Java Code Examples for org.gluu.oxauth.client.RegisterRequest#setTokenEndpointAuthMethod()
The following examples show how to use
org.gluu.oxauth.client.RegisterRequest#setTokenEndpointAuthMethod() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Supports3rdPartyInitLoginNoHttps.java From oxAuth with MIT License | 6 votes |
@Parameters({"redirectUri", "clientJwksUri", "postLogoutRedirectUri"}) @Test public void supports3rdPartyInitLoginNoHttps(final String redirectUri, final String clientJwksUri, final String postLogoutRedirectUri) throws Exception { showTitle("supports3rdPartyInitLoginNoHttps"); // 1. Register Client RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUri)); registerRequest.setContacts(Arrays.asList("[email protected]")); registerRequest.setGrantTypes(Arrays.asList(AUTHORIZATION_CODE)); registerRequest.setResponseTypes(Arrays.asList(CODE)); registerRequest.setInitiateLoginUri("http://client.example.com/start-3rd-party-initiated-sso"); registerRequest.setJwksUri(clientJwksUri); registerRequest.setPostLogoutRedirectUris(Arrays.asList(postLogoutRedirectUri)); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 400, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getEntity(), "The entity is null"); assertNotNull(registerResponse.getErrorType(), "The error type is null"); assertNotNull(registerResponse.getErrorDescription(), "The error description is null"); }
Example 2
Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License | 5 votes |
/** * Register a client with Token Endpoint Auth Method * <code>client_secret_basic</code>. */ @Parameters({"registerPath", "redirectUris"}) @Test public void tokenEndpointAuthMethodClientSecretBasicStep1(final String registerPath, final String redirectUris) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("tokenEndpointAuthMethodClientSecretBasicStep1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret2 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString()); registrationAccessToken2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()); registrationClientUri2 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 3
Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License | 5 votes |
/** * Register a client with Token Endpoint Auth Method * <code>client_secret_post</code>. */ @Parameters({"registerPath", "redirectUris"}) @Test public void tokenEndpointAuthMethodClientSecretPostStep1(final String registerPath, final String redirectUris) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("tokenEndpointAuthMethodClientSecretPostStep1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret3 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString()); registrationAccessToken3 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()); registrationClientUri3 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 4
Source File: EnablesDynamicRegistration.java From oxAuth with MIT License | 5 votes |
@Parameters({"redirectUris", "sectorIdentifierUri", "clientJwksUri"}) @Test public void enablesDynamicRegistration(final String redirectUris, final String sectorIdentifierUri, final String clientJwksUri) throws Exception { showTitle("OC5:FeatureTest-Enables Dynamic Registration"); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setContacts(Arrays.asList("[email protected]", "[email protected]")); registerRequest.setLogoUri("http://www.gluu.org/wp-content/themes/gluursn/images/logo.png"); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT); registerRequest.setPolicyUri("http://www.gluu.org/policy"); registerRequest.setJwksUri(clientJwksUri); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); registerRequest.setSubjectType(SubjectType.PUBLIC); registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertNotNull(response.getClientSecret()); assertNotNull(response.getRegistrationAccessToken()); assertNotNull(response.getRegistrationClientUri()); assertNotNull(response.getClientIdIssuedAt()); assertNotNull(response.getClientSecretExpiresAt()); }
Example 5
Source File: Supports3rdPartyInitLogin.java From oxAuth with MIT License | 5 votes |
@Parameters({"redirectUri", "clientJwksUri", "initiateLoginUri", "postLogoutRedirectUri"}) @Test public void supports3rdPartyInitLogin(final String redirectUri, final String clientJwksUri, final String initiateLoginUri, final String postLogoutRedirectUri) throws Exception { showTitle("supports3rdPartyInitLogin"); // 1. Register Client RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUri)); registerRequest.setContacts(Arrays.asList("[email protected]")); registerRequest.setGrantTypes(Arrays.asList(AUTHORIZATION_CODE)); registerRequest.setResponseTypes(Arrays.asList(CODE)); registerRequest.setInitiateLoginUri(initiateLoginUri); registerRequest.setJwksUri(clientJwksUri); registerRequest.setPostLogoutRedirectUris(Arrays.asList(postLogoutRedirectUri)); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientSecretExpiresAt()); assertEquals(registerResponse.getClaims().get(APPLICATION_TYPE.toString()), ApplicationType.WEB.toString()); assertEquals(registerResponse.getClaims().get(INITIATE_LOGIN_URI.toString()), initiateLoginUri); }
Example 6
Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License | 5 votes |
/** * Register a client with Token Endpoint Auth Method * <code>private_key_jwt</code>. */ @Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void tokenEndpointAuthMethodPrivateKeyJwtStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.setJwksUri(jwksUri); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("tokenEndpointAuthMethodPrivateKeyJwtStep1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId5 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret5 = jsonObj.getString(RegisterResponseParam.CLIENT_SECRET.toString()); registrationAccessToken5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()); registrationClientUri5 = jsonObj.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 7
Source File: TokenRestWebServiceWithHSAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtHS256Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtHS256Step1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId1 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret1 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 8
Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtES512X509CertStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtES512X509CertStep1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId6 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret6 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 9
Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtES384X509CertStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtES384X509CertStep1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId5 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret5 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 10
Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtES512Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtES384Step1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 11
Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtES384Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtES384Step1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret2 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 12
Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtES256Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtES256Step1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId1 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret1 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 13
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtRS512Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtRS512Step1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 14
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtRS256Step1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtRS256Step1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId1 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret1 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 15
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtRS512X509CertStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtRS512X509CertStep1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId6 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret6 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 16
Source File: SupportRegistrationRead.java From oxAuth with MIT License | 4 votes |
@Parameters({"redirectUris", "redirectUri", "userId", "userSecret", "sectorIdentifierUri"}) @Test public void supportRegistrationRead( final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception { showTitle("OC5:FeatureTest-Support Registration Read"); List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE); // 1. Register client RegisterRequest registerRequest1 = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest1.setContacts(Arrays.asList("[email protected]", "[email protected]")); registerRequest1.setLogoUri("http://www.gluu.org/wp-content/themes/gluursn/images/logo.png"); registerRequest1.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT); registerRequest1.setPolicyUri("http://www.gluu.org/policy"); registerRequest1.setJwksUri("http://www.gluu.org/jwks"); registerRequest1.setSectorIdentifierUri(sectorIdentifierUri); registerRequest1.setSubjectType(SubjectType.PUBLIC); registerRequest1.setRequestObjectSigningAlg(SignatureAlgorithm.RS256); registerRequest1.setRequestUris(Arrays.asList("http://www.gluu.org/request")); RegisterClient registerClient1 = new RegisterClient(registrationEndpoint); registerClient1.setRequest(registerRequest1); RegisterResponse registerResponse1 = registerClient1.exec(); showClient(registerClient1); assertEquals(registerResponse1.getStatus(), 200, "Unexpected response code: " + registerResponse1.getEntity()); assertNotNull(registerResponse1.getClientId()); assertNotNull(registerResponse1.getClientSecret()); assertNotNull(registerResponse1.getRegistrationAccessToken()); assertNotNull(registerResponse1.getClientSecretExpiresAt()); assertNotNull(registerResponse1.getClaims().get(SCOPE.toString())); String clientId = registerResponse1.getClientId(); String registrationAccessToken = registerResponse1.getRegistrationAccessToken(); String registrationClientUri = registerResponse1.getRegistrationClientUri(); // 2. Client Read RegisterRequest registerRequest2 = new RegisterRequest(registrationAccessToken); RegisterClient registerClient2 = new RegisterClient(registrationClientUri); registerClient2.setRequest(registerRequest2); RegisterResponse registerResponse2 = registerClient2.exec(); showClient(registerClient2); assertEquals(registerResponse2.getStatus(), 200, "Unexpected response code: " + registerResponse2.getEntity()); assertNotNull(registerResponse2.getClientId()); assertNotNull(registerResponse2.getClientSecret()); assertNotNull(registerResponse2.getRegistrationAccessToken()); assertNotNull(registerResponse2.getRegistrationClientUri()); assertNotNull(registerResponse2.getClientSecretExpiresAt()); assertNotNull(registerResponse2.getClaims().get(APPLICATION_TYPE.toString())); assertNotNull(registerResponse2.getClaims().get(POLICY_URI.toString())); assertNotNull(registerResponse2.getClaims().get(REQUEST_OBJECT_SIGNING_ALG.toString())); assertNotNull(registerResponse2.getClaims().get(CONTACTS.toString())); assertNotNull(registerResponse2.getClaims().get(SECTOR_IDENTIFIER_URI.toString())); assertNotNull(registerResponse2.getClaims().get(SUBJECT_TYPE.toString())); assertNotNull(registerResponse2.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString())); assertNotNull(registerResponse2.getClaims().get(JWKS_URI.toString())); assertNotNull(registerResponse2.getClaims().get(CLIENT_NAME.toString())); assertNotNull(registerResponse2.getClaims().get(LOGO_URI.toString())); assertNotNull(registerResponse2.getClaims().get(REQUEST_URIS.toString())); assertNotNull(registerResponse2.getClaims().get(SCOPE.toString())); }
Example 17
Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 4 votes |
@Test(dependsOnMethods = "requestClientAssociate3") public void requestClientUpdate3() throws Exception { showTitle("requestClientUpdate3"); final String clientName = "Dynamically Registered Client #1 update_1"; final RegisterRequest registerRequest = new RegisterRequest(registrationAccessToken2); registerRequest.setHttpMethod(HttpMethod.PUT); registerRequest.setRedirectUris(Arrays.asList("https://localhost:8443/auth")); registerRequest.setPostLogoutRedirectUris(Arrays.asList("https://localhost:8443/auth")); registerRequest.setApplicationType(ApplicationType.WEB); registerRequest.setClientName(clientName); registerRequest.setSubjectType(SubjectType.PUBLIC); registerRequest.setGrantTypes(Arrays.asList(GrantType.IMPLICIT)); registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN)); registerRequest.setScope(Arrays.asList("openid", "address", "profile", "email", "phone", "clientinfo", "invalid_scope")); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST); registerRequest.setFrontChannelLogoutSessionRequired(true); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); final RegisterClient registerClient = new RegisterClient(registrationClientUri2); registerClient.setRequest(registerRequest); registerClient.setExecutor(clientExecutor(true)); final RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertTrue(response.getClaims().containsKey(CLIENT_NAME.toString())); assertEquals(clientName, response.getClaims().get(CLIENT_NAME.toString())); JSONArray scopesJsonArray = new JSONArray(StringUtils.spaceSeparatedToList(response.getClaims().get(SCOPE.toString()))); List<String> scopes = new ArrayList<String>(); for (int i = 0; i < scopesJsonArray.length(); i++) { scopes.add(scopesJsonArray.get(i).toString()); } assertTrue(scopes.contains("openid")); assertTrue(scopes.contains("address")); assertTrue(scopes.contains("email")); assertTrue(scopes.contains("profile")); assertTrue(scopes.contains("phone")); assertTrue(scopes.contains("clientinfo")); }
Example 18
Source File: RegistrationRestWebServiceHttpTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"redirectUris", "sectorIdentifierUri", "logoutUri"}) @Test public void requestClientAssociate3(final String redirectUris, final String sectorIdentifierUri, final String logoutUri) throws Exception { showTitle("requestClientAssociate3"); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setPostLogoutRedirectUris(Lists.newArrayList(logoutUri)); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); // registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setGrantTypes(Arrays.asList(GrantType.IMPLICIT)); registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN)); registerRequest.setScope(Arrays.asList("openid", "profile", "email")); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST); registerRequest.setFrontChannelLogoutSessionRequired(true); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); registerClient.setExecutor(clientExecutor(true)); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertNotNull(response.getClientSecret()); assertNotNull(response.getRegistrationAccessToken()); assertNotNull(response.getClientSecretExpiresAt()); assertNotNull(response.getClaims().get(SCOPE.toString())); assertNotNull(response.getClaims().get(FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED.toString())); assertTrue(Boolean.parseBoolean(response.getClaims().get(FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED.toString()))); assertNotNull(response.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString())); assertEquals(SignatureAlgorithm.RS256, SignatureAlgorithm.fromString(response.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()))); assertEquals(AuthenticationMethod.CLIENT_SECRET_POST, AuthenticationMethod.fromString(response.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()))); JSONArray scopesJsonArray = new JSONArray(StringUtils.spaceSeparatedToList(response.getClaims().get(SCOPE.toString()))); List<String> scopes = new ArrayList<String>(); for (int i = 0; i < scopesJsonArray.length(); i++) { scopes.add(scopesJsonArray.get(i).toString()); } assertTrue(scopes.contains("openid")); assertTrue(scopes.contains("email")); assertTrue(scopes.contains("profile")); registrationAccessToken2 = response.getRegistrationAccessToken(); registrationClientUri2 = response.getRegistrationClientUri(); }
Example 19
Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java From oxAuth with MIT License | 4 votes |
@Parameters({"registerPath", "redirectUris", "clientJwksUri"}) @Test public void requestAccessTokenWithClientSecretJwtRS256X509CertStep1(final String registerPath, final String redirectUris, final String jwksUri) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setJwksUri(jwksUri); registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); List<GrantType> grantTypes = Arrays.asList( GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS ); registerRequest.setGrantTypes(grantTypes); String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters()); Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("requestAccessTokenWithClientSecretJwtRS256X509CertStep1", response, entity); assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString())); assertTrue(jsonObj.has(CLIENT_SECRET.toString())); assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString())); assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString())); assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString())); assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString())); clientId4 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString()); clientSecret4 = jsonObj.getString(CLIENT_SECRET.toString()); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
Example 20
Source File: RegistrationAction.java From oxAuth with MIT License | 4 votes |
public void exec() { try { RegisterRequest request = new RegisterRequest(applicationType, clientName, StringUtils.spaceSeparatedToList(redirectUris)); request.setClaimsRedirectUris(StringUtils.spaceSeparatedToList(claimsRedirectUris)); request.setResponseTypes(responseTypes); request.setGrantTypes(grantTypes); request.setContacts(StringUtils.spaceSeparatedToList(contacts)); request.setLogoUri(logoUri); request.setClientUri(clientUri); request.setPolicyUri(policyUri); request.setTosUri(tosUri); request.setJwksUri(jwksUri); request.setSectorIdentifierUri(sectorIdentifierUri); request.setSubjectType(subjectType); request.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg); request.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg); request.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc); request.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg); request.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg); request.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc); request.setRequestObjectSigningAlg(requestObjectSigningAlg); request.setRequestObjectEncryptionAlg(requestObjectEncryptionAlg); request.setRequestObjectEncryptionEnc(requestObjectEncryptionEnc); request.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); request.setTokenEndpointAuthSigningAlg(tokenEndpointAuthSigningAlg); request.setDefaultMaxAge(defaultMaxAge); request.setRequireAuthTime(requireAuthTime); request.setDefaultAcrValues(StringUtils.spaceSeparatedToList(defaultAcrValues)); request.setInitiateLoginUri(initiateLoginUri); request.setPostLogoutRedirectUris(StringUtils.spaceSeparatedToList(postLogoutRedirectUris)); request.setRequestUris(StringUtils.spaceSeparatedToList(requestUris)); request.setFrontChannelLogoutUris(Lists.newArrayList(logoutUri)); request.setFrontChannelLogoutSessionRequired(logoutSessionRequired); // CIBA request.setBackchannelTokenDeliveryMode(backchannelTokenDeliveryMode); request.setBackchannelClientNotificationEndpoint(backchannelClientNotificationEndpoint); request.setBackchannelAuthenticationRequestSigningAlg(backchannelAuthenticationRequestSigningAlg); request.setBackchannelUserCodeParameter(backchannelUserCodeParameter); RegisterClient client = new RegisterClient(registrationEndpoint); client.setRequest(request); RegisterResponse response = client.exec(); if (response.getStatus() >= 200 && response.getStatus() <= 299) { registrationClientUri = response.getRegistrationClientUri(); registrationAccessToken = response.getRegistrationAccessToken(); authorizationAction.setClientId(response.getClientId()); authorizationAction.setClientSecret(response.getClientSecret()); if (request.getRedirectUris() != null && request.getRedirectUris().size() > 0) { authorizationAction.setRedirectUri(request.getRedirectUris().get(0)); } tokenAction.setClientId(response.getClientId()); tokenAction.setClientSecret(response.getClientSecret()); backchannelAuthenticationAction.setClientId(response.getClientId()); backchannelAuthenticationAction.setClientSecret(response.getClientSecret()); backchannelAuthenticationAction.setBackchannelTokenDeliveryMode(request.getBackchannelTokenDeliveryMode()); } showResults = true; requestString = client.getRequestAsString(); responseString = client.getResponseAsString(); } catch (Exception e) { log.error(e.getMessage(), e); } }