gluu
公開メンバ関数 | 静的公開メンバ関数 | 静的公開変数類 | 限定公開変数類 | 全メンバ一覧
org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest クラス
org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest の継承関係図
Inheritance graph
org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest 連携図
Collaboration graph

公開メンバ関数

void requestAuthorizationCode (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationCodeUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationCodeNoRedirection (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationCodeFail1 (final String userId, final String userSecret) throws Exception
 
void requestAuthorizationCodeFail2 (final String userId, final String userSecret, final String redirectUris, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationCodeFail3 (final String redirectUri) throws Exception
 
void requestAuthorizationCodeFail4 (final String userId, final String userSecret, final String redirectUris, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationToken (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenFail1 (final String userId, final String userSecret, final String redirectUri) throws Exception
 
void requestAuthorizationTokenFail2 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenIdToken (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenIdTokenUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationCodeIdToken (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationCodeIdTokenUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenCode (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenCodeUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenCodeIdToken (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationTokenCodeIdTokenUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdToken (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationWithoutScope (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptNoneTrustedClient (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptNoneFail (final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptLogin (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptConsent (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptConsentTrustedClient (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptLoginConsent (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptLoginConsentTrustedClient (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationPromptNoneLoginConsentFail (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationCodeWithoutRedirectUri (final String redirectUri, final String userId, final String userSecret) throws Exception
 
void requestAuthorizationCodeWithoutRedirectUriUserBasicAuth (final String redirectUri, final String userId, final String userSecret) throws Exception
 
void requestAuthorizationCodeWithoutRedirectUriFail (final String redirectUris, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationAccessToken (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationAccessTokenUserBasicAuth (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationAccessTokenFail (final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationDenyAccessThenGrantAccess (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationForOpenIdScopeAndPairwiseId (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationUILocales (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationObjectUILocales (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void initTestSuite (ITestContext context) throws FileNotFoundException, IOException
 
WebDriver getDriver ()
 
void setDriver (WebDriver driver)
 
String getAuthorizationEndpoint ()
 
void setAuthorizationEndpoint (String authorizationEndpoint)
 
String getTokenEndpoint ()
 
void setTokenEndpoint (String tokenEndpoint)
 
String getUserInfoEndpoint ()
 
void setUserInfoEndpoint (String userInfoEndpoint)
 
String getClientInfoEndpoint ()
 
void setClientInfoEndpoint (String clientInfoEndpoint)
 
String getCheckSessionIFrame ()
 
void setCheckSessionIFrame (String checkSessionIFrame)
 
String getEndSessionEndpoint ()
 
void setEndSessionEndpoint (String endSessionEndpoint)
 
String getJwksUri ()
 
void setJwksUri (String jwksUri)
 
String getRegistrationEndpoint ()
 
void setRegistrationEndpoint (String registrationEndpoint)
 
String getIntrospectionEndpoint ()
 
void setIntrospectionEndpoint (String p_introspectionEndpoint)
 
Map< String, List< String > > getScopeToClaimsMapping ()
 
void setScopeToClaimsMapping (Map< String, List< String >> p_scopeToClaimsMapping)
 
String getIdGenEndpoint ()
 
void setIdGenEndpoint (String p_idGenEndpoint)
 
String getConfigurationEndpoint ()
 
void setConfigurationEndpoint (String configurationEndpoint)
 
void startSelenium ()
 
void stopSelenium ()
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver, int authzSteps)
 
AuthorizationResponse authenticateResourceOwnerAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
 
AuthorizationResponse authorizationRequestAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
AuthorizationResponse authorizationRequestAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
AuthorizationResponse authenticateResourceOwner (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)
 
String waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest, boolean cleanupCookies)
 
String waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
void discovery (ITestContext context) throws Exception
 
void showTitle (String title)
 
void showTitle (String title)
 
void showEntity (String entity)
 
void showResponse (String title, Response response)
 

静的公開メンバ関数

static void showClient (BaseClient client)
 
static void showClient (BaseClient client, CookieStore cookieStore)
 
static void showClientUserAgent (BaseClient client)
 
static void assertErrorResponse (BaseResponseWithErrors p_response, IErrorType p_errorType)
 
static DefaultHttpClient createHttpClient ()
 
static DefaultHttpClient createHttpClient (HostnameVerifierType p_verifierType)
 
static ClientExecutor clientExecutor () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static ClientExecutor clientExecutor (boolean trustAll) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static HttpClient createHttpClientTrustAll () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static void showResponse (String title, Response response, Object entity)
 
static void fails (Throwable e)
 
static void output (String p_msg)
 
static Archive<?> createDeployment ()
 

静的公開変数類

static FileConfiguration testData
 

限定公開変数類

WebDriver driver
 
String authorizationEndpoint
 
String authorizationPageEndpoint
 
String gluuConfigurationEndpoint
 
String tokenEndpoint
 
String userInfoEndpoint
 
String clientInfoEndpoint
 
String checkSessionIFrame
 
String endSessionEndpoint
 
String jwksUri
 
String registrationEndpoint
 
String configurationEndpoint
 
String idGenEndpoint
 
String introspectionEndpoint
 
Map< String, List< String > > scopeToClaimsMapping
 

詳解

Functional tests for Authorize Web Services (HTTP)

著者
Javier Rojas Blum
バージョン
August 29, 2018

関数詳解

◆ assertErrorResponse()

static void org.xdi.oxauth.BaseTest.assertErrorResponse ( BaseResponseWithErrors  p_response,
IErrorType  p_errorType 
)
inlinestaticinherited
787  {
788  assertEquals(p_response.getStatus(), 400, "Unexpected response code. Entity: " + p_response.getEntity());
789  assertNotNull(p_response.getEntity(), "The entity is null");
790  assertEquals(p_response.getErrorType(), p_errorType);
791  assertTrue(StringUtils.isNotBlank(p_response.getErrorDescription()));
792  }
org.xdi.oxauth.client.BaseResponseWithErrors.getErrorType
T getErrorType()
Definition: BaseResponseWithErrors.java:48
org.xdi.oxauth.client.BaseResponse.getEntity
String getEntity()
Definition: BaseResponse.java:85
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.BaseResponseWithErrors.getErrorDescription
String getErrorDescription()
Definition: BaseResponseWithErrors.java:40

◆ authenticateResourceOwner()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwner ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) No authorization page.

556  {
557  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
558 
559  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
560  authorizeClient.setRequest(authorizationRequest);
561 
562  System.out.println("authenticateResourceOwner: authorizationRequestUrl:" + authorizationRequestUrl);
563  startSelenium();
564  if (cleanupCookies) {
565  System.out.println("authenticateResourceOwner: Cleaning cookies");
566  deleteAllCookies();
567  }
568 // try {
569  driver.navigate().to(authorizationRequestUrl);
570 // } catch (WebDriverException ex) {
571 // if (ex.getCause() instanceof ScriptException) {
572 // System.out.println("authenticateResourceOwner: Script error: " + ex.getMessage());
573 // } else {
574 // throw ex;
575 // }
576 // }
577 
578  if (userSecret != null) {
579  if (userId != null) {
580  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
581  usernameElement.sendKeys(userId);
582  }
583 
584  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
585  passwordElement.sendKeys(userSecret);
586 
587  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
588 
589  loginButton.click();
590  }
591 
592  String authorizationResponseStr = driver.getCurrentUrl();
593 
594  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
595  String sessionState = null;
596  if (sessionStateCookie != null) {
597  sessionState = sessionStateCookie.getValue();
598  }
599  System.out.println("authenticateResourceOwner: sessionState:" + sessionState);
600 
601  stopSelenium();
602 
603  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
604  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
605  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
606  }
607  authorizeClient.setResponse(authorizationResponse);
608  showClientUserAgent(authorizeClient);
609 
610  return authorizationResponse;
611  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.deleteAllCookies
void deleteAllCookies()
Definition: BaseTest.java:661
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authenticateResourceOwnerAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndDenyAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret 
)
inlineinherited
408  {
409  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
410 
411  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
412  authorizeClient.setRequest(authorizationRequest);
413 
414  System.out.println("authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
415  startSelenium();
416  driver.navigate().to(authorizationRequestUrl);
417 
418  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
419  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
420  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
421 
422  if (userId != null) {
423  usernameElement.sendKeys(userId);
424  }
425  passwordElement.sendKeys(userSecret);
426  loginButton.click();
427 
428  String authorizationResponseStr = driver.getCurrentUrl();
429 
430  WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
431 
432  final String previousURL = driver.getCurrentUrl();
433  doNotAllowButton.click();
434  WebDriverWait wait = new WebDriverWait(driver, 10);
435  wait.until(new ExpectedCondition<Boolean>() {
436  public Boolean apply(WebDriver d) {
437  return (d.getCurrentUrl() != previousURL);
438  }
439  });
440 
441  authorizationResponseStr = driver.getCurrentUrl();
442 
443  Cookie sessionIdCookie = driver.manage().getCookieNamed("session_id");
444  String sessionId = null;
445  if (sessionIdCookie != null) {
446  sessionId = sessionIdCookie.getValue();
447  }
448  System.out.println("authenticateResourceOwnerAndDenyAccess: sessionId:" + sessionId);
449 
450  stopSelenium();
451 
452  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
453  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
454  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
455  }
456  authorizationResponse.setSessionId(sessionId);
457  authorizeClient.setResponse(authorizationResponse);
458  showClientUserAgent(authorizeClient);
459 
460  return authorizationResponse;
461  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.AuthorizationResponse.setSessionId
void setSessionId(String p_sessionId)
Definition: AuthorizationResponse.java:212
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authenticateResourceOwnerAndGrantAccess() [1/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

253  {
254  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, true);
255  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [2/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

262  {
263  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, false);
264  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [3/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies,
boolean  useNewDriver 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

272  {
273  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, useNewDriver, 1);
274  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [4/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies,
boolean  useNewDriver,
int  authzSteps 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

282  {
283  WebDriver currentDriver = initWebDriver(useNewDriver, cleanupCookies);
284 
285  AuthorizeClient authorizeClient = processAuthentication(currentDriver, authorizeUrl, authorizationRequest,
286  userId, userSecret);
287 
288  int remainAuthzSteps = authzSteps;
289 
290  String authorizationResponseStr = null;
291  do {
292  authorizationResponseStr = acceptAuthorization(currentDriver);
293  remainAuthzSteps--;
294  } while (remainAuthzSteps >= 1);
295 
296  AuthorizationResponse authorizationResponse = buildAuthorizationResponse(authorizationRequest, useNewDriver,
297  currentDriver, authorizeClient, authorizationResponseStr);
298 
299  stopWebDriver(useNewDriver, currentDriver);
300 
301  return authorizationResponse;
302  }
org.xdi.oxauth.BaseTest.buildAuthorizationResponse
AuthorizationResponse buildAuthorizationResponse(AuthorizationRequest authorizationRequest, boolean useNewDriver, WebDriver currentDriver, AuthorizeClient authorizeClient, String authorizationResponseStr)
Definition: BaseTest.java:387
org.xdi.oxauth.BaseTest.acceptAuthorization
String acceptAuthorization(WebDriver currentDriver)
Definition: BaseTest.java:358
org.xdi.oxauth.BaseTest.processAuthentication
AuthorizeClient processAuthentication(WebDriver currentDriver, String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:330
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.BaseTest.initWebDriver
WebDriver initWebDriver(boolean useNewDriver, boolean cleanupCookies)
Definition: BaseTest.java:304
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.BaseTest.stopWebDriver
void stopWebDriver(boolean useNewDriver, WebDriver currentDriver)
Definition: BaseTest.java:321

◆ authorizationRequestAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndDenyAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited
509  {
510  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
511 
512  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
513  authorizeClient.setRequest(authorizationRequest);
514 
515  System.out.println("authorizationRequestAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
516  startSelenium();
517  driver.navigate().to(authorizationRequestUrl);
518 
519  WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
520 
521  final String previousURL = driver.getCurrentUrl();
522  doNotAllowButton.click();
523  WebDriverWait wait = new WebDriverWait(driver, 10);
524  wait.until(new ExpectedCondition<Boolean>() {
525  public Boolean apply(WebDriver d) {
526  return (d.getCurrentUrl() != previousURL);
527  }
528  });
529 
530  String authorizationResponseStr = driver.getCurrentUrl();
531 
532  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
533  String sessionState = null;
534  if (sessionStateCookie != null) {
535  sessionState = sessionStateCookie.getValue();
536  }
537  System.out.println("authorizationRequestAndDenyAccess: sessionState:" + sessionState);
538 
539  stopSelenium();
540 
541  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
542  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
543  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
544  }
545  authorizeClient.setResponse(authorizationResponse);
546  showClientUserAgent(authorizeClient);
547 
548  return authorizationResponse;
549  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authorizationRequestAndGrantAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited
464  {
465  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
466 
467  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
468  authorizeClient.setRequest(authorizationRequest);
469 
470  System.out.println("authorizationRequestAndGrantAccess: authorizationRequestUrl:" + authorizationRequestUrl);
471  startSelenium();
472  driver.navigate().to(authorizationRequestUrl);
473 
474  String authorizationResponseStr = driver.getCurrentUrl();
475 
476  WebElement allowButton = driver.findElement(By.id(authorizeFormAllowButton));
477 
478  final String previousURL = driver.getCurrentUrl();
479  allowButton.click();
480  WebDriverWait wait = new WebDriverWait(driver, 10);
481  wait.until(new ExpectedCondition<Boolean>() {
482  public Boolean apply(WebDriver d) {
483  return (d.getCurrentUrl() != previousURL);
484  }
485  });
486 
487  authorizationResponseStr = driver.getCurrentUrl();
488 
489  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
490  String sessionState = null;
491  if (sessionStateCookie != null) {
492  sessionState = sessionStateCookie.getValue();
493  }
494  System.out.println("authorizationRequestAndGrantAccess: sessionState:" + sessionState);
495 
496  stopSelenium();
497 
498  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
499  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
500  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
501  }
502  authorizeClient.setResponse(authorizationResponse);
503  showClientUserAgent(authorizeClient);
504 
505  return authorizationResponse;
506  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783
org.xdi.oxauth.BaseTest.authorizeFormAllowButton
String authorizeFormAllowButton
Definition: BaseTest.java:91

◆ clientExecutor() [1/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
822  {
823  return clientExecutor(false);
824  }
org.xdi.oxauth.BaseTest.clientExecutor
static ClientExecutor clientExecutor()
Definition: BaseTest.java:822

◆ clientExecutor() [2/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( boolean  trustAll) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
826  {
827  if (trustAll) {
828  return new ApacheHttpClient4Executor(createHttpClientTrustAll());
829  }
830  return ClientRequest.getDefaultExecutor();
831  }
org.xdi.oxauth.BaseTest.createHttpClientTrustAll
static HttpClient createHttpClientTrustAll()
Definition: BaseTest.java:833

◆ createDeployment()

static Archive<?> org.xdi.oxauth.ConfigurableTest.createDeployment ( )
inlinestaticinherited
40  {
41  return Deployments.createDeployment();
42  }

◆ createHttpClient() [1/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( )
inlinestaticinherited
794  {
795  return createHttpClient(HostnameVerifierType.DEFAULT);
796  }
org.xdi.oxauth.BaseTest.createHttpClient
static DefaultHttpClient createHttpClient()
Definition: BaseTest.java:794

◆ createHttpClient() [2/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( HostnameVerifierType  p_verifierType)
inlinestaticinherited
798  {
799  if (p_verifierType != null && p_verifierType != HostnameVerifierType.DEFAULT) {
800  switch (p_verifierType) {
801  case ALLOW_ALL:
802  HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
803 
804  DefaultHttpClient client = new DefaultHttpClient();
805 
806  SchemeRegistry registry = new SchemeRegistry();
807  SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
808  socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
809  registry.register(new Scheme("https", socketFactory, 443));
810  SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
811 
812  // Set verifier
813  HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
814  return new DefaultHttpClient(mgr, client.getParams());
815  case DEFAULT:
816  return new DefaultHttpClient();
817  }
818  }
819  return new DefaultHttpClient();
820  }

◆ createHttpClientTrustAll()

static HttpClient org.xdi.oxauth.BaseTest.createHttpClientTrustAll ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
833  {
834  SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() {
835  @Override
836  public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
837  return true;
838  }
839  }, new AllowAllHostnameVerifier());
840 
841  SchemeRegistry registry = new SchemeRegistry();
842  registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));
843  registry.register(new Scheme("https", 443, sf));
844  ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);
845  return new DefaultHttpClient(ccm);
846  }

◆ discovery()

void org.xdi.oxauth.BaseTest.discovery ( ITestContext  context) throws Exception
inlineinherited
670  {
671  // Load Form Interaction
672  loginFormUsername = context.getCurrentXmlTest().getParameter("loginFormUsername");
673  loginFormPassword = context.getCurrentXmlTest().getParameter("loginFormPassword");
674  loginFormLoginButton = context.getCurrentXmlTest().getParameter("loginFormLoginButton");
675  authorizeFormAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormAllowButton");
676  authorizeFormDoNotAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormDoNotAllowButton");
677 
678  String resource = context.getCurrentXmlTest().getParameter("swdResource");
679 
680  if (StringUtils.isNotBlank(resource)) {
681 
682  showTitle("OpenID Connect Discovery");
683 
684  OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
685  OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(clientExecutor(true));
686 
687  showClient(openIdConnectDiscoveryClient);
688  assertEquals(openIdConnectDiscoveryResponse.getStatus(), 200, "Unexpected response code");
689  assertNotNull(openIdConnectDiscoveryResponse.getSubject());
690  assertTrue(openIdConnectDiscoveryResponse.getLinks().size() > 0);
691 
692  configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() +
693  "/.well-known/openid-configuration";
694 
695  System.out.println("OpenID Connect Configuration");
696 
697  OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
698  client.setExecutor(clientExecutor(true));
699  OpenIdConfigurationResponse response = client.execOpenIdConfiguration();
700 
701  showClient(client);
702  assertEquals(response.getStatus(), 200, "Unexpected response code");
703  assertNotNull(response.getIssuer(), "The issuer is null");
704  assertNotNull(response.getAuthorizationEndpoint(), "The authorizationEndpoint is null");
705  assertNotNull(response.getTokenEndpoint(), "The tokenEndpoint is null");
706  assertNotNull(response.getUserInfoEndpoint(), "The userInfoEndPoint is null");
707  assertNotNull(response.getJwksUri(), "The jwksUri is null");
708  assertNotNull(response.getRegistrationEndpoint(), "The registrationEndpoint is null");
709 
710  assertTrue(response.getScopesSupported().size() > 0, "The scopesSupported is empty");
711  assertTrue(response.getScopeToClaimsMapping().size() > 0, "The scope to claims mapping is empty");
712  assertTrue(response.getResponseTypesSupported().size() > 0, "The responseTypesSupported is empty");
713  assertTrue(response.getGrantTypesSupported().size() > 0, "The grantTypesSupported is empty");
714  assertTrue(response.getAcrValuesSupported().size() >= 0, "The acrValuesSupported is empty");
715  assertTrue(response.getSubjectTypesSupported().size() > 0, "The subjectTypesSupported is empty");
716  assertTrue(response.getIdTokenSigningAlgValuesSupported().size() > 0, "The idTokenSigningAlgValuesSupported is empty");
717  assertTrue(response.getRequestObjectSigningAlgValuesSupported().size() > 0, "The requestObjectSigningAlgValuesSupported is empty");
718  assertTrue(response.getTokenEndpointAuthMethodsSupported().size() > 0, "The tokenEndpointAuthMethodsSupported is empty");
719  assertTrue(response.getClaimsSupported().size() > 0, "The claimsSupported is empty");
720 
721  authorizationEndpoint = response.getAuthorizationEndpoint();
722  tokenEndpoint = response.getTokenEndpoint();
723  userInfoEndpoint = response.getUserInfoEndpoint();
724  clientInfoEndpoint = response.getClientInfoEndpoint();
725  checkSessionIFrame = response.getCheckSessionIFrame();
726  endSessionEndpoint = response.getEndSessionEndpoint();
727  jwksUri = response.getJwksUri();
728  registrationEndpoint = response.getRegistrationEndpoint();
729  idGenEndpoint = response.getIdGenerationEndpoint();
730  introspectionEndpoint = response.getIntrospectionEndpoint();
731  scopeToClaimsMapping = response.getScopeToClaimsMapping();
732  gluuConfigurationEndpoint = determineGluuConfigurationEndpoint(openIdConnectDiscoveryResponse.getLinks().get(0).getHref());
733  } else {
734  showTitle("Loading configuration endpoints from properties file");
735 
736  authorizationEndpoint = context.getCurrentXmlTest().getParameter("authorizationEndpoint");
737  tokenEndpoint = context.getCurrentXmlTest().getParameter("tokenEndpoint");
738  userInfoEndpoint = context.getCurrentXmlTest().getParameter("userInfoEndpoint");
739  clientInfoEndpoint = context.getCurrentXmlTest().getParameter("clientInfoEndpoint");
740  checkSessionIFrame = context.getCurrentXmlTest().getParameter("checkSessionIFrame");
741  endSessionEndpoint = context.getCurrentXmlTest().getParameter("endSessionEndpoint");
742  jwksUri = context.getCurrentXmlTest().getParameter("jwksUri");
743  registrationEndpoint = context.getCurrentXmlTest().getParameter("registrationEndpoint");
744  configurationEndpoint = context.getCurrentXmlTest().getParameter("configurationEndpoint");
745  idGenEndpoint = context.getCurrentXmlTest().getParameter("idGenEndpoint");
746  introspectionEndpoint = context.getCurrentXmlTest().getParameter("introspectionEndpoint");
747  scopeToClaimsMapping = new HashMap<String, List<String>>();
748  }
749 
750  authorizationPageEndpoint = determineAuthorizationPageEndpoint(authorizationEndpoint);
751  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIntrospectionEndpoint
String getIntrospectionEndpoint()
Definition: OpenIdConfigurationResponse.java:343
org.xdi.oxauth.client.OpenIdConfigurationResponse.getTokenEndpointAuthMethodsSupported
List< String > getTokenEndpointAuthMethodsSupported()
Definition: OpenIdConfigurationResponse.java:642
org.xdi.oxauth.BaseTest.determineAuthorizationPageEndpoint
String determineAuthorizationPageEndpoint(String authorizationEndpoint)
Definition: BaseTest.java:753
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.OpenIdConfigurationResponse.getRegistrationEndpoint
String getRegistrationEndpoint()
Definition: OpenIdConfigurationResponse.java:310
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77
org.xdi.oxauth.client.OpenIdConfigurationResponse.getCheckSessionIFrame
String getCheckSessionIFrame()
Definition: OpenIdConfigurationResponse.java:248
org.xdi.oxauth.BaseTest.authorizationPageEndpoint
String authorizationPageEndpoint
Definition: BaseTest.java:73
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIdGenerationEndpoint
String getIdGenerationEndpoint()
Definition: OpenIdConfigurationResponse.java:327
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.OpenIdConfigurationResponse.getRequestObjectSigningAlgValuesSupported
List< String > getRequestObjectSigningAlgValuesSupported()
Definition: OpenIdConfigurationResponse.java:579
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82
org.xdi.oxauth.client.OpenIdConfigurationResponse.getSubjectTypesSupported
List< String > getSubjectTypesSupported()
Definition: OpenIdConfigurationResponse.java:438
org.xdi.oxauth.client.OpenIdConfigurationResponse.getEndSessionEndpoint
String getEndSessionEndpoint()
Definition: OpenIdConfigurationResponse.java:268
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.OpenIdConfigurationResponse.getAcrValuesSupported
List< String > getAcrValuesSupported()
Definition: OpenIdConfigurationResponse.java:418
org.xdi.oxauth.client.OpenIdConfigurationResponse.getClientInfoEndpoint
String getClientInfoEndpoint()
Definition: OpenIdConfigurationResponse.java:228
org.xdi.oxauth.client.OpenIdConfigurationResponse.getGrantTypesSupported
List< String > getGrantTypesSupported()
Definition: OpenIdConfigurationResponse.java:398
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78
org.xdi.oxauth.client.BaseClient.setExecutor
void setExecutor(ClientExecutor executor)
Definition: BaseClient.java:84
org.xdi.oxauth.client.OpenIdConfigurationClient.execOpenIdConfiguration
OpenIdConfigurationResponse execOpenIdConfiguration()
Definition: OpenIdConfigurationClient.java:47
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.BaseTest.gluuConfigurationEndpoint
String gluuConfigurationEndpoint
Definition: BaseTest.java:74
org.xdi.oxauth.client.OpenIdConfigurationResponse.getScopeToClaimsMapping
Map< String, List< String > > getScopeToClaimsMapping()
Definition: OpenIdConfigurationResponse.java:136
org.xdi.oxauth.client.OpenIdConfigurationResponse.getJwksUri
String getJwksUri()
Definition: OpenIdConfigurationResponse.java:289
org.xdi.oxauth.client.OpenIdConfigurationResponse.getTokenEndpoint
String getTokenEndpoint()
Definition: OpenIdConfigurationResponse.java:192
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIdTokenSigningAlgValuesSupported
List< String > getIdTokenSigningAlgValuesSupported()
Definition: OpenIdConfigurationResponse.java:519
org.xdi.oxauth.client.OpenIdConnectDiscoveryClient
Definition: OpenIdConnectDiscoveryClient.java:29
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.OpenIdConfigurationResponse.getResponseTypesSupported
List< String > getResponseTypesSupported()
Definition: OpenIdConfigurationResponse.java:378
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse.getSubject
String getSubject()
Definition: OpenIdConnectDiscoveryResponse.java:32
org.xdi.oxauth.client.OpenIdConfigurationResponse.getScopesSupported
List< String > getScopesSupported()
Definition: OpenIdConfigurationResponse.java:360
org.xdi.oxauth.BaseTest.determineGluuConfigurationEndpoint
String determineGluuConfigurationEndpoint(String host)
Definition: BaseTest.java:757
org.xdi.oxauth.client.OpenIdConnectDiscoveryClient.exec
OpenIdConnectDiscoveryResponse exec()
Definition: OpenIdConnectDiscoveryClient.java:47
org.xdi.oxauth.client.OpenIdConfigurationResponse.getAuthorizationEndpoint
String getAuthorizationEndpoint()
Definition: OpenIdConfigurationResponse.java:174
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.OpenIdConfigurationClient
Definition: OpenIdConfigurationClient.java:27
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse.getLinks
List< WebFingerLink > getLinks()
Definition: OpenIdConnectDiscoveryResponse.java:40
org.xdi.oxauth.client.OpenIdConfigurationResponse.getClaimsSupported
List< String > getClaimsSupported()
Definition: OpenIdConfigurationResponse.java:728
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse
Definition: OpenIdConnectDiscoveryResponse.java:17
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.OpenIdConfigurationResponse.getUserInfoEndpoint
String getUserInfoEndpoint()
Definition: OpenIdConfigurationResponse.java:210
org.xdi.oxauth.client.OpenIdConfigurationResponse
Definition: OpenIdConfigurationResponse.java:26
org.xdi.oxauth.BaseTest.clientExecutor
static ClientExecutor clientExecutor()
Definition: BaseTest.java:822
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85
org.xdi.oxauth.BaseTest.authorizeFormAllowButton
String authorizeFormAllowButton
Definition: BaseTest.java:91
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIssuer
String getIssuer()
Definition: OpenIdConfigurationResponse.java:156

◆ fails()

static void org.xdi.oxauth.BaseTest.fails ( Throwable  e)
inlinestaticinherited
50  {
51  Assert.fail(e.getMessage(), e);
52  }

◆ getAuthorizationEndpoint()

String org.xdi.oxauth.BaseTest.getAuthorizationEndpoint ( )
inlineinherited
134  {
135  return authorizationEndpoint;
136  }
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72

◆ getCheckSessionIFrame()

String org.xdi.oxauth.BaseTest.getCheckSessionIFrame ( )
inlineinherited
166  {
167  return checkSessionIFrame;
168  }
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78

◆ getClientInfoEndpoint()

String org.xdi.oxauth.BaseTest.getClientInfoEndpoint ( )
inlineinherited
158  {
159  return clientInfoEndpoint;
160  }
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77

◆ getConfigurationEndpoint()

String org.xdi.oxauth.BaseTest.getConfigurationEndpoint ( )
inlineinherited
222  {
223  return configurationEndpoint;
224  }
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82

◆ getDriver()

WebDriver org.xdi.oxauth.BaseTest.getDriver ( )
inlineinherited
126  {
127  return driver;
128  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ getEndSessionEndpoint()

String org.xdi.oxauth.BaseTest.getEndSessionEndpoint ( )
inlineinherited
174  {
175  return endSessionEndpoint;
176  }
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79

◆ getIdGenEndpoint()

String org.xdi.oxauth.BaseTest.getIdGenEndpoint ( )
inlineinherited
214  {
215  return idGenEndpoint;
216  }
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83

◆ getIntrospectionEndpoint()

String org.xdi.oxauth.BaseTest.getIntrospectionEndpoint ( )
inlineinherited
198  {
199  return introspectionEndpoint;
200  }
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84

◆ getJwksUri()

String org.xdi.oxauth.BaseTest.getJwksUri ( )
inlineinherited
182  {
183  return jwksUri;
184  }
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80

◆ getRegistrationEndpoint()

String org.xdi.oxauth.BaseTest.getRegistrationEndpoint ( )
inlineinherited
190  {
191  return registrationEndpoint;
192  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81

◆ getScopeToClaimsMapping()

Map<String, List<String> > org.xdi.oxauth.BaseTest.getScopeToClaimsMapping ( )
inlineinherited
206  {
207  return scopeToClaimsMapping;
208  }
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85

◆ getTokenEndpoint()

String org.xdi.oxauth.BaseTest.getTokenEndpoint ( )
inlineinherited
142  {
143  return tokenEndpoint;
144  }
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75

◆ getUserInfoEndpoint()

String org.xdi.oxauth.BaseTest.getUserInfoEndpoint ( )
inlineinherited
150  {
151  return userInfoEndpoint;
152  }
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76

◆ initTestSuite()

void org.xdi.oxauth.BaseTest.initTestSuite ( ITestContext  context) throws FileNotFoundException, IOException
inlineinherited
95  {
96  SecurityProviderUtility.installBCProvider();
97 
98  Reporter.log("Invoked init test suite method \n", true);
99 
100  String propertiesFile = context.getCurrentXmlTest().getParameter("propertiesFile");
101  if (StringHelper.isEmpty(propertiesFile)) {
102  propertiesFile = "target/test-classes/testng.properties";
103  //propertiesFile = "U:\\own\\project\\git\\oxAuth\\Client\\src\\test\\resources\\testng_yuriy.properties";
104  //propertiesFile = "/Users/JAVIER/IdeaProjects/oxAuth/Client/target/test-classes/testng.properties";
105  }
106 
107  FileInputStream conf = new FileInputStream(propertiesFile);
108  Properties prop = new Properties();
109  prop.load(conf);
110 
111  Map<String, String> parameters = new HashMap<String, String>();
112  for (Entry<Object, Object> entry : prop.entrySet()) {
113  Object key = entry.getKey();
114  Object value = entry.getValue();
115 
116  if (StringHelper.isEmptyString(key) || StringHelper.isEmptyString(value)) {
117  continue;
118  }
119  parameters.put(key.toString(), value.toString());
120  }
121 
122  // Overrided test paramters
123  context.getSuite().getXmlSuite().setParameters(parameters);
124  }

◆ output()

static void org.xdi.oxauth.BaseTest.output ( String  p_msg)
inlinestaticinherited
54  {
55  System.out.println(p_msg);
56  }

◆ requestAuthorizationAccessToken()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationAccessToken ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2315  {
2316  showTitle("requestAuthorizationAccessToken");
2317 
2318  List<ResponseType> responseTypes = Arrays.asList(
2319  ResponseType.CODE,
2320  ResponseType.TOKEN,
2321  ResponseType.ID_TOKEN);
2322 
2323  // 1. Register client
2324  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2325  StringUtils.spaceSeparatedToList(redirectUris));
2326  registerRequest.setResponseTypes(responseTypes);
2327  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2328 
2329  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2330  registerClient.setRequest(registerRequest);
2331  RegisterResponse registerResponse = registerClient.exec();
2332 
2333  showClient(registerClient);
2334  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2335  assertNotNull(registerResponse.getClientId());
2336  assertNotNull(registerResponse.getClientSecret());
2337  assertNotNull(registerResponse.getRegistrationAccessToken());
2338  assertNotNull(registerResponse.getClientIdIssuedAt());
2339  assertNotNull(registerResponse.getClientSecretExpiresAt());
2340 
2341  String clientId = registerResponse.getClientId();
2342  String clientSecret = registerResponse.getClientSecret();
2343  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
2344  String registrationClientUri = registerResponse.getRegistrationClientUri();
2345 
2346  // 2. Client read
2347  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
2348 
2349  RegisterClient readClient = new RegisterClient(registrationClientUri);
2350  readClient.setRequest(readClientRequest);
2351  RegisterResponse readClientResponse = readClient.exec();
2352 
2353  showClient(readClient);
2354  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2355  assertNotNull(readClientResponse.getClientId());
2356  assertNotNull(readClientResponse.getClientSecret());
2357  assertNotNull(readClientResponse.getClientIdIssuedAt());
2358  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2359 
2360  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2361  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2362  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2363  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2364  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2365  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2366 
2367  // 3. Request authorization
2368  responseTypes = Arrays.asList(
2369  ResponseType.TOKEN,
2370  ResponseType.ID_TOKEN);
2371 
2372  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2373  String nonce = UUID.randomUUID().toString();
2374  String state = UUID.randomUUID().toString();
2375 
2376  AuthorizationRequest authorizationRequest1 = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2377  authorizationRequest1.setState(state);
2378  authorizationRequest1.setNonce(nonce);
2379 
2380  AuthorizationResponse authorizationResponse1 = authenticateResourceOwnerAndGrantAccess(
2381  authorizationEndpoint, authorizationRequest1, userId, userSecret);
2382 
2383  assertNotNull(authorizationResponse1.getLocation(), "The location is null");
2384  assertNotNull(authorizationResponse1.getAccessToken(), "The access token is null");
2385  assertNotNull(authorizationResponse1.getState(), "The state is null");
2386  assertNotNull(authorizationResponse1.getTokenType(), "The token type is null");
2387  assertNotNull(authorizationResponse1.getExpiresIn(), "The expires in value is null");
2388  assertNotNull(authorizationResponse1.getScope(), "The scope must be null");
2389 
2390  String accessToken = authorizationResponse1.getAccessToken();
2391 
2392  // 4. Downstream client may be authorized by oxAuth presenting the access token and client credentials
2393  responseTypes = Arrays.asList(
2394  ResponseType.CODE,
2395  ResponseType.ID_TOKEN);
2396 
2397  nonce = UUID.randomUUID().toString();
2398  state = UUID.randomUUID().toString();
2399 
2400  AuthorizationRequest authorizationRequest2 = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2401  authorizationRequest2.setAccessToken(accessToken);
2402  authorizationRequest2.setState(state);
2403  authorizationRequest2.getPrompts().add(Prompt.NONE);
2404 
2405  AuthorizeClient authorizeClient2 = new AuthorizeClient(authorizationEndpoint);
2406  authorizeClient2.setRequest(authorizationRequest2);
2407  AuthorizationResponse authorizationResponse2 = authorizeClient2.exec();
2408 
2409  showClient(authorizeClient2);
2410  assertEquals(authorizationResponse2.getStatus(), 302, "Unexpected response code: " + authorizationResponse2.getStatus());
2411  assertNotNull(authorizationResponse2.getLocation(), "The location is null");
2412  assertNotNull(authorizationResponse2.getCode(), "The authorization code is null");
2413  assertNotNull(authorizationResponse2.getState(), "The state is null");
2414  assertNotNull(authorizationResponse2.getScope(), "The scope is null");
2415 
2416  String authorizationCode = authorizationResponse2.getCode();
2417 
2418  // 5. Request access token using the authorization code.
2419  TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
2420  tokenRequest.setCode(authorizationCode);
2421  tokenRequest.setRedirectUri(redirectUri);
2422  tokenRequest.setAuthUsername(clientId);
2423  tokenRequest.setAuthPassword(clientSecret);
2424  tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
2425 
2426  TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
2427  tokenClient1.setRequest(tokenRequest);
2428  TokenResponse response3 = tokenClient1.exec();
2429 
2430  showClient(tokenClient1);
2431  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2432  assertNotNull(response3.getEntity(), "The entity is null");
2433  assertNotNull(response3.getAccessToken(), "The access token is null");
2434  assertNotNull(response3.getExpiresIn(), "The expires in value is null");
2435  assertNotNull(response3.getTokenType(), "The token type is null");
2436  assertNotNull(response3.getRefreshToken(), "The refresh token is null");
2437  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.common.AuthenticationMethod.CLIENT_SECRET_BASIC
CLIENT_SECRET_BASIC
Definition: AuthenticationMethod.java:18
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationRequest.setNonce
void setNonce(String nonce)
Definition: AuthorizationRequest.java:245
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.TokenClient
Definition: TokenClient.java:24
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.TokenResponse.getTokenType
TokenType getTokenType()
Definition: TokenResponse.java:107
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.AuthorizationResponse.getExpiresIn
Integer getExpiresIn()
Definition: AuthorizationResponse.java:257
org.xdi.oxauth.model.common.GrantType
Definition: GrantType.java:23
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75
org.xdi.oxauth.client.TokenRequest
Definition: TokenRequest.java:34
org.xdi.oxauth.client.TokenRequest.setRedirectUri
void setRedirectUri(String redirectUri)
Definition: TokenRequest.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.AuthorizationRequest.setAccessToken
void setAccessToken(String accessToken)
Definition: AuthorizationRequest.java:423
org.xdi.oxauth.client.TokenResponse.getExpiresIn
Integer getExpiresIn()
Definition: TokenResponse.java:125
org.xdi.oxauth.model.common.GrantType.AUTHORIZATION_CODE
AUTHORIZATION_CODE
Definition: GrantType.java:33
org.xdi.oxauth.client.TokenResponse.getAccessToken
String getAccessToken()
Definition: TokenResponse.java:89
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.TokenResponse
Definition: TokenResponse.java:22
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.client.TokenClient.exec
TokenResponse exec()
Definition: TokenClient.java:218
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseRequest.setAuthenticationMethod
void setAuthenticationMethod(AuthenticationMethod authenticationMethod)
Definition: BaseRequest.java:78
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.TokenRequest.setCode
void setCode(String code)
Definition: TokenRequest.java:143
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.common.AuthenticationMethod
Definition: AuthenticationMethod.java:12
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.TokenResponse.getRefreshToken
String getRefreshToken()
Definition: TokenResponse.java:144
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationAccessTokenFail()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationAccessTokenFail ( final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2569  {
2570  showTitle("requestAuthorizationAccessTokenFail");
2571 
2572  List<ResponseType> responseTypes = Arrays.asList(
2573  ResponseType.CODE,
2574  ResponseType.ID_TOKEN);
2575 
2576  // 1. Register client
2577  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2578  StringUtils.spaceSeparatedToList(redirectUris));
2579  registerRequest.setResponseTypes(responseTypes);
2580  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2581 
2582  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2583  registerClient.setRequest(registerRequest);
2584  RegisterResponse registerResponse = registerClient.exec();
2585 
2586  showClient(registerClient);
2587  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2588  assertNotNull(registerResponse.getClientId());
2589  assertNotNull(registerResponse.getClientSecret());
2590  assertNotNull(registerResponse.getRegistrationAccessToken());
2591  assertNotNull(registerResponse.getClientIdIssuedAt());
2592  assertNotNull(registerResponse.getClientSecretExpiresAt());
2593 
2594  String clientId = registerResponse.getClientId();
2595  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
2596  String registrationClientUri = registerResponse.getRegistrationClientUri();
2597 
2598  // 2. Client read
2599  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
2600 
2601  RegisterClient readClient = new RegisterClient(registrationClientUri);
2602  readClient.setRequest(readClientRequest);
2603  RegisterResponse readClientResponse = readClient.exec();
2604 
2605  showClient(readClient);
2606  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2607  assertNotNull(readClientResponse.getClientId());
2608  assertNotNull(readClientResponse.getClientSecret());
2609  assertNotNull(readClientResponse.getClientIdIssuedAt());
2610  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2611 
2612  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2613  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2614  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2615  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2616  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2617  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2618 
2619  // 3. Request authorization
2620  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2621  String nonce = null;
2622  String state = UUID.randomUUID().toString();
2623 
2624  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2625  request.setAccessToken("INVALID_ACCESS_TOKEN");
2626  request.setState(state);
2627  request.getPrompts().add(Prompt.NONE);
2628 
2629  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2630  authorizeClient.setRequest(request);
2631  AuthorizationResponse response = authorizeClient.exec();
2632 
2633  showClient(authorizeClient);
2634  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
2635  assertNotNull(response.getLocation(), "The location is null");
2636  assertNotNull(response.getErrorType(), "The error type is null");
2637  assertNotNull(response.getErrorDescription(), "The error description is null");
2638  assertNotNull(response.getState(), "The state is null");
2639  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.AuthorizationRequest.setAccessToken
void setAccessToken(String accessToken)
Definition: AuthorizationRequest.java:423
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationAccessTokenUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationAccessTokenUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2443  {
2444  showTitle("requestAuthorizationAccessTokenUserBasicAuth");
2445 
2446  List<ResponseType> responseTypes = Arrays.asList(
2447  ResponseType.CODE,
2448  ResponseType.TOKEN,
2449  ResponseType.ID_TOKEN);
2450 
2451  // 1. Register client
2452  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2453  StringUtils.spaceSeparatedToList(redirectUris));
2454  registerRequest.setResponseTypes(responseTypes);
2455  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2456 
2457  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2458  registerClient.setRequest(registerRequest);
2459  RegisterResponse registerResponse = registerClient.exec();
2460 
2461  showClient(registerClient);
2462  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2463  assertNotNull(registerResponse.getClientId());
2464  assertNotNull(registerResponse.getClientSecret());
2465  assertNotNull(registerResponse.getRegistrationAccessToken());
2466  assertNotNull(registerResponse.getClientIdIssuedAt());
2467  assertNotNull(registerResponse.getClientSecretExpiresAt());
2468 
2469  String clientId = registerResponse.getClientId();
2470  String clientSecret = registerResponse.getClientSecret();
2471  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
2472  String registrationClientUri = registerResponse.getRegistrationClientUri();
2473 
2474  // 2. Client read
2475  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
2476 
2477  RegisterClient readClient = new RegisterClient(registrationClientUri);
2478  readClient.setRequest(readClientRequest);
2479  RegisterResponse readClientResponse = readClient.exec();
2480 
2481  showClient(readClient);
2482  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2483  assertNotNull(readClientResponse.getClientId());
2484  assertNotNull(readClientResponse.getClientSecret());
2485  assertNotNull(readClientResponse.getClientIdIssuedAt());
2486  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2487 
2488  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2489  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2490  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2491  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2492  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2493  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2494 
2495  // 3. Request authorization
2496  responseTypes = Arrays.asList(
2497  ResponseType.TOKEN,
2498  ResponseType.ID_TOKEN);
2499 
2500  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2501  String nonce = UUID.randomUUID().toString();
2502  String state = UUID.randomUUID().toString();
2503 
2504  AuthorizationRequest authorizationRequest1 = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2505  authorizationRequest1.setState(state);
2506 
2507  AuthorizationResponse authorizationResponse1 = authenticateResourceOwnerAndGrantAccess(
2508  authorizationEndpoint, authorizationRequest1, userId, userSecret);
2509 
2510  assertNotNull(authorizationResponse1.getLocation(), "The location is null");
2511  assertNotNull(authorizationResponse1.getAccessToken(), "The access token is null");
2512  assertNotNull(authorizationResponse1.getState(), "The state is null");
2513  assertNotNull(authorizationResponse1.getTokenType(), "The token type is null");
2514  assertNotNull(authorizationResponse1.getExpiresIn(), "The expires in value is null");
2515  assertNotNull(authorizationResponse1.getScope(), "The scope must be null");
2516 
2517  String accessToken = authorizationResponse1.getAccessToken();
2518 
2519  // 4. Downstream client may be authorized by oxAuth presenting the access token and client credentials
2520  responseTypes = Arrays.asList(
2521  ResponseType.CODE,
2522  ResponseType.ID_TOKEN);
2523 
2524  nonce = UUID.randomUUID().toString();
2525  state = UUID.randomUUID().toString();
2526 
2527  AuthorizationRequest authorizationRequest2 = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2528  authorizationRequest2.setAccessToken(accessToken);
2529  authorizationRequest2.setState(state);
2530  authorizationRequest2.getPrompts().add(Prompt.NONE);
2531 
2532  AuthorizeClient authorizeClient2 = new AuthorizeClient(authorizationEndpoint);
2533  authorizeClient2.setRequest(authorizationRequest2);
2534  AuthorizationResponse authorizationResponse2 = authorizeClient2.exec();
2535 
2536  showClient(authorizeClient2);
2537  assertEquals(authorizationResponse2.getStatus(), 302, "Unexpected response code: " + authorizationResponse2.getStatus());
2538  assertNotNull(authorizationResponse2.getLocation(), "The location is null");
2539  assertNotNull(authorizationResponse2.getCode(), "The authorization code is null");
2540  assertNotNull(authorizationResponse2.getState(), "The state is null");
2541  assertNotNull(authorizationResponse2.getScope(), "The scope is null");
2542 
2543  String authorizationCode = authorizationResponse2.getCode();
2544 
2545  // 5. Request access token using the authorization code.
2546  TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
2547  tokenRequest.setCode(authorizationCode);
2548  tokenRequest.setRedirectUri(redirectUri);
2549  tokenRequest.setAuthUsername(clientId);
2550  tokenRequest.setAuthPassword(clientSecret);
2551  tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
2552 
2553  TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
2554  tokenClient1.setRequest(tokenRequest);
2555  TokenResponse response3 = tokenClient1.exec();
2556 
2557  showClient(tokenClient1);
2558  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2559  assertNotNull(response3.getEntity(), "The entity is null");
2560  assertNotNull(response3.getAccessToken(), "The access token is null");
2561  assertNotNull(response3.getExpiresIn(), "The expires in value is null");
2562  assertNotNull(response3.getTokenType(), "The token type is null");
2563  assertNotNull(response3.getRefreshToken(), "The refresh token is null");
2564  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.common.AuthenticationMethod.CLIENT_SECRET_BASIC
CLIENT_SECRET_BASIC
Definition: AuthenticationMethod.java:18
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.TokenClient
Definition: TokenClient.java:24
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.TokenResponse.getTokenType
TokenType getTokenType()
Definition: TokenResponse.java:107
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.AuthorizationResponse.getExpiresIn
Integer getExpiresIn()
Definition: AuthorizationResponse.java:257
org.xdi.oxauth.model.common.GrantType
Definition: GrantType.java:23
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75
org.xdi.oxauth.client.TokenRequest
Definition: TokenRequest.java:34
org.xdi.oxauth.client.TokenRequest.setRedirectUri
void setRedirectUri(String redirectUri)
Definition: TokenRequest.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.AuthorizationRequest.setAccessToken
void setAccessToken(String accessToken)
Definition: AuthorizationRequest.java:423
org.xdi.oxauth.client.TokenResponse.getExpiresIn
Integer getExpiresIn()
Definition: TokenResponse.java:125
org.xdi.oxauth.model.common.GrantType.AUTHORIZATION_CODE
AUTHORIZATION_CODE
Definition: GrantType.java:33
org.xdi.oxauth.client.TokenResponse.getAccessToken
String getAccessToken()
Definition: TokenResponse.java:89
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.TokenResponse
Definition: TokenResponse.java:22
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.client.TokenClient.exec
TokenResponse exec()
Definition: TokenClient.java:218
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseRequest.setAuthenticationMethod
void setAuthenticationMethod(AuthenticationMethod authenticationMethod)
Definition: BaseRequest.java:78
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.TokenRequest.setCode
void setCode(String code)
Definition: TokenRequest.java:143
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.common.AuthenticationMethod
Definition: AuthenticationMethod.java:12
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.TokenResponse.getRefreshToken
String getRefreshToken()
Definition: TokenResponse.java:144
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCode()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCode ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
48  {
49  showTitle("requestAuthorizationCode");
50 
51  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
52 
53  // 1. Register client
54  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
55  StringUtils.spaceSeparatedToList(redirectUris));
56  registerRequest.setResponseTypes(responseTypes);
57  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
58 
59  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
60  registerClient.setRequest(registerRequest);
61  RegisterResponse registerResponse = registerClient.exec();
62 
63  showClient(registerClient);
64  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
65  assertNotNull(registerResponse.getClientId());
66  assertNotNull(registerResponse.getClientSecret());
67  assertNotNull(registerResponse.getRegistrationAccessToken());
68  assertNotNull(registerResponse.getClientIdIssuedAt());
69  assertNotNull(registerResponse.getClientSecretExpiresAt());
70 
71  String clientId = registerResponse.getClientId();
72  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
73  String registrationClientUri = registerResponse.getRegistrationClientUri();
74 
75  // 2. Client read
76  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
77 
78  RegisterClient readClient = new RegisterClient(registrationClientUri);
79  readClient.setRequest(readClientRequest);
80  RegisterResponse readClientResponse = readClient.exec();
81 
82  showClient(readClient);
83  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
84  assertNotNull(readClientResponse.getClientId());
85  assertNotNull(readClientResponse.getClientSecret());
86  assertNotNull(readClientResponse.getClientIdIssuedAt());
87  assertNotNull(readClientResponse.getClientSecretExpiresAt());
88 
89  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
90  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
91  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
92  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
93  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
94  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
95 
96  // 3. Request authorization and receive the authorization code.
97  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
98  String state = UUID.randomUUID().toString();
99 
100  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
101  authorizationRequest.setState(state);
102 
103  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
104  authorizationEndpoint, authorizationRequest, userId, userSecret);
105 
106  assertNotNull(authorizationResponse.getLocation(), "The location is null");
107  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
108  assertNotNull(authorizationResponse.getState(), "The state is null");
109  assertNotNull(authorizationResponse.getScope(), "The scope is null");
110  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeFail1()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeFail1 ( final String  userId,
final String  userSecret 
) throws Exception
inline
255  {
256  showTitle("requestAuthorizationCodeFail1");
257 
258  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
259 
260  AuthorizationRequest request = new AuthorizationRequest(responseTypes, null, null, null, null);
261  request.setAuthUsername(userId);
262  request.setAuthPassword(userSecret);
263 
264  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
265  authorizeClient.setRequest(request);
266  AuthorizationResponse response = authorizeClient.exec();
267 
268  showClient(authorizeClient);
269  assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getStatus());
270  assertNotNull(response.getErrorType(), "The error type is null");
271  assertNotNull(response.getErrorDescription(), "The error description is null");
272  }
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355

◆ requestAuthorizationCodeFail2()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeFail2 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  sectorIdentifierUri 
) throws Exception
inline
277  {
278  showTitle("requestAuthorizationCodeFail2");
279 
280  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
281 
282  // 1. Register client
283  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
284  StringUtils.spaceSeparatedToList(redirectUris));
285  registerRequest.setResponseTypes(responseTypes);
286  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
287 
288  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
289  registerClient.setRequest(registerRequest);
290  RegisterResponse registerResponse = registerClient.exec();
291 
292  showClient(registerClient);
293  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
294  assertNotNull(registerResponse.getClientId());
295  assertNotNull(registerResponse.getClientSecret());
296  assertNotNull(registerResponse.getRegistrationAccessToken());
297  assertNotNull(registerResponse.getClientIdIssuedAt());
298  assertNotNull(registerResponse.getClientSecretExpiresAt());
299 
300  String clientId = registerResponse.getClientId();
301  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
302  String registrationClientUri = registerResponse.getRegistrationClientUri();
303 
304  // 2. Client read
305  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
306 
307  RegisterClient readClient = new RegisterClient(registrationClientUri);
308  readClient.setRequest(readClientRequest);
309  RegisterResponse readClientResponse = readClient.exec();
310 
311  showClient(readClient);
312  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
313  assertNotNull(readClientResponse.getClientId());
314  assertNotNull(readClientResponse.getClientSecret());
315  assertNotNull(readClientResponse.getClientIdIssuedAt());
316  assertNotNull(readClientResponse.getClientSecretExpiresAt());
317 
318  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
319  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
320  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
321  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
322  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
323  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
324 
325  // 3. Request authorization
326  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
327  String state = UUID.randomUUID().toString();
328  String redirectUri = "https://INVALID_REDIRECT_URI";
329 
330  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
331  request.setState(state);
332  request.setAuthUsername(userId);
333  request.setAuthPassword(userSecret);
334  request.getPrompts().add(Prompt.NONE);
335 
336  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
337  authorizeClient.setRequest(request);
338  AuthorizationResponse response = authorizeClient.exec();
339 
340  showClient(authorizeClient);
341  assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getStatus());
342  assertNotNull(response.getErrorType(), "The error type is null");
343  assertNotNull(response.getErrorDescription(), "The error description is null");
344  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeFail3()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeFail3 ( final String  redirectUri) throws Exception
inline
348  {
349  showTitle("requestAuthorizationCodeFail3");
350 
351  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
352 
353  // 1. Request authorization with an invalid Client ID.
354  String clientId = "@!1111!0008!INVALID_VALUE";
355  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
356  String state = UUID.randomUUID().toString();
357 
358  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
359  authorizationRequest.setState(state);
360 
361  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
362  authorizeClient.setRequest(authorizationRequest);
363 
364  AuthorizationResponse authorizationResponse = authorizeClient.exec();
365 
366  showClient(authorizeClient);
367  assertEquals(authorizationResponse.getStatus(), 401, "Unexpected response code: " + authorizationResponse.getStatus());
368  assertEquals(authorizationResponse.getErrorType(), AuthorizeErrorResponseType.UNAUTHORIZED_CLIENT);
369  assertNotNull(authorizationResponse.getErrorType(), "The error type is null");
370  assertNotNull(authorizationResponse.getErrorDescription(), "The error description is null");
371  }
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.model.authorize.AuthorizeErrorResponseType
Definition: AuthorizeErrorResponseType.java:16
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.model.authorize.AuthorizeErrorResponseType.UNAUTHORIZED_CLIENT
UNAUTHORIZED_CLIENT
Definition: AuthorizeErrorResponseType.java:29

◆ requestAuthorizationCodeFail4()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeFail4 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  sectorIdentifierUri 
) throws Exception
inline
376  {
377  showTitle("requestAuthorizationCodeFail4");
378 
379  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
380 
381  // 1. Register client
382  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
383  StringUtils.spaceSeparatedToList(redirectUris));
384  registerRequest.setResponseTypes(responseTypes);
385  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
386 
387  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
388  registerClient.setRequest(registerRequest);
389  RegisterResponse registerResponse = registerClient.exec();
390 
391  showClient(registerClient);
392  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
393  assertNotNull(registerResponse.getClientId());
394  assertNotNull(registerResponse.getClientSecret());
395  assertNotNull(registerResponse.getRegistrationAccessToken());
396  assertNotNull(registerResponse.getClientIdIssuedAt());
397  assertNotNull(registerResponse.getClientSecretExpiresAt());
398 
399  String clientId = registerResponse.getClientId();
400  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
401  String registrationClientUri = registerResponse.getRegistrationClientUri();
402 
403  // 2. Client read
404  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
405 
406  RegisterClient readClient = new RegisterClient(registrationClientUri);
407  readClient.setRequest(readClientRequest);
408  RegisterResponse readClientResponse = readClient.exec();
409 
410  showClient(readClient);
411  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
412  assertNotNull(readClientResponse.getClientId());
413  assertNotNull(readClientResponse.getClientSecret());
414  assertNotNull(readClientResponse.getClientIdIssuedAt());
415  assertNotNull(readClientResponse.getClientSecretExpiresAt());
416 
417  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
418  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
419  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
420  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
421  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
422  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
423 
424  // 3. Request authorization
425  List<String> scopes = Arrays.asList("openid", "email");
426  String nonce = UUID.randomUUID().toString();
427  String redirectUri = "https://evil.com/oxLicenceAdmin";
428 
429  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
430 
431  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
432  authorizeClient.setRequest(authorizationRequest);
433 
434  AuthorizationResponse authorizationResponse = authorizeClient.exec();
435 
436  showClient(authorizeClient);
437  assertEquals(authorizationResponse.getStatus(), 400, "Unexpected response code: " + authorizationResponse.getStatus());
438  assertNotNull(authorizationResponse.getErrorType(), "The error type is null");
439  assertNotNull(authorizationResponse.getErrorDescription(), "The error description is null");
440  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeIdToken()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeIdToken ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
878  {
879  showTitle("requestAuthorizationCodeIdToken");
880 
881  List<ResponseType> responseTypes = Arrays.asList(
882  ResponseType.CODE,
883  ResponseType.ID_TOKEN);
884 
885  // 1. Register client
886  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
887  StringUtils.spaceSeparatedToList(redirectUris));
888  registerRequest.setResponseTypes(responseTypes);
889  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
890 
891  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
892  registerClient.setRequest(registerRequest);
893  RegisterResponse registerResponse = registerClient.exec();
894 
895  showClient(registerClient);
896  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
897  assertNotNull(registerResponse.getClientId());
898  assertNotNull(registerResponse.getClientSecret());
899  assertNotNull(registerResponse.getRegistrationAccessToken());
900  assertNotNull(registerResponse.getClientIdIssuedAt());
901  assertNotNull(registerResponse.getClientSecretExpiresAt());
902 
903  String clientId = registerResponse.getClientId();
904  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
905  String registrationClientUri = registerResponse.getRegistrationClientUri();
906 
907  // 2. Client read
908  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
909 
910  RegisterClient readClient = new RegisterClient(registrationClientUri);
911  readClient.setRequest(readClientRequest);
912  RegisterResponse readClientResponse = readClient.exec();
913 
914  showClient(readClient);
915  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
916  assertNotNull(readClientResponse.getClientId());
917  assertNotNull(readClientResponse.getClientSecret());
918  assertNotNull(readClientResponse.getClientIdIssuedAt());
919  assertNotNull(readClientResponse.getClientSecretExpiresAt());
920 
921  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
922  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
923  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
924  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
925  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
926  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
927 
928  // 3. Request authorization
929  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
930  String state = UUID.randomUUID().toString();
931  String nonce = UUID.randomUUID().toString();
932 
933  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
934  authorizationRequest.setState(state);
935 
936  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
937  authorizationEndpoint, authorizationRequest, userId, userSecret);
938 
939  assertNotNull(authorizationResponse.getLocation(), "The location is null");
940  assertNotNull(authorizationResponse.getCode(), "The code is null");
941  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
942  assertNotNull(authorizationResponse.getState(), "The state is null");
943 
944  String code = authorizationResponse.getCode();
945  String idToken = authorizationResponse.getIdToken();
946 
947  // 4. Validate code and id_token
948  Jwt jwt = Jwt.parse(idToken);
949  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
950  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
951  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
952  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
953  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
954  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
955  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
956  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
957  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
958 
959  RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
960  jwksUri,
961  jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
962  RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
963 
964  assertTrue(rsaSigner.validate(jwt));
965  assertTrue(rsaSigner.validateAuthorizationCode(code, jwt));
966  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.jwt.JwtClaimName.EXPIRATION_TIME
static final String EXPIRATION_TIME
Definition: JwtClaimName.java:21
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.jwt.JwtClaimName.AUDIENCE
static final String AUDIENCE
Definition: JwtClaimName.java:42
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.token.JsonWebResponse.getClaims
JwtClaims getClaims()
Definition: JsonWebResponse.java:41
org.xdi.oxauth.model.jwt.JwtClaimName
Definition: JwtClaimName.java:13
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_TIME
static final String AUTHENTICATION_TIME
Definition: JwtClaimName.java:99
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.model.jwt.JwtClaimName.SUBJECT_IDENTIFIER
static final String SUBJECT_IDENTIFIER
Definition: JwtClaimName.java:62
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUED_AT
static final String ISSUED_AT
Definition: JwtClaimName.java:27
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUER
static final String ISSUER
Definition: JwtClaimName.java:33
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkClient.getRSAPublicKey
static RSAPublicKey getRSAPublicKey(String jwkSetUri, String keyId)
Definition: JwkClient.java:94
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.model.jwt.JwtClaimName.CODE_HASH
static final String CODE_HASH
Definition: JwtClaimName.java:101
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeIdTokenUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeIdTokenUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
972  {
973  showTitle("requestAuthorizationCodeIdTokenUserBasicAuth");
974 
975  List<ResponseType> responseTypes = Arrays.asList(
976  ResponseType.CODE,
977  ResponseType.ID_TOKEN);
978 
979  // 1. Register client
980  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
981  StringUtils.spaceSeparatedToList(redirectUris));
982  registerRequest.setResponseTypes(responseTypes);
983  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
984 
985  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
986  registerClient.setRequest(registerRequest);
987  RegisterResponse registerResponse = registerClient.exec();
988 
989  showClient(registerClient);
990  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
991  assertNotNull(registerResponse.getClientId());
992  assertNotNull(registerResponse.getClientSecret());
993  assertNotNull(registerResponse.getRegistrationAccessToken());
994  assertNotNull(registerResponse.getClientIdIssuedAt());
995  assertNotNull(registerResponse.getClientSecretExpiresAt());
996 
997  String clientId = registerResponse.getClientId();
998  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
999  String registrationClientUri = registerResponse.getRegistrationClientUri();
1000 
1001  // 2. Client read
1002  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1003 
1004  RegisterClient readClient = new RegisterClient(registrationClientUri);
1005  readClient.setRequest(readClientRequest);
1006  RegisterResponse readClientResponse = readClient.exec();
1007 
1008  showClient(readClient);
1009  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1010  assertNotNull(readClientResponse.getClientId());
1011  assertNotNull(readClientResponse.getClientSecret());
1012  assertNotNull(readClientResponse.getClientIdIssuedAt());
1013  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1014 
1015  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1016  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1017  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1018  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1019  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1020  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1021 
1022  // 3. Request authorization
1023  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1024  String state = UUID.randomUUID().toString();
1025  String nonce = UUID.randomUUID().toString();
1026 
1027  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1028  authorizationRequest.setState(state);
1029 
1030  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1031  authorizationEndpoint, authorizationRequest, userId, userSecret);
1032 
1033  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1034  assertNotNull(authorizationResponse.getCode(), "The code is null");
1035  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
1036  assertNotNull(authorizationResponse.getState(), "The state is null");
1037 
1038  String code = authorizationResponse.getCode();
1039  String idToken = authorizationResponse.getIdToken();
1040 
1041  // 4. Validate code and id_token
1042  Jwt jwt = Jwt.parse(idToken);
1043  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
1044  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
1045  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
1046  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
1047  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
1048  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
1049  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
1050  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
1051  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
1052 
1053  RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
1054  jwksUri,
1055  jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
1056  RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
1057 
1058  assertTrue(rsaSigner.validate(jwt));
1059  assertTrue(rsaSigner.validateAuthorizationCode(code, jwt));
1060  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.jwt.JwtClaimName.EXPIRATION_TIME
static final String EXPIRATION_TIME
Definition: JwtClaimName.java:21
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.jwt.JwtClaimName.AUDIENCE
static final String AUDIENCE
Definition: JwtClaimName.java:42
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.token.JsonWebResponse.getClaims
JwtClaims getClaims()
Definition: JsonWebResponse.java:41
org.xdi.oxauth.model.jwt.JwtClaimName
Definition: JwtClaimName.java:13
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_TIME
static final String AUTHENTICATION_TIME
Definition: JwtClaimName.java:99
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.model.jwt.JwtClaimName.SUBJECT_IDENTIFIER
static final String SUBJECT_IDENTIFIER
Definition: JwtClaimName.java:62
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUED_AT
static final String ISSUED_AT
Definition: JwtClaimName.java:27
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUER
static final String ISSUER
Definition: JwtClaimName.java:33
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkClient.getRSAPublicKey
static RSAPublicKey getRSAPublicKey(String jwkSetUri, String keyId)
Definition: JwkClient.java:94
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.model.jwt.JwtClaimName.CODE_HASH
static final String CODE_HASH
Definition: JwtClaimName.java:101
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeNoRedirection()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeNoRedirection ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
184  {
185  showTitle("requestAuthorizationCodeNoRedirection");
186 
187  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
188 
189  // 1. Register client
190  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
191  StringUtils.spaceSeparatedToList(redirectUris));
192  registerRequest.setResponseTypes(responseTypes);
193  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
194 
195  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
196  registerClient.setRequest(registerRequest);
197  RegisterResponse registerResponse = registerClient.exec();
198 
199  showClient(registerClient);
200  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
201  assertNotNull(registerResponse.getClientId());
202  assertNotNull(registerResponse.getClientSecret());
203  assertNotNull(registerResponse.getRegistrationAccessToken());
204  assertNotNull(registerResponse.getClientIdIssuedAt());
205  assertNotNull(registerResponse.getClientSecretExpiresAt());
206 
207  String clientId = registerResponse.getClientId();
208  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
209  String registrationClientUri = registerResponse.getRegistrationClientUri();
210 
211  // 2. Client read
212  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
213 
214  RegisterClient readClient = new RegisterClient(registrationClientUri);
215  readClient.setRequest(readClientRequest);
216  RegisterResponse readClientResponse = readClient.exec();
217 
218  showClient(readClient);
219  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
220  assertNotNull(readClientResponse.getClientId());
221  assertNotNull(readClientResponse.getClientSecret());
222  assertNotNull(readClientResponse.getClientIdIssuedAt());
223  assertNotNull(readClientResponse.getClientSecretExpiresAt());
224 
225  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
226  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
227  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
228  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
229  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
230  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
231 
232  // 3. Request authorization and receive the authorization code.
233  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
234  String state = UUID.randomUUID().toString();
235 
236  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
237  authorizationRequest.setUseNoRedirectHeader(true); // Use Alternate Method for redirect
238  authorizationRequest.setState(state);
239 
240  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
241  authorizeClient.setRequest(authorizationRequest);
242 
243  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
244  authorizationEndpoint, authorizationRequest, userId, userSecret);
245 
246  showClient(authorizeClient);
247  assertNotNull(authorizationResponse.getLocation(), "The location is null");
248  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
249  assertNotNull(authorizationResponse.getState(), "The state is null");
250  assertNotNull(authorizationResponse.getScope(), "The scope is null");
251  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.AuthorizationRequest.setUseNoRedirectHeader
void setUseNoRedirectHeader(boolean useNoRedirectHeader)
Definition: AuthorizationRequest.java:431
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
116  {
117  showTitle("requestAuthorizationCodeUserBasicAuth");
118 
119  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
120 
121  // 1. Register client
122  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
123  StringUtils.spaceSeparatedToList(redirectUris));
124  registerRequest.setResponseTypes(responseTypes);
125  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
126 
127  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
128  registerClient.setRequest(registerRequest);
129  RegisterResponse registerResponse = registerClient.exec();
130 
131  showClient(registerClient);
132  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
133  assertNotNull(registerResponse.getClientId());
134  assertNotNull(registerResponse.getClientSecret());
135  assertNotNull(registerResponse.getRegistrationAccessToken());
136  assertNotNull(registerResponse.getClientIdIssuedAt());
137  assertNotNull(registerResponse.getClientSecretExpiresAt());
138 
139  String clientId = registerResponse.getClientId();
140  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
141  String registrationClientUri = registerResponse.getRegistrationClientUri();
142 
143  // 2. Client read
144  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
145 
146  RegisterClient readClient = new RegisterClient(registrationClientUri);
147  readClient.setRequest(readClientRequest);
148  RegisterResponse readClientResponse = readClient.exec();
149 
150  showClient(readClient);
151  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
152  assertNotNull(readClientResponse.getClientId());
153  assertNotNull(readClientResponse.getClientSecret());
154  assertNotNull(readClientResponse.getClientIdIssuedAt());
155  assertNotNull(readClientResponse.getClientSecretExpiresAt());
156 
157  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
158  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
159  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
160  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
161  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
162  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
163 
164  // 3. Request authorization and receive the authorization code.
165  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
166  String state = UUID.randomUUID().toString();
167 
168  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
169  authorizationRequest.setState(state);
170 
171  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
172  authorizationEndpoint, authorizationRequest, userId, userSecret);
173 
174  assertNotNull(authorizationResponse.getLocation(), "The location is null");
175  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
176  assertNotNull(authorizationResponse.getState(), "The state is null");
177  assertNotNull(authorizationResponse.getScope(), "The scope is null");
178  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeWithoutRedirectUri()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeWithoutRedirectUri ( final String  redirectUri,
final String  userId,
final String  userSecret 
) throws Exception
inline
2186  {
2187  showTitle("requestAuthorizationCodeWithoutRedirectUri");
2188 
2189  List<String> redirectUriList = Arrays.asList(redirectUri.split(StringUtils.SPACE));
2190  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", redirectUriList);
2191 
2192  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2193  registerClient.setRequest(registerRequest);
2194  RegisterResponse registerResponse = registerClient.exec();
2195 
2196  showClient(registerClient);
2197  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2198  assertNotNull(registerResponse.getClientId());
2199  assertNotNull(registerResponse.getClientSecret());
2200  assertNotNull(registerResponse.getRegistrationAccessToken());
2201  assertNotNull(registerResponse.getClientSecretExpiresAt());
2202 
2203  String clientId = registerResponse.getClientId();
2204 
2205  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
2206  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2207  String state = UUID.randomUUID().toString();
2208 
2209  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2210  authorizationRequest.setState(state);
2211 
2212  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
2213  authorizationEndpoint, authorizationRequest, userId, userSecret);
2214 
2215  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2216  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
2217  assertNotNull(authorizationResponse.getState(), "The state is null");
2218  assertNotNull(authorizationResponse.getScope(), "The scope is null");
2219  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeWithoutRedirectUriFail()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeWithoutRedirectUriFail ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
2270  {
2271  showTitle("requestAuthorizationCodeWithoutRedirectUriFail");
2272 
2273  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2274  StringUtils.spaceSeparatedToList(redirectUris));
2275  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2276  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2277 
2278  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2279  registerClient.setRequest(registerRequest);
2280  RegisterResponse registerResponse = registerClient.exec();
2281 
2282  showClient(registerClient);
2283  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2284  assertNotNull(registerResponse.getClientId());
2285  assertNotNull(registerResponse.getClientSecret());
2286  assertNotNull(registerResponse.getRegistrationAccessToken());
2287  assertNotNull(registerResponse.getClientSecretExpiresAt());
2288 
2289  String clientId = registerResponse.getClientId();
2290 
2291  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
2292  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2293  String state = UUID.randomUUID().toString();
2294 
2295  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, null, null);
2296  authorizationRequest.setState(state);
2297  authorizationRequest.setAuthUsername(userId);
2298  authorizationRequest.setAuthPassword(userSecret);
2299  authorizationRequest.getPrompts().add(Prompt.NONE);
2300 
2301  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2302  authorizeClient.setRequest(authorizationRequest);
2303  AuthorizationResponse authorizationResponse = authorizeClient.exec();
2304 
2305  showClient(authorizeClient);
2306  assertEquals(authorizationResponse.getStatus(), 400, "Unexpected response code: " + authorizationResponse.getStatus());
2307  assertNotNull(authorizationResponse.getErrorType(), "The error type is null");
2308  assertNotNull(authorizationResponse.getErrorDescription(), "The error description is null");
2309  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationCodeWithoutRedirectUriUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationCodeWithoutRedirectUriUserBasicAuth ( final String  redirectUri,
final String  userId,
final String  userSecret 
) throws Exception
inline
2224  {
2225  showTitle("requestAuthorizationCodeWithoutRedirectUriUserBasicAuth");
2226 
2227  List<String> redirectUriList = Arrays.asList(redirectUri.split(StringUtils.SPACE));
2228  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", redirectUriList);
2229  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2230  registerRequest.setSubjectType(SubjectType.PUBLIC);
2231 
2232  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2233  registerClient.setRequest(registerRequest);
2234  RegisterResponse registerResponse = registerClient.exec();
2235 
2236  showClient(registerClient);
2237  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2238  assertNotNull(registerResponse.getClientId());
2239  assertNotNull(registerResponse.getClientSecret());
2240  assertNotNull(registerResponse.getRegistrationAccessToken());
2241  assertNotNull(registerResponse.getClientSecretExpiresAt());
2242 
2243  String clientId = registerResponse.getClientId();
2244 
2245  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
2246  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2247  String state = UUID.randomUUID().toString();
2248 
2249  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, null, null);
2250  authorizationRequest.setState(state);
2251  authorizationRequest.setAuthUsername(userId);
2252  authorizationRequest.setAuthPassword(userSecret);
2253  authorizationRequest.getPrompts().add(Prompt.NONE);
2254 
2255  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2256  authorizeClient.setRequest(authorizationRequest);
2257  AuthorizationResponse authorizationResponse = authorizeClient.exec();
2258 
2259  showClient(authorizeClient);
2260  assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
2261  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2262  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
2263  assertNotNull(authorizationResponse.getState(), "The state is null");
2264  assertNotNull(authorizationResponse.getScope(), "The scope is null");
2265  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterRequest.setSubjectType
void setSubjectType(SubjectType subjectType)
Definition: RegisterRequest.java:522
org.xdi.oxauth.model.common.SubjectType.PUBLIC
PUBLIC
Definition: SubjectType.java:15
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.SubjectType
Definition: SubjectType.java:12
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationDenyAccessThenGrantAccess()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationDenyAccessThenGrantAccess ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2645  {
2646  showTitle("requestAuthorizationDenyAccessThenGrantAccess");
2647 
2648  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
2649 
2650  // 1. Register client
2651  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2652  StringUtils.spaceSeparatedToList(redirectUris));
2653  registerRequest.setResponseTypes(responseTypes);
2654  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2655 
2656  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2657  registerClient.setRequest(registerRequest);
2658  RegisterResponse registerResponse = registerClient.exec();
2659 
2660  showClient(registerClient);
2661  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2662  assertNotNull(registerResponse.getClientId());
2663  assertNotNull(registerResponse.getClientSecret());
2664  assertNotNull(registerResponse.getRegistrationAccessToken());
2665  assertNotNull(registerResponse.getClientIdIssuedAt());
2666  assertNotNull(registerResponse.getClientSecretExpiresAt());
2667 
2668  String clientId = registerResponse.getClientId();
2669  String sessionId = null;
2670 
2671  // 2. Request authorization, authenticate resource owner and deny access
2672  {
2673  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2674  String state = UUID.randomUUID().toString();
2675 
2676  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2677  authorizationRequest.setState(state);
2678 
2679  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndDenyAccess(
2680  authorizationEndpoint, authorizationRequest, userId, userSecret);
2681 
2682  assertNotNull(authorizationResponse.getLocation());
2683  assertNotNull(authorizationResponse.getErrorType());
2684  assertEquals(authorizationResponse.getErrorType(), AuthorizeErrorResponseType.ACCESS_DENIED);
2685  assertNotNull(authorizationResponse.getErrorDescription());
2686  assertNotNull(authorizationResponse.getState());
2687 
2688  sessionId = authorizationResponse.getSessionId();
2689  }
2690 
2691  // 3. Request authorization and deny access (resource owner is already authenticated)
2692  {
2693  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2694  String state = UUID.randomUUID().toString();
2695 
2696  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2697  authorizationRequest.setState(state);
2698  authorizationRequest.setSessionId(sessionId);
2699 
2700  AuthorizationResponse authorizationResponse = authorizationRequestAndDenyAccess(
2701  authorizationEndpoint, authorizationRequest);
2702 
2703  assertNotNull(authorizationResponse.getLocation());
2704  assertNotNull(authorizationResponse.getErrorType());
2705  assertEquals(authorizationResponse.getErrorType(), AuthorizeErrorResponseType.ACCESS_DENIED);
2706  assertNotNull(authorizationResponse.getErrorDescription());
2707  assertNotNull(authorizationResponse.getState());
2708  }
2709 
2710  // 4. Request authorization and grant access (resource owner is already authenticated)
2711  {
2712  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2713  String state = UUID.randomUUID().toString();
2714 
2715  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2716  authorizationRequest.setState(state);
2717  authorizationRequest.setSessionId(sessionId);
2718 
2719  AuthorizationResponse authorizationResponse = authorizationRequestAndGrantAccess(
2720  authorizationEndpoint, authorizationRequest);
2721 
2722  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2723  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
2724  assertNotNull(authorizationResponse.getState(), "The state is null");
2725  assertNotNull(authorizationResponse.getScope(), "The scope is null");
2726  }
2727  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.AuthorizationRequest.setSessionId
void setSessionId(String p_sessionId)
Definition: AuthorizationRequest.java:415
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.authorize.AuthorizeErrorResponseType.ACCESS_DENIED
ACCESS_DENIED
Definition: AuthorizeErrorResponseType.java:39
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.AuthorizationResponse.getSessionId
String getSessionId()
Definition: AuthorizationResponse.java:203
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.BaseTest.authorizationRequestAndGrantAccess
AuthorizationResponse authorizationRequestAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest)
Definition: BaseTest.java:463
org.xdi.oxauth.BaseTest.authorizationRequestAndDenyAccess
AuthorizationResponse authorizationRequestAndDenyAccess(String authorizeUrl, AuthorizationRequest authorizationRequest)
Definition: BaseTest.java:508
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndDenyAccess
AuthorizationResponse authenticateResourceOwnerAndDenyAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:407
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.model.authorize.AuthorizeErrorResponseType
Definition: AuthorizeErrorResponseType.java:16
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationForOpenIdScopeAndPairwiseId()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationForOpenIdScopeAndPairwiseId ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline

If a client has only openid scope and pairwise id, person should not have to authorize.

2736  {
2737  showTitle("requestAuthorizationForOpenIdScopeAndPairwiseId");
2738 
2739  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
2740 
2741  // 1. Register client
2742  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2743  StringUtils.spaceSeparatedToList(redirectUris));
2744  registerRequest.setResponseTypes(responseTypes);
2745  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2746 
2747  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2748  registerClient.setRequest(registerRequest);
2749  RegisterResponse registerResponse = registerClient.exec();
2750 
2751  showClient(registerClient);
2752  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2753  assertNotNull(registerResponse.getClientId());
2754  assertNotNull(registerResponse.getClientSecret());
2755  assertNotNull(registerResponse.getRegistrationAccessToken());
2756  assertNotNull(registerResponse.getClientIdIssuedAt());
2757  assertNotNull(registerResponse.getClientSecretExpiresAt());
2758 
2759  String clientId = registerResponse.getClientId();
2760  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
2761  String registrationClientUri = registerResponse.getRegistrationClientUri();
2762 
2763  // 2. Client read
2764  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
2765 
2766  RegisterClient readClient = new RegisterClient(registrationClientUri);
2767  readClient.setRequest(readClientRequest);
2768  RegisterResponse readClientResponse = readClient.exec();
2769 
2770  showClient(readClient);
2771  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2772  assertNotNull(readClientResponse.getClientId());
2773  assertNotNull(readClientResponse.getClientSecret());
2774  assertNotNull(readClientResponse.getClientIdIssuedAt());
2775  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2776 
2777  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2778  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2779  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2780  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2781  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2782  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2783 
2784  // 3. Request authorization and receive the authorization code.
2785  List<String> scopes = Arrays.asList("openid");
2786  String state = UUID.randomUUID().toString();
2787 
2788  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2789  authorizationRequest.setState(state);
2790 
2791  AuthorizationResponse authorizationResponse = authenticateResourceOwner(
2792  authorizationEndpoint, authorizationRequest, userId, userSecret, false);
2793 
2794  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2795  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
2796  assertNotNull(authorizationResponse.getState(), "The state is null");
2797  assertNotNull(authorizationResponse.getScope(), "The scope is null");
2798  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.BaseTest.authenticateResourceOwner
AuthorizationResponse authenticateResourceOwner(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)
Definition: BaseTest.java:555
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdToken()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationIdToken ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1410  {
1411  showTitle("requestAuthorizationIdToken");
1412 
1413  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
1414 
1415  // 1. Register client
1416  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1417  StringUtils.spaceSeparatedToList(redirectUris));
1418  registerRequest.setResponseTypes(responseTypes);
1419  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1420 
1421  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1422  registerClient.setRequest(registerRequest);
1423  RegisterResponse registerResponse = registerClient.exec();
1424 
1425  showClient(registerClient);
1426  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1427  assertNotNull(registerResponse.getClientId());
1428  assertNotNull(registerResponse.getClientSecret());
1429  assertNotNull(registerResponse.getRegistrationAccessToken());
1430  assertNotNull(registerResponse.getClientIdIssuedAt());
1431  assertNotNull(registerResponse.getClientSecretExpiresAt());
1432 
1433  String clientId = registerResponse.getClientId();
1434  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1435  String registrationClientUri = registerResponse.getRegistrationClientUri();
1436 
1437  // 2. Client read
1438  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1439 
1440  RegisterClient readClient = new RegisterClient(registrationClientUri);
1441  readClient.setRequest(readClientRequest);
1442  RegisterResponse readClientResponse = readClient.exec();
1443 
1444  showClient(readClient);
1445  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1446  assertNotNull(readClientResponse.getClientId());
1447  assertNotNull(readClientResponse.getClientSecret());
1448  assertNotNull(readClientResponse.getClientIdIssuedAt());
1449  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1450 
1451  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1452  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1453  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1454  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1455  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1456  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1457 
1458  // 3. Request authorization
1459  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1460  String nonce = UUID.randomUUID().toString();
1461  String state = UUID.randomUUID().toString();
1462 
1463  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1464  authorizationRequest.setState(state);
1465 
1466  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1467  authorizationEndpoint, authorizationRequest, userId, userSecret);
1468 
1469  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1470  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
1471  assertNotNull(authorizationResponse.getState(), "The state is null");
1472  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationIdTokenUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1478  {
1479  showTitle("requestAuthorizationIdTokenUserBasicAuth");
1480 
1481  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
1482 
1483  // 1. Register client
1484  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1485  StringUtils.spaceSeparatedToList(redirectUris));
1486  registerRequest.setResponseTypes(responseTypes);
1487  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1488 
1489  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1490  registerClient.setRequest(registerRequest);
1491  RegisterResponse registerResponse = registerClient.exec();
1492 
1493  showClient(registerClient);
1494  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1495  assertNotNull(registerResponse.getClientId());
1496  assertNotNull(registerResponse.getClientSecret());
1497  assertNotNull(registerResponse.getRegistrationAccessToken());
1498  assertNotNull(registerResponse.getClientIdIssuedAt());
1499  assertNotNull(registerResponse.getClientSecretExpiresAt());
1500 
1501  String clientId = registerResponse.getClientId();
1502  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1503  String registrationClientUri = registerResponse.getRegistrationClientUri();
1504 
1505  // 2. Client read
1506  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1507 
1508  RegisterClient readClient = new RegisterClient(registrationClientUri);
1509  readClient.setRequest(readClientRequest);
1510  RegisterResponse readClientResponse = readClient.exec();
1511 
1512  showClient(readClient);
1513  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1514  assertNotNull(readClientResponse.getClientId());
1515  assertNotNull(readClientResponse.getClientSecret());
1516  assertNotNull(readClientResponse.getClientIdIssuedAt());
1517  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1518 
1519  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1520  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1521  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1522  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1523  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1524  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1525 
1526  // 3. Request authorization
1527  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1528  String nonce = UUID.randomUUID().toString();
1529  String state = UUID.randomUUID().toString();
1530 
1531  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1532  authorizationRequest.setState(state);
1533 
1534  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1535  authorizationEndpoint, authorizationRequest, userId, userSecret);
1536 
1537  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1538  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
1539  assertNotNull(authorizationResponse.getState(), "The state is null");
1540  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationObjectUILocales()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationObjectUILocales ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2885  {
2886  showTitle("requestAuthorizationObjectUILocales");
2887 
2888  List<ResponseType> responseTypes = Arrays.asList(
2889  ResponseType.TOKEN,
2890  ResponseType.ID_TOKEN);
2891 
2892  // 1. Register client
2893  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2894  StringUtils.spaceSeparatedToList(redirectUris));
2895  registerRequest.setResponseTypes(responseTypes);
2896  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2897 
2898  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2899  registerClient.setRequest(registerRequest);
2900  RegisterResponse registerResponse = registerClient.exec();
2901 
2902  showClient(registerClient);
2903  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2904  assertNotNull(registerResponse.getClientId());
2905  assertNotNull(registerResponse.getClientSecret());
2906  assertNotNull(registerResponse.getRegistrationAccessToken());
2907  assertNotNull(registerResponse.getClientIdIssuedAt());
2908  assertNotNull(registerResponse.getClientSecretExpiresAt());
2909 
2910  String clientId = registerResponse.getClientId();
2911  String clientSecret = registerResponse.getClientSecret();
2912 
2913  // 2. Request authorization
2914  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
2915 
2916  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2917  String nonce = UUID.randomUUID().toString();
2918  String state = UUID.randomUUID().toString();
2919 
2920  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2921  authorizationRequest.setState(state);
2922  authorizationRequest.setUiLocales(Arrays.asList("es"));
2923 
2924  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
2925  authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
2926  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2927  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2928  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2929  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2930  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2931  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2932  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2933  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2934  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
2935  authorizationRequest.setRequest(authJwt);
2936 
2937  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
2938  authorizationEndpoint, authorizationRequest, userId, userSecret);
2939 
2940  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2941  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
2942  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
2943  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
2944  assertNotNull(authorizationResponse.getState(), "The state is null");
2945 
2946  String accessToken = authorizationResponse.getAccessToken();
2947 
2948  // 3. Request user info
2949  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
2950  UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
2951 
2952  showClient(userInfoClient);
2953  assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
2954  assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
2955  assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
2956  assertNotNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME));
2957  assertNotNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME));
2958  assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL));
2959  assertNotNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO));
2960  assertNotNull(userInfoResponse.getClaim(JwtClaimName.LOCALE));
2961  assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
2962  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimName.FAMILY_NAME
static final String FAMILY_NAME
Definition: JwtClaimName.java:115
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.jwt.JwtClaimName.GIVEN_NAME
static final String GIVEN_NAME
Definition: JwtClaimName.java:111
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.jwt.JwtClaimName.NAME
static final String NAME
Definition: JwtClaimName.java:107
org.xdi.oxauth.model.jwt.JwtClaimName.ZONEINFO
static final String ZONEINFO
Definition: JwtClaimName.java:165
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.JwtClaimName.EMAIL
static final String EMAIL
Definition: JwtClaimName.java:144
org.xdi.oxauth.model.jwt.JwtClaimName.NICKNAME
static final String NICKNAME
Definition: JwtClaimName.java:124
org.xdi.oxauth.model.authorize.JwtAuthorizationRequest
Definition: JwtAuthorizationRequest.java:48
org.xdi.oxauth.model.jwt.JwtClaimName
Definition: JwtClaimName.java:13
org.xdi.oxauth.model.jwt.JwtClaimName.EMAIL_VERIFIED
static final String EMAIL_VERIFIED
Definition: JwtClaimName.java:152
org.xdi.oxauth.model.jwt.JwtClaimName.LOCALE
static final String LOCALE
Definition: JwtClaimName.java:171
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwt.JwtClaimName.PICTURE
static final String PICTURE
Definition: JwtClaimName.java:136
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_TIME
static final String AUTHENTICATION_TIME
Definition: JwtClaimName.java:99
org.xdi.oxauth.model.authorize.JwtAuthorizationRequest.getEncodedJwt
String getEncodedJwt()
Definition: JwtAuthorizationRequest.java:238
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE
static final String AUTHENTICATION_CONTEXT_CLASS_REFERENCE
Definition: JwtClaimName.java:80
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.model.jwt.JwtClaimName.SUBJECT_IDENTIFIER
static final String SUBJECT_IDENTIFIER
Definition: JwtClaimName.java:62
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.model.authorize.JwtAuthorizationRequest.getIdTokenMember
IdTokenMember getIdTokenMember()
Definition: JwtAuthorizationRequest.java:428
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.jwt.JwtClaimName.ADDRESS
static final String ADDRESS
Definition: JwtClaimName.java:189
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setUiLocales
void setUiLocales(List< String > uiLocales)
Definition: AuthorizationRequest.java:295
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationPromptConsent()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptConsent ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1831  {
1832  showTitle("requestAuthorizationPromptConsent");
1833 
1834  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
1835 
1836  // 1. Register client
1837  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1838  StringUtils.spaceSeparatedToList(redirectUris));
1839  registerRequest.setResponseTypes(responseTypes);
1840  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1841 
1842  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1843  registerClient.setRequest(registerRequest);
1844  RegisterResponse registerResponse = registerClient.exec();
1845 
1846  showClient(registerClient);
1847  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1848  assertNotNull(registerResponse.getClientId());
1849  assertNotNull(registerResponse.getClientSecret());
1850  assertNotNull(registerResponse.getRegistrationAccessToken());
1851  assertNotNull(registerResponse.getClientIdIssuedAt());
1852  assertNotNull(registerResponse.getClientSecretExpiresAt());
1853 
1854  String clientId = registerResponse.getClientId();
1855  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1856  String registrationClientUri = registerResponse.getRegistrationClientUri();
1857 
1858  // 2. Client read
1859  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1860 
1861  RegisterClient readClient = new RegisterClient(registrationClientUri);
1862  readClient.setRequest(readClientRequest);
1863  RegisterResponse readClientResponse = readClient.exec();
1864 
1865  showClient(readClient);
1866  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1867  assertNotNull(readClientResponse.getClientId());
1868  assertNotNull(readClientResponse.getClientSecret());
1869  assertNotNull(readClientResponse.getClientIdIssuedAt());
1870  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1871 
1872  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1873  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1874  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1875  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1876  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1877  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1878 
1879  // 3. Request authorization
1880  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1881  String state = UUID.randomUUID().toString();
1882 
1883  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
1884  authorizationRequest.setState(state);
1885  authorizationRequest.getPrompts().add(Prompt.CONSENT);
1886 
1887  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1888  authorizationEndpoint, authorizationRequest, userId, userSecret);
1889 
1890  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1891  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
1892  assertNotNull(authorizationResponse.getState(), "The state is null");
1893  assertNotNull(authorizationResponse.getScope(), "The scope is null");
1894  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.common.Prompt.CONSENT
CONSENT
Definition: Prompt.java:36
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationPromptConsentTrustedClient()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptConsentTrustedClient ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1900  {
1901  showTitle("requestAuthorizationPromptConsentTrustedClient");
1902 
1903  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
1904 
1905  // 1. Register client
1906  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1907  StringUtils.spaceSeparatedToList(redirectUris));
1908  registerRequest.setResponseTypes(responseTypes);
1909  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1910  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1911 
1912  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1913  registerClient.setRequest(registerRequest);
1914  RegisterResponse registerResponse = registerClient.exec();
1915 
1916  showClient(registerClient);
1917  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1918  assertNotNull(registerResponse.getClientId());
1919  assertNotNull(registerResponse.getClientSecret());
1920  assertNotNull(registerResponse.getRegistrationAccessToken());
1921  assertNotNull(registerResponse.getClientIdIssuedAt());
1922  assertNotNull(registerResponse.getClientSecretExpiresAt());
1923 
1924  String clientId = registerResponse.getClientId();
1925  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1926  String registrationClientUri = registerResponse.getRegistrationClientUri();
1927 
1928  // 2. Client read
1929  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1930 
1931  RegisterClient readClient = new RegisterClient(registrationClientUri);
1932  readClient.setRequest(readClientRequest);
1933  RegisterResponse readClientResponse = readClient.exec();
1934 
1935  showClient(readClient);
1936  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1937  assertNotNull(readClientResponse.getClientId());
1938  assertNotNull(readClientResponse.getClientSecret());
1939  assertNotNull(readClientResponse.getClientIdIssuedAt());
1940  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1941 
1942  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1943  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1944  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1945  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1946  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1947  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1948 
1949  // 3. Request authorization
1950  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1951  String state = UUID.randomUUID().toString();
1952 
1953  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
1954  authorizationRequest.setState(state);
1955  authorizationRequest.getPrompts().add(Prompt.CONSENT);
1956 
1957  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1958  authorizationEndpoint, authorizationRequest, userId, userSecret);
1959 
1960  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1961  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
1962  assertNotNull(authorizationResponse.getState(), "The state is null");
1963  assertNotNull(authorizationResponse.getScope(), "The scope is null");
1964  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.common.Prompt.CONSENT
CONSENT
Definition: Prompt.java:36
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationPromptLogin()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptLogin ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1762  {
1763  showTitle("requestAuthorizationPromptLogin");
1764 
1765  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
1766 
1767  // 1. Register client
1768  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1769  StringUtils.spaceSeparatedToList(redirectUris));
1770  registerRequest.setResponseTypes(responseTypes);
1771  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1772 
1773  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1774  registerClient.setRequest(registerRequest);
1775  RegisterResponse registerResponse = registerClient.exec();
1776 
1777  showClient(registerClient);
1778  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1779  assertNotNull(registerResponse.getClientId());
1780  assertNotNull(registerResponse.getClientSecret());
1781  assertNotNull(registerResponse.getRegistrationAccessToken());
1782  assertNotNull(registerResponse.getClientIdIssuedAt());
1783  assertNotNull(registerResponse.getClientSecretExpiresAt());
1784 
1785  String clientId = registerResponse.getClientId();
1786  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1787  String registrationClientUri = registerResponse.getRegistrationClientUri();
1788 
1789  // 2. Client read
1790  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1791 
1792  RegisterClient readClient = new RegisterClient(registrationClientUri);
1793  readClient.setRequest(readClientRequest);
1794  RegisterResponse readClientResponse = readClient.exec();
1795 
1796  showClient(readClient);
1797  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1798  assertNotNull(readClientResponse.getClientId());
1799  assertNotNull(readClientResponse.getClientSecret());
1800  assertNotNull(readClientResponse.getClientIdIssuedAt());
1801  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1802 
1803  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1804  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1805  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1806  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1807  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1808  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1809 
1810  // 3. Request authorization
1811  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1812  String state = UUID.randomUUID().toString();
1813 
1814  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
1815  authorizationRequest.setState(state);
1816  authorizationRequest.getPrompts().add(Prompt.LOGIN);
1817 
1818  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1819  authorizationEndpoint, authorizationRequest, userId, userSecret);
1820 
1821  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1822  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
1823  assertNotNull(authorizationResponse.getState(), "The state is null");
1824  assertNotNull(authorizationResponse.getScope(), "The scope is null");
1825  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173
org.xdi.oxauth.model.common.Prompt.LOGIN
LOGIN
Definition: Prompt.java:31

◆ requestAuthorizationPromptLoginConsent()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptLoginConsent ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1970  {
1971  showTitle("requestAuthorizationPromptLoginConsent");
1972 
1973  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
1974 
1975  // 1. Register client
1976  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1977  StringUtils.spaceSeparatedToList(redirectUris));
1978  registerRequest.setResponseTypes(responseTypes);
1979  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1980 
1981  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1982  registerClient.setRequest(registerRequest);
1983  RegisterResponse registerResponse = registerClient.exec();
1984 
1985  showClient(registerClient);
1986  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1987  assertNotNull(registerResponse.getClientId());
1988  assertNotNull(registerResponse.getClientSecret());
1989  assertNotNull(registerResponse.getRegistrationAccessToken());
1990  assertNotNull(registerResponse.getClientIdIssuedAt());
1991  assertNotNull(registerResponse.getClientSecretExpiresAt());
1992 
1993  String clientId = registerResponse.getClientId();
1994  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1995  String registrationClientUri = registerResponse.getRegistrationClientUri();
1996 
1997  // 2. Client read
1998  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1999 
2000  RegisterClient readClient = new RegisterClient(registrationClientUri);
2001  readClient.setRequest(readClientRequest);
2002  RegisterResponse readClientResponse = readClient.exec();
2003 
2004  showClient(readClient);
2005  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2006  assertNotNull(readClientResponse.getClientId());
2007  assertNotNull(readClientResponse.getClientSecret());
2008  assertNotNull(readClientResponse.getClientIdIssuedAt());
2009  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2010 
2011  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2012  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2013  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2014  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2015  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2016  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2017 
2018  // 3. Request authorization
2019  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2020  String state = UUID.randomUUID().toString();
2021 
2022  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2023  authorizationRequest.setState(state);
2024  authorizationRequest.getPrompts().add(Prompt.LOGIN);
2025  authorizationRequest.getPrompts().add(Prompt.CONSENT);
2026 
2027  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
2028  authorizationEndpoint, authorizationRequest, userId, userSecret);
2029 
2030  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2031  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
2032  assertNotNull(authorizationResponse.getState(), "The state is null");
2033  assertNotNull(authorizationResponse.getScope(), "The scope is null");
2034  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.common.Prompt.CONSENT
CONSENT
Definition: Prompt.java:36
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173
org.xdi.oxauth.model.common.Prompt.LOGIN
LOGIN
Definition: Prompt.java:31

◆ requestAuthorizationPromptLoginConsentTrustedClient()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptLoginConsentTrustedClient ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2040  {
2041  showTitle("requestAuthorizationPromptLoginConsentTrustedClient");
2042 
2043  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
2044 
2045  // 1. Register client
2046  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2047  StringUtils.spaceSeparatedToList(redirectUris));
2048  registerRequest.setResponseTypes(responseTypes);
2049  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2050  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2051 
2052  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2053  registerClient.setRequest(registerRequest);
2054  RegisterResponse registerResponse = registerClient.exec();
2055 
2056  showClient(registerClient);
2057  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2058  assertNotNull(registerResponse.getClientId());
2059  assertNotNull(registerResponse.getClientSecret());
2060  assertNotNull(registerResponse.getRegistrationAccessToken());
2061  assertNotNull(registerResponse.getClientIdIssuedAt());
2062  assertNotNull(registerResponse.getClientSecretExpiresAt());
2063 
2064  String clientId = registerResponse.getClientId();
2065  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
2066  String registrationClientUri = registerResponse.getRegistrationClientUri();
2067 
2068  // 2. Client read
2069  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
2070 
2071  RegisterClient readClient = new RegisterClient(registrationClientUri);
2072  readClient.setRequest(readClientRequest);
2073  RegisterResponse readClientResponse = readClient.exec();
2074 
2075  showClient(readClient);
2076  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2077  assertNotNull(readClientResponse.getClientId());
2078  assertNotNull(readClientResponse.getClientSecret());
2079  assertNotNull(readClientResponse.getClientIdIssuedAt());
2080  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2081 
2082  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2083  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2084  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2085  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2086  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2087  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2088 
2089  // 3. Request authorization
2090  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2091  String state = UUID.randomUUID().toString();
2092 
2093  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2094  authorizationRequest.setState(state);
2095  authorizationRequest.getPrompts().add(Prompt.LOGIN);
2096  authorizationRequest.getPrompts().add(Prompt.CONSENT);
2097 
2098  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
2099  authorizationEndpoint, authorizationRequest, userId, userSecret);
2100 
2101  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2102  assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
2103  assertNotNull(authorizationResponse.getState(), "The state is null");
2104  assertNotNull(authorizationResponse.getScope(), "The scope is null");
2105  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.common.Prompt.CONSENT
CONSENT
Definition: Prompt.java:36
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173
org.xdi.oxauth.model.common.Prompt.LOGIN
LOGIN
Definition: Prompt.java:31

◆ requestAuthorizationPromptNoneFail()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptNoneFail ( final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1690  {
1691  showTitle("requestAuthorizationPromptNoneFail");
1692 
1693  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
1694 
1695  // 1. Register client
1696  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1697  StringUtils.spaceSeparatedToList(redirectUris));
1698  registerRequest.setResponseTypes(responseTypes);
1699  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1700 
1701  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1702  registerClient.setRequest(registerRequest);
1703  RegisterResponse registerResponse = registerClient.exec();
1704 
1705  showClient(registerClient);
1706  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1707  assertNotNull(registerResponse.getClientId());
1708  assertNotNull(registerResponse.getClientSecret());
1709  assertNotNull(registerResponse.getRegistrationAccessToken());
1710  assertNotNull(registerResponse.getClientIdIssuedAt());
1711  assertNotNull(registerResponse.getClientSecretExpiresAt());
1712 
1713  String clientId = registerResponse.getClientId();
1714  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1715  String registrationClientUri = registerResponse.getRegistrationClientUri();
1716 
1717  // 2. Client read
1718  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1719 
1720  RegisterClient readClient = new RegisterClient(registrationClientUri);
1721  readClient.setRequest(readClientRequest);
1722  RegisterResponse readClientResponse = readClient.exec();
1723 
1724  showClient(readClient);
1725  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1726  assertNotNull(readClientResponse.getClientId());
1727  assertNotNull(readClientResponse.getClientSecret());
1728  assertNotNull(readClientResponse.getClientIdIssuedAt());
1729  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1730 
1731  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1732  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1733  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1734  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1735  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1736  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1737 
1738  // 3. Request authorization
1739  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1740  String state = UUID.randomUUID().toString();
1741 
1742  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
1743  request.setState(state);
1744  request.getPrompts().add(Prompt.NONE);
1745 
1746  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1747  authorizeClient.setRequest(request);
1748  AuthorizationResponse response = authorizeClient.exec();
1749 
1750  showClient(authorizeClient);
1751  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1752  assertNotNull(response.getLocation(), "The location is null");
1753  assertNotNull(response.getErrorType(), "The error type is null");
1754  assertNotNull(response.getErrorDescription(), "The error description is null");
1755  assertNotNull(response.getState(), "The state is null");
1756  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationPromptNoneLoginConsentFail()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptNoneLoginConsentFail ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2111  {
2112  showTitle("requestAuthorizationPromptLoginConsent");
2113 
2114  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
2115 
2116  // 1. Register client
2117  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2118  StringUtils.spaceSeparatedToList(redirectUris));
2119  registerRequest.setResponseTypes(responseTypes);
2120  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2121 
2122  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2123  registerClient.setRequest(registerRequest);
2124  RegisterResponse registerResponse = registerClient.exec();
2125 
2126  showClient(registerClient);
2127  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2128  assertNotNull(registerResponse.getClientId());
2129  assertNotNull(registerResponse.getClientSecret());
2130  assertNotNull(registerResponse.getRegistrationAccessToken());
2131  assertNotNull(registerResponse.getClientIdIssuedAt());
2132  assertNotNull(registerResponse.getClientSecretExpiresAt());
2133 
2134  String clientId = registerResponse.getClientId();
2135  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
2136  String registrationClientUri = registerResponse.getRegistrationClientUri();
2137 
2138  // 2. Client read
2139  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
2140 
2141  RegisterClient readClient = new RegisterClient(registrationClientUri);
2142  readClient.setRequest(readClientRequest);
2143  RegisterResponse readClientResponse = readClient.exec();
2144 
2145  showClient(readClient);
2146  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2147  assertNotNull(readClientResponse.getClientId());
2148  assertNotNull(readClientResponse.getClientSecret());
2149  assertNotNull(readClientResponse.getClientIdIssuedAt());
2150  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2151 
2152  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2153  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2154  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2155  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2156  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2157  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2158 
2159  // 3. Request authorization
2160  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2161  String state = UUID.randomUUID().toString();
2162 
2163  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
2164  request.setState(state);
2165  request.getPrompts().add(Prompt.NONE);
2166  request.getPrompts().add(Prompt.LOGIN);
2167  request.getPrompts().add(Prompt.CONSENT);
2168  request.setAuthUsername(userId);
2169  request.setAuthPassword(userSecret);
2170 
2171  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2172  authorizeClient.setRequest(request);
2173  AuthorizationResponse response = authorizeClient.exec();
2174 
2175  showClient(authorizeClient);
2176  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
2177  assertNotNull(response.getLocation(), "The location is null");
2178  assertNotNull(response.getErrorType(), "The error type is null");
2179  assertNotNull(response.getErrorDescription(), "The error description is null");
2180  assertNotNull(response.getState(), "The state is null");
2181  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.common.Prompt.CONSENT
CONSENT
Definition: Prompt.java:36
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173
org.xdi.oxauth.model.common.Prompt.LOGIN
LOGIN
Definition: Prompt.java:31

◆ requestAuthorizationPromptNoneTrustedClient()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationPromptNoneTrustedClient ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1617  {
1618  showTitle("requestAuthorizationPromptNoneTrustedClient");
1619 
1620  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
1621 
1622  // 1. Register client
1623  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1624  StringUtils.spaceSeparatedToList(redirectUris));
1625  registerRequest.setResponseTypes(responseTypes);
1626  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1627  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1628 
1629  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1630  registerClient.setRequest(registerRequest);
1631  RegisterResponse registerResponse = registerClient.exec();
1632 
1633  showClient(registerClient);
1634  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1635  assertNotNull(registerResponse.getClientId());
1636  assertNotNull(registerResponse.getClientSecret());
1637  assertNotNull(registerResponse.getRegistrationAccessToken());
1638  assertNotNull(registerResponse.getClientIdIssuedAt());
1639  assertNotNull(registerResponse.getClientSecretExpiresAt());
1640 
1641  String clientId = registerResponse.getClientId();
1642  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1643  String registrationClientUri = registerResponse.getRegistrationClientUri();
1644 
1645  // 2. Client read
1646  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1647 
1648  RegisterClient readClient = new RegisterClient(registrationClientUri);
1649  readClient.setRequest(readClientRequest);
1650  RegisterResponse readClientResponse = readClient.exec();
1651 
1652  showClient(readClient);
1653  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1654  assertNotNull(readClientResponse.getClientId());
1655  assertNotNull(readClientResponse.getClientSecret());
1656  assertNotNull(readClientResponse.getClientIdIssuedAt());
1657  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1658 
1659  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1660  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1661  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1662  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1663  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1664  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1665 
1666  // 3. Request authorization
1667  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1668  String state = UUID.randomUUID().toString();
1669 
1670  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
1671  request.setState(state);
1672  request.getPrompts().add(Prompt.NONE);
1673  request.setAuthUsername(userId);
1674  request.setAuthPassword(userSecret);
1675 
1676  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1677  authorizeClient.setRequest(request);
1678  AuthorizationResponse response = authorizeClient.exec();
1679 
1680  showClient(authorizeClient);
1681  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1682  assertNotNull(response.getLocation(), "The location is null");
1683  assertNotNull(response.getCode(), "The code is null");
1684  assertNotNull(response.getState(), "The state is null");
1685  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationToken()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationToken ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
446  {
447  showTitle("requestAuthorizationToken");
448 
449  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
450 
451  // 1. Register client
452  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
453  StringUtils.spaceSeparatedToList(redirectUris));
454  registerRequest.setResponseTypes(responseTypes);
455  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
456 
457  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
458  registerClient.setRequest(registerRequest);
459  RegisterResponse registerResponse = registerClient.exec();
460 
461  showClient(registerClient);
462  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
463  assertNotNull(registerResponse.getClientId());
464  assertNotNull(registerResponse.getClientSecret());
465  assertNotNull(registerResponse.getRegistrationAccessToken());
466  assertNotNull(registerResponse.getClientIdIssuedAt());
467  assertNotNull(registerResponse.getClientSecretExpiresAt());
468 
469  String clientId = registerResponse.getClientId();
470  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
471  String registrationClientUri = registerResponse.getRegistrationClientUri();
472 
473  // 2. Client read
474  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
475 
476  RegisterClient readClient = new RegisterClient(registrationClientUri);
477  readClient.setRequest(readClientRequest);
478  RegisterResponse readClientResponse = readClient.exec();
479 
480  showClient(readClient);
481  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
482  assertNotNull(readClientResponse.getClientId());
483  assertNotNull(readClientResponse.getClientSecret());
484  assertNotNull(readClientResponse.getClientIdIssuedAt());
485  assertNotNull(readClientResponse.getClientSecretExpiresAt());
486 
487  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
488  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
489  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
490  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
491  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
492  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
493 
494  // 3. Request authorization
495  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
496  String nonce = UUID.randomUUID().toString();
497  String state = UUID.randomUUID().toString();
498 
499  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
500  authorizationRequest.setState(state);
501 
502  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
503  authorizationEndpoint, authorizationRequest, userId, userSecret);
504 
505  assertNotNull(authorizationResponse.getLocation(), "The location is null");
506  assertNotNull(authorizationResponse.getAccessToken(), "The access token is null");
507  assertNotNull(authorizationResponse.getState(), "The state is null");
508  assertNotNull(authorizationResponse.getTokenType(), "The token type is null");
509  assertNotNull(authorizationResponse.getExpiresIn(), "The expires in value is null");
510  assertNotNull(authorizationResponse.getScope(), "The scope must be null");
511  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.AuthorizationResponse.getExpiresIn
Integer getExpiresIn()
Definition: AuthorizationResponse.java:257
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenCode()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenCode ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1066  {
1067  showTitle("requestAuthorizationTokenCode");
1068 
1069  List<ResponseType> responseTypes = Arrays.asList(
1070  ResponseType.TOKEN,
1071  ResponseType.CODE);
1072 
1073  // 1. Register client
1074  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1075  StringUtils.spaceSeparatedToList(redirectUris));
1076  registerRequest.setResponseTypes(responseTypes);
1077  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1078 
1079  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1080  registerClient.setRequest(registerRequest);
1081  RegisterResponse registerResponse = registerClient.exec();
1082 
1083  showClient(registerClient);
1084  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1085  assertNotNull(registerResponse.getClientId());
1086  assertNotNull(registerResponse.getClientSecret());
1087  assertNotNull(registerResponse.getRegistrationAccessToken());
1088  assertNotNull(registerResponse.getClientIdIssuedAt());
1089  assertNotNull(registerResponse.getClientSecretExpiresAt());
1090 
1091  String clientId = registerResponse.getClientId();
1092  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1093  String registrationClientUri = registerResponse.getRegistrationClientUri();
1094 
1095  // 2. Client read
1096  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1097 
1098  RegisterClient readClient = new RegisterClient(registrationClientUri);
1099  readClient.setRequest(readClientRequest);
1100  RegisterResponse readClientResponse = readClient.exec();
1101 
1102  showClient(readClient);
1103  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1104  assertNotNull(readClientResponse.getClientId());
1105  assertNotNull(readClientResponse.getClientSecret());
1106  assertNotNull(readClientResponse.getClientIdIssuedAt());
1107  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1108 
1109  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1110  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1111  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1112  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1113  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1114  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1115 
1116  // 3. Request authorization
1117  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1118  String nonce = UUID.randomUUID().toString();
1119  String state = UUID.randomUUID().toString();
1120 
1121  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1122  authorizationRequest.setState(state);
1123 
1124  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1125  authorizationEndpoint, authorizationRequest, userId, userSecret);
1126 
1127  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1128  assertNotNull(authorizationResponse.getCode(), "The code is null");
1129  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
1130  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
1131  assertNotNull(authorizationResponse.getState(), "The state is null");
1132  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenCodeIdToken()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenCodeIdToken ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1210  {
1211  showTitle("requestAuthorizationTokenCodeIdToken");
1212 
1213  List<ResponseType> responseTypes = Arrays.asList(
1214  ResponseType.TOKEN,
1215  ResponseType.CODE,
1216  ResponseType.ID_TOKEN);
1217 
1218  // 1. Register client
1219  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1220  StringUtils.spaceSeparatedToList(redirectUris));
1221  registerRequest.setResponseTypes(responseTypes);
1222  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1223 
1224  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1225  registerClient.setRequest(registerRequest);
1226  RegisterResponse registerResponse = registerClient.exec();
1227 
1228  showClient(registerClient);
1229  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1230  assertNotNull(registerResponse.getClientId());
1231  assertNotNull(registerResponse.getClientSecret());
1232  assertNotNull(registerResponse.getRegistrationAccessToken());
1233  assertNotNull(registerResponse.getClientIdIssuedAt());
1234  assertNotNull(registerResponse.getClientSecretExpiresAt());
1235 
1236  String clientId = registerResponse.getClientId();
1237  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1238  String registrationClientUri = registerResponse.getRegistrationClientUri();
1239 
1240  // 2. Client read
1241  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1242 
1243  RegisterClient readClient = new RegisterClient(registrationClientUri);
1244  readClient.setRequest(readClientRequest);
1245  RegisterResponse readClientResponse = readClient.exec();
1246 
1247  showClient(readClient);
1248  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1249  assertNotNull(readClientResponse.getClientId());
1250  assertNotNull(readClientResponse.getClientSecret());
1251  assertNotNull(readClientResponse.getClientIdIssuedAt());
1252  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1253 
1254  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1255  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1256  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1257  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1258  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1259  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1260 
1261  // 3. Request authorization
1262  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1263  String nonce = UUID.randomUUID().toString();
1264  String state = UUID.randomUUID().toString();
1265 
1266  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1267  authorizationRequest.setState(state);
1268 
1269  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1270  authorizationEndpoint, authorizationRequest, userId, userSecret);
1271 
1272  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1273  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
1274  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
1275  assertNotNull(authorizationResponse.getCode(), "The code is null");
1276  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
1277  assertNotNull(authorizationResponse.getState(), "The state is null");
1278 
1279  String code = authorizationResponse.getCode();
1280  String accessToken = authorizationResponse.getAccessToken();
1281  String idToken = authorizationResponse.getIdToken();
1282 
1283  // 4. Validate access_token and id_token
1284  Jwt jwt = Jwt.parse(idToken);
1285  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
1286  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
1287  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
1288  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
1289  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
1290  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
1291  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
1292  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
1293  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
1294  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
1295 
1296  RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
1297  jwksUri,
1298  jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
1299  RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
1300 
1301  assertTrue(rsaSigner.validate(jwt));
1302  assertTrue(rsaSigner.validateAuthorizationCode(code, jwt));
1303  assertTrue(rsaSigner.validateAccessToken(accessToken, jwt));
1304  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.jwt.JwtClaimName.EXPIRATION_TIME
static final String EXPIRATION_TIME
Definition: JwtClaimName.java:21
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.jwt.JwtClaimName.AUDIENCE
static final String AUDIENCE
Definition: JwtClaimName.java:42
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.token.JsonWebResponse.getClaims
JwtClaims getClaims()
Definition: JsonWebResponse.java:41
org.xdi.oxauth.model.jwt.JwtClaimName
Definition: JwtClaimName.java:13
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_TIME
static final String AUTHENTICATION_TIME
Definition: JwtClaimName.java:99
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.model.jwt.JwtClaimName.SUBJECT_IDENTIFIER
static final String SUBJECT_IDENTIFIER
Definition: JwtClaimName.java:62
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUED_AT
static final String ISSUED_AT
Definition: JwtClaimName.java:27
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.model.jwt.JwtClaimName.ACCESS_TOKEN_HASH
static final String ACCESS_TOKEN_HASH
Definition: JwtClaimName.java:100
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUER
static final String ISSUER
Definition: JwtClaimName.java:33
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkClient.getRSAPublicKey
static RSAPublicKey getRSAPublicKey(String jwkSetUri, String keyId)
Definition: JwkClient.java:94
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.model.jwt.JwtClaimName.CODE_HASH
static final String CODE_HASH
Definition: JwtClaimName.java:101
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenCodeIdTokenUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenCodeIdTokenUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1310  {
1311  showTitle("requestAuthorizationTokenCodeIdTokenUserBasicAuth");
1312 
1313  List<ResponseType> responseTypes = Arrays.asList(
1314  ResponseType.TOKEN,
1315  ResponseType.CODE,
1316  ResponseType.ID_TOKEN);
1317 
1318  // 1. Register client
1319  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1320  StringUtils.spaceSeparatedToList(redirectUris));
1321  registerRequest.setResponseTypes(responseTypes);
1322  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1323 
1324  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1325  registerClient.setRequest(registerRequest);
1326  RegisterResponse registerResponse = registerClient.exec();
1327 
1328  showClient(registerClient);
1329  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1330  assertNotNull(registerResponse.getClientId());
1331  assertNotNull(registerResponse.getClientSecret());
1332  assertNotNull(registerResponse.getRegistrationAccessToken());
1333  assertNotNull(registerResponse.getClientIdIssuedAt());
1334  assertNotNull(registerResponse.getClientSecretExpiresAt());
1335 
1336  String clientId = registerResponse.getClientId();
1337  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1338  String registrationClientUri = registerResponse.getRegistrationClientUri();
1339 
1340  // 2. Client read
1341  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1342 
1343  RegisterClient readClient = new RegisterClient(registrationClientUri);
1344  readClient.setRequest(readClientRequest);
1345  RegisterResponse readClientResponse = readClient.exec();
1346 
1347  showClient(readClient);
1348  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1349  assertNotNull(readClientResponse.getClientId());
1350  assertNotNull(readClientResponse.getClientSecret());
1351  assertNotNull(readClientResponse.getClientIdIssuedAt());
1352  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1353 
1354  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1355  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1356  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1357  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1358  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1359  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1360 
1361  // 3. Request authorization
1362  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1363  String nonce = UUID.randomUUID().toString();
1364  String state = UUID.randomUUID().toString();
1365 
1366  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1367  authorizationRequest.setState(state);
1368 
1369  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1370  authorizationEndpoint, authorizationRequest, userId, userSecret);
1371 
1372  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1373  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
1374  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
1375  assertNotNull(authorizationResponse.getCode(), "The code is null");
1376  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
1377  assertNotNull(authorizationResponse.getState(), "The state is null");
1378 
1379  String code = authorizationResponse.getCode();
1380  String accessToken = authorizationResponse.getAccessToken();
1381  String idToken = authorizationResponse.getIdToken();
1382 
1383  // 4. Validate access_token and id_token
1384  Jwt jwt = Jwt.parse(idToken);
1385  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
1386  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
1387  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
1388  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
1389  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
1390  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
1391  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
1392  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.CODE_HASH));
1393  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
1394  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
1395 
1396  RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
1397  jwksUri,
1398  jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
1399  RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
1400 
1401  assertTrue(rsaSigner.validate(jwt));
1402  assertTrue(rsaSigner.validateAuthorizationCode(code, jwt));
1403  assertTrue(rsaSigner.validateAccessToken(accessToken, jwt));
1404  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.jwt.JwtClaimName.EXPIRATION_TIME
static final String EXPIRATION_TIME
Definition: JwtClaimName.java:21
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.jwt.JwtClaimName.AUDIENCE
static final String AUDIENCE
Definition: JwtClaimName.java:42
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.token.JsonWebResponse.getClaims
JwtClaims getClaims()
Definition: JsonWebResponse.java:41
org.xdi.oxauth.model.jwt.JwtClaimName
Definition: JwtClaimName.java:13
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_TIME
static final String AUTHENTICATION_TIME
Definition: JwtClaimName.java:99
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.model.jwt.JwtClaimName.SUBJECT_IDENTIFIER
static final String SUBJECT_IDENTIFIER
Definition: JwtClaimName.java:62
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUED_AT
static final String ISSUED_AT
Definition: JwtClaimName.java:27
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.model.jwt.JwtClaimName.ACCESS_TOKEN_HASH
static final String ACCESS_TOKEN_HASH
Definition: JwtClaimName.java:100
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUER
static final String ISSUER
Definition: JwtClaimName.java:33
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkClient.getRSAPublicKey
static RSAPublicKey getRSAPublicKey(String jwkSetUri, String keyId)
Definition: JwkClient.java:94
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.model.jwt.JwtClaimName.CODE_HASH
static final String CODE_HASH
Definition: JwtClaimName.java:101
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenCodeUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenCodeUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1138  {
1139  showTitle("requestAuthorizationTokenCodeUserBasicAuth");
1140 
1141  List<ResponseType> responseTypes = Arrays.asList(
1142  ResponseType.TOKEN,
1143  ResponseType.CODE);
1144 
1145  // 1. Register client
1146  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1147  StringUtils.spaceSeparatedToList(redirectUris));
1148  registerRequest.setResponseTypes(responseTypes);
1149  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1150 
1151  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1152  registerClient.setRequest(registerRequest);
1153  RegisterResponse registerResponse = registerClient.exec();
1154 
1155  showClient(registerClient);
1156  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1157  assertNotNull(registerResponse.getClientId());
1158  assertNotNull(registerResponse.getClientSecret());
1159  assertNotNull(registerResponse.getRegistrationAccessToken());
1160  assertNotNull(registerResponse.getClientIdIssuedAt());
1161  assertNotNull(registerResponse.getClientSecretExpiresAt());
1162 
1163  String clientId = registerResponse.getClientId();
1164  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1165  String registrationClientUri = registerResponse.getRegistrationClientUri();
1166 
1167  // 2. Client read
1168  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1169 
1170  RegisterClient readClient = new RegisterClient(registrationClientUri);
1171  readClient.setRequest(readClientRequest);
1172  RegisterResponse readClientResponse = readClient.exec();
1173 
1174  showClient(readClient);
1175  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1176  assertNotNull(readClientResponse.getClientId());
1177  assertNotNull(readClientResponse.getClientSecret());
1178  assertNotNull(readClientResponse.getClientIdIssuedAt());
1179  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1180 
1181  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1182  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1183  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1184  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1185  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1186  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1187 
1188  // 3. Request authorization
1189  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1190  String nonce = UUID.randomUUID().toString();
1191  String state = UUID.randomUUID().toString();
1192 
1193  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1194  authorizationRequest.setState(state);
1195 
1196  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1197  authorizationEndpoint, authorizationRequest, userId, userSecret);
1198 
1199  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1200  assertNotNull(authorizationResponse.getCode(), "The code is null");
1201  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
1202  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
1203  assertNotNull(authorizationResponse.getState(), "The state is null");
1204  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenFail1()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenFail1 ( final String  userId,
final String  userSecret,
final String  redirectUri 
) throws Exception
inline
587  {
588  showTitle("requestAuthorizationTokenFail1");
589 
590  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
591  String state = UUID.randomUUID().toString();
592 
593  AuthorizationRequest request = new AuthorizationRequest(responseTypes, null, null, redirectUri, null);
594  request.setState(state);
595  request.setAuthUsername(userId);
596  request.setAuthPassword(userSecret);
597 
598  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
599  authorizeClient.setRequest(request);
600  AuthorizationResponse response = authorizeClient.exec();
601 
602  showClient(authorizeClient);
603  assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getStatus());
604  assertNotNull(response.getErrorType(), "The error type is null");
605  assertNotNull(response.getErrorDescription(), "The error description is null");
606  assertNotNull(response.getState(), "The state is null");
607  }
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355

◆ requestAuthorizationTokenFail2()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenFail2 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
613  {
614  showTitle("requestAuthorizationTokenFail2");
615 
616  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
617 
618  // 1. Register client
619  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
620  StringUtils.spaceSeparatedToList(redirectUris));
621  registerRequest.setResponseTypes(responseTypes);
622  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
623 
624  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
625  registerClient.setRequest(registerRequest);
626  RegisterResponse registerResponse = registerClient.exec();
627 
628  showClient(registerClient);
629  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
630  assertNotNull(registerResponse.getClientId());
631  assertNotNull(registerResponse.getClientSecret());
632  assertNotNull(registerResponse.getRegistrationAccessToken());
633  assertNotNull(registerResponse.getClientIdIssuedAt());
634  assertNotNull(registerResponse.getClientSecretExpiresAt());
635 
636  String clientId = registerResponse.getClientId();
637  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
638  String registrationClientUri = registerResponse.getRegistrationClientUri();
639 
640  // 2. Client read
641  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
642 
643  RegisterClient readClient = new RegisterClient(registrationClientUri);
644  readClient.setRequest(readClientRequest);
645  RegisterResponse readClientResponse = readClient.exec();
646 
647  showClient(readClient);
648  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
649  assertNotNull(readClientResponse.getClientId());
650  assertNotNull(readClientResponse.getClientSecret());
651  assertNotNull(readClientResponse.getClientIdIssuedAt());
652  assertNotNull(readClientResponse.getClientSecretExpiresAt());
653 
654  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
655  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
656  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
657  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
658  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
659  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
660 
661  // 3. Request authorization
662  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
663  String nonce = null;
664  String state = UUID.randomUUID().toString();
665 
666  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
667  request.setState(state);
668  request.setAuthUsername(userId);
669  request.setAuthPassword(userSecret);
670  request.getPrompts().add(Prompt.NONE);
671 
672  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
673  authorizeClient.setRequest(request);
674  AuthorizationResponse response = authorizeClient.exec();
675 
676  showClient(authorizeClient);
677  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
678  assertNotNull(response.getLocation(), "The location is null");
679  assertNotNull(response.getErrorType(), "The error type is null");
680  assertNotNull(response.getErrorDescription(), "The error description is null");
681  assertNotNull(response.getState(), "The state is null");
682  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenIdToken()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenIdToken ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
688  {
689  showTitle("requestAuthorizationTokenIdToken");
690 
691  List<ResponseType> responseTypes = Arrays.asList(
692  ResponseType.TOKEN,
693  ResponseType.ID_TOKEN);
694 
695  // 1. Register client
696  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
697  StringUtils.spaceSeparatedToList(redirectUris));
698  registerRequest.setResponseTypes(responseTypes);
699  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
700 
701  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
702  registerClient.setRequest(registerRequest);
703  RegisterResponse registerResponse = registerClient.exec();
704 
705  showClient(registerClient);
706  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
707  assertNotNull(registerResponse.getClientId());
708  assertNotNull(registerResponse.getClientSecret());
709  assertNotNull(registerResponse.getRegistrationAccessToken());
710  assertNotNull(registerResponse.getClientIdIssuedAt());
711  assertNotNull(registerResponse.getClientSecretExpiresAt());
712 
713  String clientId = registerResponse.getClientId();
714  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
715  String registrationClientUri = registerResponse.getRegistrationClientUri();
716 
717  // 2. Client read
718  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
719 
720  RegisterClient readClient = new RegisterClient(registrationClientUri);
721  readClient.setRequest(readClientRequest);
722  RegisterResponse readClientResponse = readClient.exec();
723 
724  showClient(readClient);
725  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
726  assertNotNull(readClientResponse.getClientId());
727  assertNotNull(readClientResponse.getClientSecret());
728  assertNotNull(readClientResponse.getClientIdIssuedAt());
729  assertNotNull(readClientResponse.getClientSecretExpiresAt());
730 
731  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
732  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
733  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
734  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
735  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
736  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
737 
738  // 3. Request authorization
739  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
740  String nonce = UUID.randomUUID().toString();
741  String state = UUID.randomUUID().toString();
742 
743  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
744  authorizationRequest.setState(state);
745 
746  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
747  authorizationEndpoint, authorizationRequest, userId, userSecret);
748 
749  assertNotNull(authorizationResponse.getLocation(), "The location is null");
750  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
751  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
752  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
753  assertNotNull(authorizationResponse.getState(), "The state is null");
754 
755  String accessToken = authorizationResponse.getAccessToken();
756  String idToken = authorizationResponse.getIdToken();
757 
758  // 2. Validate access_token and id_token
759  Jwt jwt = Jwt.parse(idToken);
760  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
761  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
762  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
763  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
764  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
765  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
766  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
767  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
768  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
769 
770  RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
771  jwksUri,
772  jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
773  RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
774 
775  assertTrue(rsaSigner.validate(jwt));
776  assertTrue(rsaSigner.validateAccessToken(accessToken, jwt));
777  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.jwt.JwtClaimName.EXPIRATION_TIME
static final String EXPIRATION_TIME
Definition: JwtClaimName.java:21
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.jwt.JwtClaimName.AUDIENCE
static final String AUDIENCE
Definition: JwtClaimName.java:42
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.token.JsonWebResponse.getClaims
JwtClaims getClaims()
Definition: JsonWebResponse.java:41
org.xdi.oxauth.model.jwt.JwtClaimName
Definition: JwtClaimName.java:13
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_TIME
static final String AUTHENTICATION_TIME
Definition: JwtClaimName.java:99
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.model.jwt.JwtClaimName.SUBJECT_IDENTIFIER
static final String SUBJECT_IDENTIFIER
Definition: JwtClaimName.java:62
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUED_AT
static final String ISSUED_AT
Definition: JwtClaimName.java:27
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.model.jwt.JwtClaimName.ACCESS_TOKEN_HASH
static final String ACCESS_TOKEN_HASH
Definition: JwtClaimName.java:100
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUER
static final String ISSUER
Definition: JwtClaimName.java:33
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkClient.getRSAPublicKey
static RSAPublicKey getRSAPublicKey(String jwkSetUri, String keyId)
Definition: JwkClient.java:94
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenIdTokenUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenIdTokenUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
783  {
784  showTitle("requestAuthorizationTokenIdTokenUserBasicAuth");
785 
786  List<ResponseType> responseTypes = Arrays.asList(
787  ResponseType.TOKEN,
788  ResponseType.ID_TOKEN);
789 
790  // 1. Register client
791  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
792  StringUtils.spaceSeparatedToList(redirectUris));
793  registerRequest.setResponseTypes(responseTypes);
794  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
795 
796  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
797  registerClient.setRequest(registerRequest);
798  RegisterResponse registerResponse = registerClient.exec();
799 
800  showClient(registerClient);
801  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
802  assertNotNull(registerResponse.getClientId());
803  assertNotNull(registerResponse.getClientSecret());
804  assertNotNull(registerResponse.getRegistrationAccessToken());
805  assertNotNull(registerResponse.getClientIdIssuedAt());
806  assertNotNull(registerResponse.getClientSecretExpiresAt());
807 
808  String clientId = registerResponse.getClientId();
809  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
810  String registrationClientUri = registerResponse.getRegistrationClientUri();
811 
812  // 2. Client read
813  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
814 
815  RegisterClient readClient = new RegisterClient(registrationClientUri);
816  readClient.setRequest(readClientRequest);
817  RegisterResponse readClientResponse = readClient.exec();
818 
819  showClient(readClient);
820  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
821  assertNotNull(readClientResponse.getClientId());
822  assertNotNull(readClientResponse.getClientSecret());
823  assertNotNull(readClientResponse.getClientIdIssuedAt());
824  assertNotNull(readClientResponse.getClientSecretExpiresAt());
825 
826  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
827  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
828  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
829  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
830  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
831  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
832 
833  // 3. Request authorization
834  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
835  String nonce = UUID.randomUUID().toString();
836  String state = UUID.randomUUID().toString();
837 
838  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
839  authorizationRequest.setState(state);
840 
841  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
842  authorizationEndpoint, authorizationRequest, userId, userSecret);
843 
844  assertNotNull(authorizationResponse.getLocation(), "The location is null");
845  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
846  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
847  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
848  assertNotNull(authorizationResponse.getState(), "The state is null");
849 
850  String accessToken = authorizationResponse.getAccessToken();
851  String idToken = authorizationResponse.getIdToken();
852 
853  // 2. Validate access_token and id_token
854  Jwt jwt = Jwt.parse(idToken);
855  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
856  assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
857  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
858  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
859  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
860  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
861  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
862  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
863  assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
864 
865  RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
866  jwksUri,
867  jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
868  RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
869 
870  assertTrue(rsaSigner.validate(jwt));
871  assertTrue(rsaSigner.validateAccessToken(accessToken, jwt));
872  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.jwt.JwtClaimName.EXPIRATION_TIME
static final String EXPIRATION_TIME
Definition: JwtClaimName.java:21
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.model.jwt.JwtClaimName.AUDIENCE
static final String AUDIENCE
Definition: JwtClaimName.java:42
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.token.JsonWebResponse.getClaims
JwtClaims getClaims()
Definition: JsonWebResponse.java:41
org.xdi.oxauth.model.jwt.JwtClaimName
Definition: JwtClaimName.java:13
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwt.JwtClaimName.AUTHENTICATION_TIME
static final String AUTHENTICATION_TIME
Definition: JwtClaimName.java:99
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.model.jwt.JwtClaimName.SUBJECT_IDENTIFIER
static final String SUBJECT_IDENTIFIER
Definition: JwtClaimName.java:62
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUED_AT
static final String ISSUED_AT
Definition: JwtClaimName.java:27
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.model.jwt.JwtClaimName.ACCESS_TOKEN_HASH
static final String ACCESS_TOKEN_HASH
Definition: JwtClaimName.java:100
org.xdi.oxauth.model.jwt.JwtClaimName.ISSUER
static final String ISSUER
Definition: JwtClaimName.java:33
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkClient.getRSAPublicKey
static RSAPublicKey getRSAPublicKey(String jwkSetUri, String keyId)
Definition: JwkClient.java:94
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationTokenUserBasicAuth()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationTokenUserBasicAuth ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
517  {
518  showTitle("requestAuthorizationTokenUserBasicAuth");
519 
520  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
521 
522  // 1. Register client
523  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
524  StringUtils.spaceSeparatedToList(redirectUris));
525  registerRequest.setResponseTypes(responseTypes);
526  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
527 
528  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
529  registerClient.setRequest(registerRequest);
530  RegisterResponse registerResponse = registerClient.exec();
531 
532  showClient(registerClient);
533  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
534  assertNotNull(registerResponse.getClientId());
535  assertNotNull(registerResponse.getClientSecret());
536  assertNotNull(registerResponse.getRegistrationAccessToken());
537  assertNotNull(registerResponse.getClientIdIssuedAt());
538  assertNotNull(registerResponse.getClientSecretExpiresAt());
539 
540  String clientId = registerResponse.getClientId();
541  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
542  String registrationClientUri = registerResponse.getRegistrationClientUri();
543 
544  // 2. Client read
545  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
546 
547  RegisterClient readClient = new RegisterClient(registrationClientUri);
548  readClient.setRequest(readClientRequest);
549  RegisterResponse readClientResponse = readClient.exec();
550 
551  showClient(readClient);
552  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
553  assertNotNull(readClientResponse.getClientId());
554  assertNotNull(readClientResponse.getClientSecret());
555  assertNotNull(readClientResponse.getClientIdIssuedAt());
556  assertNotNull(readClientResponse.getClientSecretExpiresAt());
557 
558  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
559  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
560  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
561  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
562  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
563  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
564 
565  // 3. Request authorization
566  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
567  String nonce = UUID.randomUUID().toString();
568  String state = UUID.randomUUID().toString();
569 
570  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
571  authorizationRequest.setState(state);
572 
573  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
574  authorizationEndpoint, authorizationRequest, userId, userSecret);
575 
576  assertNotNull(authorizationResponse.getLocation(), "The location is null");
577  assertNotNull(authorizationResponse.getAccessToken(), "The access token is null");
578  assertNotNull(authorizationResponse.getState(), "The state is null");
579  assertNotNull(authorizationResponse.getTokenType(), "The token type is null");
580  assertNotNull(authorizationResponse.getExpiresIn(), "The expires in value is null");
581  assertNotNull(authorizationResponse.getScope(), "The scope must be null");
582  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.AuthorizationResponse.getExpiresIn
Integer getExpiresIn()
Definition: AuthorizationResponse.java:257
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationUILocales()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationUILocales ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
2804  {
2805  showTitle("requestAuthorizationUILocales");
2806 
2807  List<ResponseType> responseTypes = Arrays.asList(
2808  ResponseType.CODE,
2809  ResponseType.TOKEN,
2810  ResponseType.ID_TOKEN);
2811 
2812  // 1. Register client
2813  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2814  StringUtils.spaceSeparatedToList(redirectUris));
2815  registerRequest.setResponseTypes(responseTypes);
2816  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2817 
2818  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2819  registerClient.setRequest(registerRequest);
2820  RegisterResponse registerResponse = registerClient.exec();
2821 
2822  showClient(registerClient);
2823  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2824  assertNotNull(registerResponse.getClientId());
2825  assertNotNull(registerResponse.getClientSecret());
2826  assertNotNull(registerResponse.getRegistrationAccessToken());
2827  assertNotNull(registerResponse.getClientIdIssuedAt());
2828  assertNotNull(registerResponse.getClientSecretExpiresAt());
2829 
2830  String clientId = registerResponse.getClientId();
2831  String clientSecret = registerResponse.getClientSecret();
2832  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
2833  String registrationClientUri = registerResponse.getRegistrationClientUri();
2834 
2835  // 2. Client read
2836  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
2837 
2838  RegisterClient readClient = new RegisterClient(registrationClientUri);
2839  readClient.setRequest(readClientRequest);
2840  RegisterResponse readClientResponse = readClient.exec();
2841 
2842  showClient(readClient);
2843  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
2844  assertNotNull(readClientResponse.getClientId());
2845  assertNotNull(readClientResponse.getClientSecret());
2846  assertNotNull(readClientResponse.getClientIdIssuedAt());
2847  assertNotNull(readClientResponse.getClientSecretExpiresAt());
2848 
2849  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
2850  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
2851  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
2852  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
2853  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
2854  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
2855 
2856  // 3. Request authorization
2857  responseTypes = Arrays.asList(
2858  ResponseType.TOKEN,
2859  ResponseType.ID_TOKEN);
2860 
2861  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2862  String nonce = UUID.randomUUID().toString();
2863  String state = UUID.randomUUID().toString();
2864 
2865  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2866  authorizationRequest.setState(state);
2867  authorizationRequest.setNonce(nonce);
2868  authorizationRequest.setUiLocales(Arrays.asList("es"));
2869 
2870  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
2871  authorizationEndpoint, authorizationRequest, userId, userSecret);
2872 
2873  assertNotNull(authorizationResponse.getLocation(), "The location is null");
2874  assertNotNull(authorizationResponse.getAccessToken(), "The access token is null");
2875  assertNotNull(authorizationResponse.getState(), "The state is null");
2876  assertNotNull(authorizationResponse.getTokenType(), "The token type is null");
2877  assertNotNull(authorizationResponse.getExpiresIn(), "The expires in value is null");
2878  assertNotNull(authorizationResponse.getScope(), "The scope must be null");
2879  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationRequest.setNonce
void setNonce(String nonce)
Definition: AuthorizationRequest.java:245
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.AuthorizationResponse.getExpiresIn
Integer getExpiresIn()
Definition: AuthorizationResponse.java:257
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setUiLocales
void setUiLocales(List< String > uiLocales)
Definition: AuthorizationRequest.java:295
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationWithoutScope()

void org.xdi.oxauth.ws.rs.AuthorizeRestWebServiceHttpTest.requestAuthorizationWithoutScope ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
1546  {
1547  showTitle("requestAuthorizationWithoutScope");
1548 
1549  List<ResponseType> responseTypes = Arrays.asList(
1550  ResponseType.CODE,
1551  ResponseType.ID_TOKEN);
1552 
1553  // 1. Register client
1554  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1555  StringUtils.spaceSeparatedToList(redirectUris));
1556  registerRequest.setResponseTypes(responseTypes);
1557  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1558 
1559  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1560  registerClient.setRequest(registerRequest);
1561  RegisterResponse registerResponse = registerClient.exec();
1562 
1563  showClient(registerClient);
1564  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1565  assertNotNull(registerResponse.getClientId());
1566  assertNotNull(registerResponse.getClientSecret());
1567  assertNotNull(registerResponse.getRegistrationAccessToken());
1568  assertNotNull(registerResponse.getClientIdIssuedAt());
1569  assertNotNull(registerResponse.getClientSecretExpiresAt());
1570 
1571  String clientId = registerResponse.getClientId();
1572  String registrationAccessToken = registerResponse.getRegistrationAccessToken();
1573  String registrationClientUri = registerResponse.getRegistrationClientUri();
1574 
1575  // 2. Client read
1576  RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
1577 
1578  RegisterClient readClient = new RegisterClient(registrationClientUri);
1579  readClient.setRequest(readClientRequest);
1580  RegisterResponse readClientResponse = readClient.exec();
1581 
1582  showClient(readClient);
1583  assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
1584  assertNotNull(readClientResponse.getClientId());
1585  assertNotNull(readClientResponse.getClientSecret());
1586  assertNotNull(readClientResponse.getClientIdIssuedAt());
1587  assertNotNull(readClientResponse.getClientSecretExpiresAt());
1588 
1589  assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
1590  assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
1591  assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
1592  assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
1593  assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
1594  assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
1595 
1596  // 3. Request authorization
1597  List<String> scopes = new ArrayList<String>(); // Empty scopes list
1598  String state = UUID.randomUUID().toString();
1599  String nonce = UUID.randomUUID().toString();
1600 
1601  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1602  authorizationRequest.setState(state);
1603 
1604  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1605  authorizationEndpoint, authorizationRequest, userId, userSecret);
1606 
1607  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1608  assertNotNull(authorizationResponse.getCode(), "The code is null");
1609  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
1610  assertNotNull(authorizationResponse.getState(), "The state is null");
1611  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.RegisterResponse.getRegistrationClientUri
String getRegistrationClientUri()
Definition: RegisterResponse.java:181
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.client.RegisterResponse.getClaims
Map< String, String > getClaims()
Definition: RegisterResponse.java:237
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ setAuthorizationEndpoint()

void org.xdi.oxauth.BaseTest.setAuthorizationEndpoint ( String  authorizationEndpoint)
inlineinherited
138  {
139  this.authorizationEndpoint = authorizationEndpoint;
140  }
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72

◆ setCheckSessionIFrame()

void org.xdi.oxauth.BaseTest.setCheckSessionIFrame ( String  checkSessionIFrame)
inlineinherited
170  {
171  this.checkSessionIFrame = checkSessionIFrame;
172  }
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78

◆ setClientInfoEndpoint()

void org.xdi.oxauth.BaseTest.setClientInfoEndpoint ( String  clientInfoEndpoint)
inlineinherited
162  {
163  this.clientInfoEndpoint = clientInfoEndpoint;
164  }
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77

◆ setConfigurationEndpoint()

void org.xdi.oxauth.BaseTest.setConfigurationEndpoint ( String  configurationEndpoint)
inlineinherited
226  {
227  this.configurationEndpoint = configurationEndpoint;
228  }
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82

◆ setDriver()

void org.xdi.oxauth.BaseTest.setDriver ( WebDriver  driver)
inlineinherited
130  {
131  this.driver = driver;
132  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ setEndSessionEndpoint()

void org.xdi.oxauth.BaseTest.setEndSessionEndpoint ( String  endSessionEndpoint)
inlineinherited
178  {
179  this.endSessionEndpoint = endSessionEndpoint;
180  }
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79

◆ setIdGenEndpoint()

void org.xdi.oxauth.BaseTest.setIdGenEndpoint ( String  p_idGenEndpoint)
inlineinherited
218  {
219  idGenEndpoint = p_idGenEndpoint;
220  }
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83

◆ setIntrospectionEndpoint()

void org.xdi.oxauth.BaseTest.setIntrospectionEndpoint ( String  p_introspectionEndpoint)
inlineinherited
202  {
203  introspectionEndpoint = p_introspectionEndpoint;
204  }
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84

◆ setJwksUri()

void org.xdi.oxauth.BaseTest.setJwksUri ( String  jwksUri)
inlineinherited
186  {
187  this.jwksUri = jwksUri;
188  }
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80

◆ setRegistrationEndpoint()

void org.xdi.oxauth.BaseTest.setRegistrationEndpoint ( String  registrationEndpoint)
inlineinherited
194  {
195  this.registrationEndpoint = registrationEndpoint;
196  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81

◆ setScopeToClaimsMapping()

void org.xdi.oxauth.BaseTest.setScopeToClaimsMapping ( Map< String, List< String >>  p_scopeToClaimsMapping)
inlineinherited
210  {
211  scopeToClaimsMapping = p_scopeToClaimsMapping;
212  }
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85

◆ setTokenEndpoint()

void org.xdi.oxauth.BaseTest.setTokenEndpoint ( String  tokenEndpoint)
inlineinherited
146  {
147  this.tokenEndpoint = tokenEndpoint;
148  }
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75

◆ setUserInfoEndpoint()

void org.xdi.oxauth.BaseTest.setUserInfoEndpoint ( String  userInfoEndpoint)
inlineinherited
154  {
155  this.userInfoEndpoint = userInfoEndpoint;
156  }
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76

◆ showClient() [1/2]

static void org.xdi.oxauth.BaseTest.showClient ( BaseClient  client)
inlinestaticinherited
775  {
776  ClientUtils.showClient(client);
777  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClient
static void showClient(BaseClient client)
Definition: ClientUtils.java:21

◆ showClient() [2/2]

static void org.xdi.oxauth.BaseTest.showClient ( BaseClient  client,
CookieStore  cookieStore 
)
inlinestaticinherited
779  {
780  ClientUtils.showClient(client, cookieStore);
781  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClient
static void showClient(BaseClient client)
Definition: ClientUtils.java:21

◆ showClientUserAgent()

static void org.xdi.oxauth.BaseTest.showClientUserAgent ( BaseClient  client)
inlinestaticinherited
783  {
784  ClientUtils.showClientUserAgent(client);
785  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: ClientUtils.java:35

◆ showEntity()

void org.xdi.oxauth.BaseTest.showEntity ( String  entity)
inlineinherited
769  {
770  if (entity != null) {
771  System.out.println("Entity: " + entity.replace("\\n", "\n"));
772  }
773  }

◆ showResponse() [1/2]

void org.xdi.oxauth.BaseTest.showResponse ( String  title,
Response  response 
)
inlineinherited
30  {
31  showResponse(title, response, null);
32  }
org.xdi.oxauth.BaseTest.showResponse
void showResponse(String title, Response response)
Definition: BaseTest.java:30

◆ showResponse() [2/2]

static void org.xdi.oxauth.BaseTest.showResponse ( String  title,
Response  response,
Object  entity 
)
inlinestaticinherited
34  {
35  System.out.println(" ");
36  System.out.println("RESPONSE FOR: " + title);
37  System.out.println(response.getStatus());
38  for (Entry<String, List<Object>> headers : response.getHeaders().entrySet()) {
39  String headerName = headers.getKey();
40  System.out.println(headerName + ": " + headers.getValue());
41  }
42 
43  if (entity != null) {
44  System.out.println(entity.toString().replace("\\n", "\n"));
45  }
46  System.out.println(" ");
47  System.out.println("Status message: " + response.getStatus());
48  }

◆ showTitle() [1/2]

void org.xdi.oxauth.BaseTest.showTitle ( String  title)
inlineinherited
22  {
23  title = "TEST: " + title;
24 
25  System.out.println("#######################################################");
26  System.out.println(title);
27  System.out.println("#######################################################");
28  }

◆ showTitle() [2/2]

void org.xdi.oxauth.BaseTest.showTitle ( String  title)
inlineinherited
761  {
762  title = "TEST: " + title;
763 
764  System.out.println("#######################################################");
765  System.out.println(title);
766  System.out.println("#######################################################");
767  }

◆ startSelenium()

void org.xdi.oxauth.BaseTest.startSelenium ( )
inlineinherited
230  {
231  //System.setProperty("webdriver.chrome.driver", "/Users/JAVIER/tmp/chromedriver");
232  //driver = new ChromeDriver();
233 
234  //driver = new SafariDriver();
235 
236  //driver = new FirefoxDriver();
237 
238  //driver = new InternetExplorerDriver();
239 
240  driver = new HtmlUnitDriver(true);
241  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ stopSelenium()

void org.xdi.oxauth.BaseTest.stopSelenium ( )
inlineinherited
243  {
244 // driver.close();
245  driver.quit();
246  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ waitForResourceOwnerAndGrantLoginForm() [1/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
boolean  cleanupCookies 
)
inlineinherited

Try to open login form (via the user-agent)

617  {
618  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
619 
620  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
621  authorizeClient.setRequest(authorizationRequest);
622 
623  System.out.println("waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:" + authorizationRequestUrl);
624  startSelenium();
625  if (cleanupCookies) {
626  System.out.println("waitForResourceOwnerAndGrantLoginForm: Cleaning cookies");
627  deleteAllCookies();
628  }
629  driver.navigate().to(authorizationRequestUrl);
630 
631  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
632  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
633  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
634 
635  if ((usernameElement == null) || (passwordElement == null) || (loginButton == null)) {
636  return null;
637  }
638 
639  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
640  String sessionState = null;
641  if (sessionStateCookie != null) {
642  sessionState = sessionStateCookie.getValue();
643  }
644  System.out.println("waitForResourceOwnerAndGrantLoginForm: sessionState:" + sessionState);
645 
646  stopSelenium();
647 
648  showClientUserAgent(authorizeClient);
649 
650  return sessionState;
651  }
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.deleteAllCookies
void deleteAllCookies()
Definition: BaseTest.java:661
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ waitForResourceOwnerAndGrantLoginForm() [2/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited

Try to open login form (via the user-agent)

657  {
658  return waitForResourceOwnerAndGrantLoginForm(authorizeUrl, authorizationRequest, true);
659  }
org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm
String waitForResourceOwnerAndGrantLoginForm(String authorizeUrl, AuthorizationRequest authorizationRequest, boolean cleanupCookies)
Definition: BaseTest.java:616

メンバ詳解

◆ authorizationEndpoint

String org.xdi.oxauth.BaseTest.authorizationEndpoint
protectedinherited

◆ authorizationPageEndpoint

String org.xdi.oxauth.BaseTest.authorizationPageEndpoint
protectedinherited

◆ checkSessionIFrame

String org.xdi.oxauth.BaseTest.checkSessionIFrame
protectedinherited

◆ clientInfoEndpoint

String org.xdi.oxauth.BaseTest.clientInfoEndpoint
protectedinherited

◆ configurationEndpoint

String org.xdi.oxauth.BaseTest.configurationEndpoint
protectedinherited

◆ driver

WebDriver org.xdi.oxauth.BaseTest.driver
protectedinherited

◆ endSessionEndpoint

String org.xdi.oxauth.BaseTest.endSessionEndpoint
protectedinherited

◆ gluuConfigurationEndpoint

String org.xdi.oxauth.BaseTest.gluuConfigurationEndpoint
protectedinherited

◆ idGenEndpoint

String org.xdi.oxauth.BaseTest.idGenEndpoint
protectedinherited

◆ introspectionEndpoint

String org.xdi.oxauth.BaseTest.introspectionEndpoint
protectedinherited

◆ jwksUri

String org.xdi.oxauth.BaseTest.jwksUri
protectedinherited

◆ registrationEndpoint

String org.xdi.oxauth.BaseTest.registrationEndpoint
protectedinherited

◆ scopeToClaimsMapping

Map<String, List<String> > org.xdi.oxauth.BaseTest.scopeToClaimsMapping
protectedinherited

◆ testData

FileConfiguration org.xdi.oxauth.ConfigurableTest.testData
staticinherited

◆ tokenEndpoint

String org.xdi.oxauth.BaseTest.tokenEndpoint
protectedinherited

◆ userInfoEndpoint

String org.xdi.oxauth.BaseTest.userInfoEndpoint
protectedinherited
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時46分31秒作成 - gluu / 構成:   doxygen 1.8.13