org.gluu.oxauth.client.RegisterRequest Java Examples
The following examples show how to use
org.gluu.oxauth.client.RegisterRequest.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: Supports3rdPartyInitLoginNoHttps.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUri", "clientJwksUri", "postLogoutRedirectUri"})
@Test
public void supports3rdPartyInitLoginNoHttps(final String redirectUri, final String clientJwksUri, final String postLogoutRedirectUri) throws Exception {
showTitle("supports3rdPartyInitLoginNoHttps");
// 1. Register Client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUri));
registerRequest.setContacts(Arrays.asList("[email protected]"));
registerRequest.setGrantTypes(Arrays.asList(AUTHORIZATION_CODE));
registerRequest.setResponseTypes(Arrays.asList(CODE));
registerRequest.setInitiateLoginUri("http://client.example.com/start-3rd-party-initiated-sso");
registerRequest.setJwksUri(clientJwksUri);
registerRequest.setPostLogoutRedirectUris(Arrays.asList(postLogoutRedirectUri));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 400, "Unexpected response code: " + registerResponse.getEntity());
assertNotNull(registerResponse.getEntity(), "The entity is null");
assertNotNull(registerResponse.getErrorType(), "The error type is null");
assertNotNull(registerResponse.getErrorDescription(), "The error description is null");
}
Example #2
| Source File: RejectsSectorIdentifierNotContainingRegisteredRedirectUriValues.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"sectorIdentifierUri"})
@Test
public void rejectsSectorIdentifierNotContainingRegisteredRedirectUriValues(final String sectorIdentifierUri) throws Exception {
showTitle("OC5:FeatureTest-Rejects Sector Identifier Not Containing Registered redirect uri Values");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList("https://not_registered"));
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setResponseTypes(responseTypes);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 400, "Unexpected response code: " + registerResponse.getStatus());
assertNotNull(registerResponse.getErrorType(), "The error type is null");
assertNotNull(registerResponse.getErrorDescription(), "The error description is null");
}
Example #3
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris"})
@Test
public void registerWithHttpFail(final String redirectUris) throws Exception {
showTitle("registerWithHttpFail");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
redirectUriList.add("http://www.example.com/cb"); // URI with HTTP schema
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth web test app with HTTP schema in URI",
redirectUriList);
registerRequest.setSubjectType(SubjectType.PUBLIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 400);
assertNotNull(response.getEntity());
assertNotNull(response.getErrorType());
assertNotNull(response.getErrorDescription());
}
Example #4
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris"})
@Test
public void registerWithHttp2(final String redirectUris) throws Exception {
showTitle("registerWithHttp2");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
redirectUriList.add("http://127.0.0.1/cb"); // URI with HTTP schema
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth web test app with HTTP schema in URI",
redirectUriList);
registerRequest.setSubjectType(SubjectType.PUBLIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
}
Example #5
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris"})
@Test
public void registerWithHttp1(final String redirectUris) throws Exception {
showTitle("registerWithHttp1");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
redirectUriList.add("http://localhost/cb"); // URI with HTTP schema
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth web test app with HTTP schema in URI",
redirectUriList);
registerRequest.setSubjectType(SubjectType.PUBLIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
}
Example #6
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris", "sectorIdentifierUri"})
@Test
public void registerWithApplicationTypeNativeAndSubjectTypePairwise(
final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("registerWithApplicationTypeNativeAndSubjectTypePairwise");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.NATIVE, "oxAuth native test app",
redirectUriList);
registerRequest.setSubjectType(SubjectType.PAIRWISE);
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
}
Example #7
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris"})
@Test
public void registerWithCustomURI(final String redirectUris) throws Exception {
showTitle("registerWithCustomURI");
List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris));
redirectUriList.add("myschema://client.example.com/cb"); // URI with custom schema
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.NATIVE, "oxAuth native test app with custom schema in URI",
redirectUriList);
registerRequest.setSubjectType(SubjectType.PUBLIC);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
}
Example #8
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris"})
@Test
public void requestClientRegistrationFail4(final String redirectUris) throws Exception {
showTitle("requestClientRegistrationFail4");
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.NONE); // id_token signature cannot be none
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
registerClient.setExecutor(clientExecutor(true));
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 400);
assertNotNull(response.getEntity());
assertNotNull(response.getErrorType());
assertNotNull(response.getErrorDescription());
}
Example #9
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Test
public void failRegistration_whenRedirectUriIsNotSetForResponseTypeCode() throws Exception {
showTitle("failRegistration_whenRedirectUriIsNotSetForResponseTypeCode");
RegisterRequest request = new RegisterRequest();
request.setResponseTypes(Lists.newArrayList(ResponseType.CODE));
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setExecutor(clientExecutor(true));
registerClient.setRequest(request);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getEntity(), "The entity is null");
assertNotNull(response.getErrorType(), "The error type is null");
assertNotNull(response.getErrorDescription(), "The error description is null");
}
Example #10
| Source File: OpenIdClient.java From oxTrust with MIT License | 6 votes |
|
private RegisterResponse registerOpenIdClient() {
logger.info("Registering OpenId client");
String clientName = this.appConfiguration.getApplicationName() + " client";
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, clientName, Arrays.asList(this.appConfiguration.getOpenIdRedirectUrl()));
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
RegisterClient registerClient = new RegisterClient(openIdConfiguration.getRegistrationEndpoint());
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
if ((response == null) || (response.getStatus() != 200)) {
throw new ConfigurationException("Failed to register new client");
}
return response;
}
Example #11
| Source File: RejectRegistrationOfRedirectUriWithFragment.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUri"})
@Test
public void rejectRegistrationOfRedirectUriWithFragment(final String redirectUri) throws Exception {
showTitle("OC5:FeatureTest-Reject Registration of redirect uri with Fragment");
List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
// 1. Register client
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUri + "#foo1=bar"));
registerRequest.setResponseTypes(responseTypes);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse registerResponse = registerClient.exec();
showClient(registerClient);
assertEquals(registerResponse.getStatus(), 400, "Unexpected response code: " + registerResponse.getStatus());
assertNotNull(registerResponse.getErrorType(), "The error type is null");
assertNotNull(registerResponse.getErrorDescription(), "The error description is null");
}
Example #12
| Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris", "sectorIdentifierUri"})
@Test
public void requestClientAssociate3(final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("requestClientAssociate3");
String softwareId = UUID.randomUUID().toString();
String softwareVersion = "version_3.1.5";
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setSoftwareId(softwareId);
registerRequest.setSoftwareVersion(softwareVersion);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
assertTrue(response.getClaims().containsKey(SOFTWARE_ID.toString()));
assertEquals(response.getClaims().get(SOFTWARE_ID.toString()), softwareId);
assertTrue(response.getClaims().containsKey(SOFTWARE_VERSION.toString()));
assertEquals(response.getClaims().get(SOFTWARE_VERSION.toString()), softwareVersion);
}
Example #13
| Source File: UpdateSiteOperation.java From oxd with Apache License 2.0 | 6 votes |
|
private void updateRegisteredClient(Rp rp, RegisterRequest registerRequest) {
if (StringUtils.isBlank(rp.getClientRegistrationClientUri())) {
LOG.error("Registration client url is blank.");
throw new HttpException(ErrorResponseCode.INVALID_REGISTRATION_CLIENT_URL);
}
final RegisterClient registerClient = new RegisterClient(rp.getClientRegistrationClientUri());
registerClient.setRequest(registerRequest);
registerClient.setExecutor(getHttpService().getClientExecutor());
final RegisterResponse response = registerClient.exec();
if (response != null) {
if (response.getStatus() == 200) {
LOG.trace("Client updated successfully. for rp - client_id: " + rp.getClientId());
return;
} else {
LOG.error("Response is not OK (200).");
}
} else {
LOG.error("RegisterClient response is null.");
}
if (!Strings.isNullOrEmpty(response.getErrorDescription())) {
LOG.error(response.getErrorDescription());
}
throw new RuntimeException("Failed to update client for rp. Details:" + response.getEntity());
}
Example #14
| Source File: RegistrationRestWebServiceEmbeddedTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"registerPath"})
@Test
public void failRegistration_whenRedirectUriIsNotSetForResponseTypeCode(final String registerPath) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
RegisterRequest registerRequest = new RegisterRequest(null, null, null);
registerRequest.setResponseTypes(Lists.newArrayList(ResponseType.CODE));
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestClientRegistrationFail 1", response, entity);
assertEquals(response.getStatus(), 400, "Unexpected response code. " + entity);
TestUtil.assertErrorResponse(entity);
}
Example #15
| Source File: ClientWhiteListBlackListRedirectUris.java From oxAuth with MIT License | 6 votes |
|
@Test(dependsOnMethods = "requestClientAssociate")
public void requestClientUpdate() throws Exception {
showTitle("requestClientUpdate");
final String redirectUris = "https://www.attacker.com";
final RegisterRequest registerRequest = new RegisterRequest(registrationAccessToken1);
registerRequest.setHttpMethod(HttpMethod.PUT);
registerRequest.setRedirectUris(StringUtils.spaceSeparatedToList(redirectUris));
final RegisterClient registerClient = new RegisterClient(registrationClientUri1);
registerClient.setRequest(registerRequest);
registerClient.setExecutor(clientExecutor(true));
final RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getEntity(), "The entity is null");
assertNotNull(response.getErrorType(), "The error type is null");
assertNotNull(response.getErrorDescription(), "The error description is null");
}
Example #16
| Source File: ClientWhiteListBlackListRedirectUris.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"redirectUris", "sectorIdentifierUri"})
@Test
public void requestClientAssociate(final String redirectUris, final String sectorIdentifierUri) throws Exception {
showTitle("requestClientAssociate");
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
RegisterClient registerClient = new RegisterClient(registrationEndpoint);
registerClient.setRequest(registerRequest);
registerClient.setExecutor(clientExecutor(true));
RegisterResponse response = registerClient.exec();
showClient(registerClient);
assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
assertNotNull(response.getClientId());
assertNotNull(response.getClientSecret());
assertNotNull(response.getRegistrationAccessToken());
assertNotNull(response.getClientSecretExpiresAt());
assertNotNull(response.getClaims().get(SCOPE.toString()));
registrationAccessToken1 = response.getRegistrationAccessToken();
registrationClientUri1 = response.getRegistrationClientUri();
}
Example #17
| Source File: RegistrationRestWebServiceEmbeddedTest.java From oxAuth with MIT License | 6 votes |
|
@Parameters({"registerPath"})
@Test
public void requestClientRegistrationFail3(final String registerPath) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
Arrays.asList("https://client.example.com/cb#fail_fragment"));
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestClientRegistrationFail3", response, entity);
assertEquals(response.getStatus(), 400, "Unexpected response code. " + entity);
TestUtil.assertErrorResponse(entity);
}
Example #18
| Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
/**
* Register a client with Token Endpoint Auth Method
* <code>client_secret_jwt</code>.
*/
@Parameters({"registerPath", "redirectUris"})
@Test
public void tokenEndpointAuthMethodClientSecretJwtStep1(final String registerPath, final String redirectUris)
throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("tokenEndpointAuthMethodClientSecretJwtStep1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId4 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
clientSecret4 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
registrationAccessToken4 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
registrationClientUri4 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
Example #19
| Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS256Step1(final String registerPath, final String redirectUris,
final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodRS256Step1", response, entity);
ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
responseAsserter.assertRegisterResponse();
clientId1 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
Example #20
| Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
/**
* Register a client with Token Endpoint Auth Method
* <code>client_secret_basic</code>.
*/
@Parameters({"registerPath", "redirectUris"})
@Test
public void tokenEndpointAuthMethodClientSecretBasicStep1(final String registerPath, final String redirectUris)
throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("tokenEndpointAuthMethodClientSecretBasicStep1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
clientSecret2 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
registrationAccessToken2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
registrationClientUri2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
Example #21
| Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS384Step1(final String registerPath, final String redirectUris,
final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS384);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodRS384Step1", response, entity);
ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
responseAsserter.assertRegisterResponse();
clientId2 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
Example #22
| Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
/**
* Register a client with Token Endpoint Auth Method
* <code>client_secret_post</code>.
*/
@Parameters({"registerPath", "redirectUris"})
@Test
public void tokenEndpointAuthMethodClientSecretPostStep1(final String registerPath, final String redirectUris)
throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("tokenEndpointAuthMethodClientSecretPostStep1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
clientSecret3 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
registrationAccessToken3 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
registrationClientUri3 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
Example #23
| Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
/**
* Register a client with Token Endpoint Auth Method
* <code>private_key_jwt</code>.
*/
@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void tokenEndpointAuthMethodPrivateKeyJwtStep1(final String registerPath, final String redirectUris,
final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
registerRequest.setJwksUri(jwksUri);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("tokenEndpointAuthMethodPrivateKeyJwtStep1", response, entity);
assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
assertNotNull(entity, "Unexpected result: " + entity);
try {
JSONObject jsonObj = new JSONObject(entity);
assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));
clientId5 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
clientSecret5 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString());
registrationAccessToken5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
registrationClientUri5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage() + "\nResponse was: " + entity);
}
}
Example #24
| Source File: ExternalDynamicClientRegistrationService.java From oxAuth with MIT License | 5 votes |
|
public boolean executeExternalUpdateClientMethod(CustomScriptConfiguration customScriptConfiguration, RegisterRequest registerRequest, Client client) {
try {
log.debug("Executing python 'updateClient' method");
ClientRegistrationType externalClientRegistrationType = (ClientRegistrationType) customScriptConfiguration.getExternalType();
Map<String, SimpleCustomProperty> configurationAttributes = customScriptConfiguration.getConfigurationAttributes();
return externalClientRegistrationType.updateClient(registerRequest, client, configurationAttributes);
} catch (Exception ex) {
log.error(ex.getMessage(), ex);
saveScriptError(customScriptConfiguration.getCustomScript(), ex);
}
return false;
}
Example #25
| Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES256Step1(final String registerPath, final String redirectUris,
final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
fail(e.getMessage(), e);
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES256Step1", response, entity);
ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
responseAsserter.assertRegisterResponse();
clientId1 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
Example #26
| Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES384Step1(final String registerPath, final String redirectUris,
final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
e.printStackTrace();
fail(e.getMessage());
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES384Step1", response, entity);
ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
responseAsserter.assertRegisterResponse();
clientId2 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
Example #27
| Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES512Step1(final String registerPath, final String redirectUris,
final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES512);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
fail(e.getMessage(), e);
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES512Step1", response, entity);
ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
responseAsserter.assertRegisterResponse();
clientId3 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
Example #28
| Source File: OpenIDRequestObjectWithESAlgEmbeddedTest.java From oxAuth with MIT License | 5 votes |
|
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodES256X509CertStep1(final String registerPath, final String redirectUris,
final String jwksUri) throws Exception {
Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();
String registerRequestContent = null;
try {
List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
StringUtils.spaceSeparatedToList(redirectUris));
registerRequest.setJwksUri(jwksUri);
registerRequest.setResponseTypes(responseTypes);
registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
} catch (JSONException e) {
fail(e.getMessage(), e);
}
Response response = request.post(Entity.json(registerRequestContent));
String entity = response.readEntity(String.class);
showResponse("requestParameterMethodES256X509CertStep1", response, entity);
ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
responseAsserter.assertRegisterResponse();
clientId4 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
Example #29
| Source File: ExternalDynamicClientRegistrationService.java From oxAuth with MIT License | 5 votes |
|
public boolean executeExternalUpdateClientMethods(RegisterRequest registerRequest, Client client) {
boolean result = true;
for (CustomScriptConfiguration customScriptConfiguration : this.customScriptConfigurations) {
result &= executeExternalUpdateClientMethod(customScriptConfiguration, registerRequest, client);
if (!result) {
return result;
}
}
return result;
}
Example #30
| Source File: RegisterResponseMapper.java From oxd with Apache License 2.0 | 5 votes |
|
public static Rp createRp(RegisterResponse response) {
Rp rpFromRegisterResponse = new Rp();
RegisterRequest request = RegisterRequest.fromJson(response.getEntity(), false);
RegisterRequestMapper.fillRp(rpFromRegisterResponse, request);
rpFromRegisterResponse.setClientId(response.getClientId());
rpFromRegisterResponse.setClientSecret(response.getClientSecret());
rpFromRegisterResponse.setClientSecretExpiresAt(response.getClientSecretExpiresAt());
return rpFromRegisterResponse;
}
