail(e.getMessage(), e);
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodES512X509CertStep1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId6 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 10
Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES512Step1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {

	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES512);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		fail(e.getMessage(), e);
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodES512Step1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId3 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 11
Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS512Step1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodRS512Step1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId3 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 12
Source File: TokenRestWebServiceWithHSAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtHS256Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtHS256Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId1 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret1 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 13
Source File: TokenRestWebServiceWithHSAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtHS512Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtHS512Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 14
Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtES384Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtES384Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret2 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 15
Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtES512Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {

    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtES384Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 16
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtRS384X509CertStep1(final String registerPath,
                                                                    final String redirectUris, final String jwksUri) throws Exception {

    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtRS384X509CertStep1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId5 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret5 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 17
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtRS256X509CertStep1(final String registerPath,
                                                                    final String redirectUris, final String jwksUri) throws Exception {

    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtRS256X509CertStep1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId4 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret4 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 18
Source File: RegistrationAction.java    From oxAuth with MIT License 4 votes vote down vote up
public void exec() {
    try {
        RegisterRequest request = new RegisterRequest(applicationType, clientName, StringUtils.spaceSeparatedToList(redirectUris));
        request.setClaimsRedirectUris(StringUtils.spaceSeparatedToList(claimsRedirectUris));
        request.setResponseTypes(responseTypes);
        request.setGrantTypes(grantTypes);
        request.setContacts(StringUtils.spaceSeparatedToList(contacts));
        request.setLogoUri(logoUri);
        request.setClientUri(clientUri);
        request.setPolicyUri(policyUri);
        request.setTosUri(tosUri);
        request.setJwksUri(jwksUri);
        request.setSectorIdentifierUri(sectorIdentifierUri);
        request.setSubjectType(subjectType);
        request.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg);
        request.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg);
        request.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc);
        request.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg);
        request.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg);
        request.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc);
        request.setRequestObjectSigningAlg(requestObjectSigningAlg);
        request.setRequestObjectEncryptionAlg(requestObjectEncryptionAlg);
        request.setRequestObjectEncryptionEnc(requestObjectEncryptionEnc);
        request.setTokenEndpointAuthMethod(tokenEndpointAuthMethod);
        request.setTokenEndpointAuthSigningAlg(tokenEndpointAuthSigningAlg);
        request.setDefaultMaxAge(defaultMaxAge);
        request.setRequireAuthTime(requireAuthTime);
        request.setDefaultAcrValues(StringUtils.spaceSeparatedToList(defaultAcrValues));
        request.setInitiateLoginUri(initiateLoginUri);
        request.setPostLogoutRedirectUris(StringUtils.spaceSeparatedToList(postLogoutRedirectUris));
        request.setRequestUris(StringUtils.spaceSeparatedToList(requestUris));
        request.setFrontChannelLogoutUris(Lists.newArrayList(logoutUri));
        request.setFrontChannelLogoutSessionRequired(logoutSessionRequired);

        // CIBA
        request.setBackchannelTokenDeliveryMode(backchannelTokenDeliveryMode);
        request.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint);
        request.setBackchannelAuthenticationRequestSigningAlg(backchannelAuthenticationRequestSigningAlg);
        request.setBackchannelUserCodeParameter(backchannelUserCodeParameter);

        RegisterClient client = new RegisterClient(registrationEndpoint);
        client.setRequest(request);
        RegisterResponse response = client.exec();

        if (response.getStatus() >= 200 && response.getStatus() <= 299) {
            registrationClientUri = response.getRegistrationClientUri();
            registrationAccessToken = response.getRegistrationAccessToken();
            authorizationAction.setClientId(response.getClientId());
            authorizationAction.setClientSecret(response.getClientSecret());
            if (request.getRedirectUris() != null && request.getRedirectUris().size() > 0) {
                authorizationAction.setRedirectUri(request.getRedirectUris().get(0));
            }
            tokenAction.setClientId(response.getClientId());
            tokenAction.setClientSecret(response.getClientSecret());

            backchannelAuthenticationAction.setClientId(response.getClientId());
            backchannelAuthenticationAction.setClientSecret(response.getClientSecret());
            backchannelAuthenticationAction.setBackchannelTokenDeliveryMode(request.getBackchannelTokenDeliveryMode());
        }

        showResults = true;
        requestString = client.getRequestAsString();
        responseString = client.getResponseAsString();
    } catch (Exception e) {
        log.error(e.getMessage(), e);
    }
}
 
Example 19
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtRS384Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtRS384Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret2 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 20
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java    From oxAuth with MIT License 4 votes vote down vote up
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtRS512Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {

    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtRS512Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}